OSINT

CVE Alert: CVE-2024-46997

September 24, 2024

Vulnerability Summary: CVE-2024-46997 DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve...

CVE Alert: CVE-2024-47069

September 24, 2024

Vulnerability Summary: CVE-2024-47069 Oveleon Cookie Bar is a cookie bar is for the Contao Open Source CMS and allows a...

CVE Alert: CVE-2024-0003

September 24, 2024

Vulnerability Summary: CVE-2024-0003 A condition exists in FlashArray Purity whereby a malicious user could use a remote administrative service to...

CVE Alert: CVE-2024-0004

September 24, 2024

Vulnerability Summary: CVE-2024-0004 A condition exists in FlashArray Purity whereby an user with array admin role can execute arbitrary commands...

CVE Alert: CVE-2023-46948

September 24, 2024

Vulnerability Summary: CVE-2023-46948 A reflected Cross-Site Scripting (XSS) vulnerability was found on Temenos T24 Browser R19.40 that enables a remote...

CVE Alert: CVE-2024-9014

September 24, 2024

Vulnerability Summary: CVE-2024-9014 pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows...

[CICADA3301] – Ransomware Victim: Model Engineering

September 24, 2024

Ransomware Group: CICADA3301 VICTIM NAME: Model Engineering NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

Telegram Agrees to Share User Data With Authorities for Criminal Investigations

September 24, 2024

In a major policy reversal, the popular messaging app Telegram has announced it will give users' IP addresses and phone...

CVE Alert: CVE-2024-0002

September 24, 2024

Vulnerability Summary: CVE-2024-0002 A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access...

CVE Alert: CVE-2024-39342

September 24, 2024

Vulnerability Summary: CVE-2024-39342 Entrust Instant Financial Issuance (formerly known as Cardwizard) 6.10.0, 6.9.0, 6.9.1, 6.9.2, and 6.8.x and earlier uses...

CVE Alert: CVE-2024-39843

September 24, 2024

Vulnerability Summary: CVE-2024-39843 A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command...

CVE Alert: CVE-2024-0005

September 24, 2024

Vulnerability Summary: CVE-2024-0005 A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely...

CVE Alert: CVE-2024-0001

September 24, 2024

Vulnerability Summary: CVE-2024-0001 A condition exists in FlashArray Purity whereby a local account intended for initial array configuration remains active...

CVE Alert: CVE-2024-46639

September 24, 2024

Vulnerability Summary: CVE-2024-46639 A cross-site scripting (XSS) vulnerability in HelpDeskZ v2.0.2 allows attackers to execute arbitrary web scripts or HTML...

CVE Alert: CVE-2024-44540

September 24, 2024

Vulnerability Summary: CVE-2024-44540 Ubiquiti AirMax firmware version firmware version 8 allows attackers with physical access to gain a privileged command...

CVE Alert: CVE-2024-43201

September 24, 2024

Vulnerability Summary: CVE-2024-43201 The Planet Fitness Workouts iOS and Android mobile apps prior to version 9.8.12 (released on 2024-07-25) fail...

CVE Alert: CVE-2024-39842

September 24, 2024

Vulnerability Summary: CVE-2024-39842 A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command...

CVE Alert: CVE-2024-37779

September 24, 2024

Vulnerability Summary: CVE-2024-37779 WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the...

GameVN – 1,369,485 breached accounts

September 24, 2024

HIBP In May 2016, the Vietnamese gaming forum GameVN suffered a data breach that was later redistributed as part of...