OSINT

CVE Alert: CVE-2024-55470

December 21, 2024

Vulnerability Summary: CVE-2024-55470 Oqtane Framework 6.0.0 is vulnerable to Incorrect Access Control. By manipulating the entityid parameter, attackers can bypass...

CVE Alert: CVE-2024-12840

December 21, 2024

Vulnerability Summary: CVE-2024-12840 A server-side request forgery exists in Satellite. When a PUT HTTP request is made to /http_proxies/test_connection, when...

CVE Alert: CVE-2024-12677

December 21, 2024

Vulnerability Summary: CVE-2024-12677 Delta Electronics DTM Soft deserializes objects, which could allow an attacker to execute arbitrary code. Affected Endpoints:...

CVE Alert: CVE-2024-55186

December 21, 2024

Vulnerability Summary: CVE-2024-55186 An IDOR (Insecure Direct Object Reference) vulnerability exists in oqtane Framework 6.0.0, allowing a logged-in user to...

CVE Alert: CVE-2024-55471

December 21, 2024

Vulnerability Summary: CVE-2024-55471 Oqtane Framework is vulnerable to Insecure Direct Object Reference (IDOR) in Oqtane.Controllers.UserController. This allows unauthorized users to...

CVE Alert: CVE-2024-55341

December 21, 2024

Vulnerability Summary: CVE-2024-55341 A stored cross-site scripting (XSS) vulnerability in Piranha CMS 11.1 allows remote attackers to execute arbitrary JavaScript...

CVE Alert: CVE-2024-55342

December 21, 2024

Vulnerability Summary: CVE-2024-55342 A file upload functionality in Piranha CMS 11.1 allows authenticated remote attackers to upload a crafted PDF...

CVE Alert: CVE-2024-12842

December 21, 2024

Vulnerability Summary: CVE-2024-12842 A vulnerability was found in Emlog Pro up to 2.4.1. It has been declared as problematic. This...

CVE Alert: CVE-2024-12841

December 21, 2024

Vulnerability Summary: CVE-2024-12841 A vulnerability was found in Emlog Pro up to 2.4.1. It has been classified as problematic. This...

CVE Alert: CVE-2024-37758

December 21, 2024

Vulnerability Summary: CVE-2024-37758 Improper access control in the endpoint /RoleMenuMapping/AddRoleMenu of Digiteam v4.21.0.0 allows authenticated attackers to escalate privileges. Affected...

[RANSOMHUB] – Ransomware Victim: www[.]groupe-setcar[.]com[.]tn

December 21, 2024

Ransomware Group: RANSOMHUB VICTIM NAME: wwwgroupe-setcarcomtn NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CVE Alert: CVE-2024-56358

December 21, 2024

Vulnerability Summary: CVE-2024-56358 grist-core is a spreadsheet hosting server. A user visiting a malicious document and previewing an attachment could...

CVE Alert: CVE-2024-56331

December 21, 2024

Vulnerability Summary: CVE-2024-56331 Uptime Kuma is an open source, self-hosted monitoring tool. An **Improper URL Handling Vulnerability** allows an attacker...

CVE Alert: CVE-2024-12843

December 21, 2024

Vulnerability Summary: CVE-2024-12843 A vulnerability was found in Emlog Pro up to 2.4.1. It has been rated as problematic. This...

CVE Alert: CVE-2024-12844

December 21, 2024

Vulnerability Summary: CVE-2024-12844 A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.1. Affected is an...

CVE Alert: CVE-2024-56359

December 21, 2024

Vulnerability Summary: CVE-2024-56359 grist-core is a spreadsheet hosting server. A user visiting a malicious document and clicking on a link...

CVE Alert: CVE-2024-56334

December 21, 2024

Vulnerability Summary: CVE-2024-56334 systeminformation is a System and OS information library for node.js. In affected versions SSIDs are not sanitized...

CVE Alert: CVE-2024-12845

December 21, 2024

Vulnerability Summary: CVE-2024-12845 A vulnerability classified as problematic was found in Emlog Pro up to 2.4.1. Affected by this vulnerability...

CVE Alert: CVE-2024-11811

December 21, 2024

Vulnerability Summary: CVE-2024-11811 The Feedify – Web Push Notifications plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the...

CVE Alert: CVE-2024-56335

December 21, 2024

Vulnerability Summary: CVE-2024-56335 vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. In affected versions...

CVE Alert: CVE-2024-56357

December 21, 2024

Vulnerability Summary: CVE-2024-56357 grist-core is a spreadsheet hosting server. A user visiting a malicious document or submitting a malicious form...

[FLOCKER] – Ransomware Victim: K****S CORP

December 21, 2024

Ransomware Group: FLOCKER VICTIM NAME: K****S CORP NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

French Citizens – 28,445,106 breached accounts

December 21, 2024

HIBP In September 2024, over 90M rows of data on French Citizens was found left exposed in a publicly facing...

CISA: CISA Releases Eight Industrial Control Systems Advisories

December 21, 2024

CISA Releases Eight Industrial Control Systems Advisories CISA released eight Industrial Control Systems (ICS) advisories on December 3, 2024. These...

OSINT

CVE Alert: CVE-2024-55470

CVE Alert: CVE-2024-12840

CVE Alert: CVE-2024-12677

CVE Alert: CVE-2024-55186

CVE Alert: CVE-2024-55471

CVE Alert: CVE-2024-55341

CVE Alert: CVE-2024-55342

CVE Alert: CVE-2024-12842

CVE Alert: CVE-2024-12841

CVE Alert: CVE-2024-37758

[RANSOMHUB] – Ransomware Victim: www[.]groupe-setcar[.]com[.]tn

CVE Alert: CVE-2024-56358

CVE Alert: CVE-2024-56331

CVE Alert: CVE-2024-12843

CVE Alert: CVE-2024-12844

CVE Alert: CVE-2024-56359

CVE Alert: CVE-2024-56334

CVE Alert: CVE-2024-12845

CVE Alert: CVE-2024-11811

CVE Alert: CVE-2024-56335

CVE Alert: CVE-2024-56357

[FLOCKER] – Ransomware Victim: K****S CORP

French Citizens – 28,445,106 breached accounts

CISA: CISA Releases Eight Industrial Control Systems Advisories

CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA: CISA Releases Nine Industrial Control Systems Advisories

CISA: CISA Partners with ASD’s ACSC, CCCS, NCSC-UK, and Other International and US Organizations to Release Guidance on Edge Devices

CISA: CISA Releases Six Industrial Control Systems Advisories

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

You may have missed