OSINT

CVE Alert: CVE-2024-55470

December 21, 2024

Vulnerability Summary: CVE-2024-55470 Oqtane Framework 6.0.0 is vulnerable to Incorrect Access Control. By manipulating the entityid parameter, attackers can bypass...

CVE Alert: CVE-2024-12840

December 21, 2024

Vulnerability Summary: CVE-2024-12840 A server-side request forgery exists in Satellite. When a PUT HTTP request is made to /http_proxies/test_connection, when...

CVE Alert: CVE-2024-12677

December 21, 2024

Vulnerability Summary: CVE-2024-12677 Delta Electronics DTM Soft deserializes objects, which could allow an attacker to execute arbitrary code. Affected Endpoints:...

CVE Alert: CVE-2024-55471

December 21, 2024

Vulnerability Summary: CVE-2024-55471 Oqtane Framework is vulnerable to Insecure Direct Object Reference (IDOR) in Oqtane.Controllers.UserController. This allows unauthorized users to...

CVE Alert: CVE-2024-55341

December 21, 2024

Vulnerability Summary: CVE-2024-55341 A stored cross-site scripting (XSS) vulnerability in Piranha CMS 11.1 allows remote attackers to execute arbitrary JavaScript...

CVE Alert: CVE-2024-55342

December 21, 2024

Vulnerability Summary: CVE-2024-55342 A file upload functionality in Piranha CMS 11.1 allows authenticated remote attackers to upload a crafted PDF...

CVE Alert: CVE-2024-12842

December 21, 2024

Vulnerability Summary: CVE-2024-12842 A vulnerability was found in Emlog Pro up to 2.4.1. It has been declared as problematic. This...

CVE Alert: CVE-2024-12841

December 21, 2024

Vulnerability Summary: CVE-2024-12841 A vulnerability was found in Emlog Pro up to 2.4.1. It has been classified as problematic. This...

CVE Alert: CVE-2024-37758

December 21, 2024

Vulnerability Summary: CVE-2024-37758 Improper access control in the endpoint /RoleMenuMapping/AddRoleMenu of Digiteam v4.21.0.0 allows authenticated attackers to escalate privileges. Affected...

[RANSOMHUB] – Ransomware Victim: www[.]groupe-setcar[.]com[.]tn

December 21, 2024

Ransomware Group: RANSOMHUB VICTIM NAME: wwwgroupe-setcarcomtn NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CVE Alert: CVE-2024-56358

December 21, 2024

Vulnerability Summary: CVE-2024-56358 grist-core is a spreadsheet hosting server. A user visiting a malicious document and previewing an attachment could...

CVE Alert: CVE-2024-56331

December 21, 2024

Vulnerability Summary: CVE-2024-56331 Uptime Kuma is an open source, self-hosted monitoring tool. An **Improper URL Handling Vulnerability** allows an attacker...

CVE Alert: CVE-2024-12843

December 21, 2024

Vulnerability Summary: CVE-2024-12843 A vulnerability was found in Emlog Pro up to 2.4.1. It has been rated as problematic. This...

CVE Alert: CVE-2024-12844

December 21, 2024

Vulnerability Summary: CVE-2024-12844 A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.1. Affected is an...

CVE Alert: CVE-2024-56359

December 21, 2024

Vulnerability Summary: CVE-2024-56359 grist-core is a spreadsheet hosting server. A user visiting a malicious document and clicking on a link...

CVE Alert: CVE-2024-56357

December 21, 2024

Vulnerability Summary: CVE-2024-56357 grist-core is a spreadsheet hosting server. A user visiting a malicious document or submitting a malicious form...

CVE Alert: CVE-2024-56334

December 21, 2024

Vulnerability Summary: CVE-2024-56334 systeminformation is a System and OS information library for node.js. In affected versions SSIDs are not sanitized...

CVE Alert: CVE-2024-12845

December 21, 2024

Vulnerability Summary: CVE-2024-12845 A vulnerability classified as problematic was found in Emlog Pro up to 2.4.1. Affected by this vulnerability...

CVE Alert: CVE-2024-11811

December 21, 2024

Vulnerability Summary: CVE-2024-11811 The Feedify – Web Push Notifications plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the...

CVE Alert: CVE-2024-56335

December 21, 2024

Vulnerability Summary: CVE-2024-56335 vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. In affected versions...

[FLOCKER] – Ransomware Victim: K****S CORP

December 21, 2024

Ransomware Group: FLOCKER VICTIM NAME: K****S CORP NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

French Citizens – 28,445,106 breached accounts

December 21, 2024

HIBP In September 2024, over 90M rows of data on French Citizens was found left exposed in a publicly facing...

CISA: CISA Releases Eight Industrial Control Systems Advisories

December 21, 2024

CISA Releases Eight Industrial Control Systems Advisories CISA released eight Industrial Control Systems (ICS) advisories on December 3, 2024. These...

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

December 21, 2024

CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...

OSINT

CVE Alert: CVE-2024-55470

CVE Alert: CVE-2024-12840

CVE Alert: CVE-2024-12677

CVE Alert: CVE-2024-55471

CVE Alert: CVE-2024-55341

CVE Alert: CVE-2024-55342

CVE Alert: CVE-2024-12842

CVE Alert: CVE-2024-12841

CVE Alert: CVE-2024-37758

[RANSOMHUB] – Ransomware Victim: www[.]groupe-setcar[.]com[.]tn

CVE Alert: CVE-2024-56358

CVE Alert: CVE-2024-56331

CVE Alert: CVE-2024-12843

CVE Alert: CVE-2024-12844

CVE Alert: CVE-2024-56359

CVE Alert: CVE-2024-56357

CVE Alert: CVE-2024-56334

CVE Alert: CVE-2024-12845

CVE Alert: CVE-2024-11811

CVE Alert: CVE-2024-56335

[FLOCKER] – Ransomware Victim: K****S CORP

French Citizens – 28,445,106 breached accounts

CISA: CISA Releases Eight Industrial Control Systems Advisories

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

HackerOne Bug Bounty Disclosure: unauthenticated-path-traversal-and-command-injection-in-trellix-enterprise-security-manager-r-v

CVE Alert: CVE-2024-42168

CVE Alert: CVE-2024-12204

CVE Alert: CVE-2024-42169

CVE Alert: CVE-2024-12627

You may have missed