CVE Alert: CVE-2024-38827
Vulnerability Summary: CVE-2024-38827 The usage of String.toLowerCase() and String.toUpperCase() has some Locale dependent exceptions that could potentially result in authorization...
threatintel
CVE Alert: CVE-2024-46905
Vulnerability Summary: CVE-2024-46905 In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated lower-privileged user (at...
CVE Alert: CVE-2024-46907
Vulnerability Summary: CVE-2024-46907 In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at...
CVE Alert: CVE-2024-53981
Vulnerability Summary: CVE-2024-53981 python-multipart is a streaming multipart parser for Python. When parsing form data, python-multipart skips line breaks (CR...
CVE Alert: CVE-2024-53984
Vulnerability Summary: CVE-2024-53984 Nanopb is a small code-size Protocol Buffers implementation. When the compile time option PB_ENABLE_MALLOC is enabled, the...
CVE Alert: CVE-2024-53459
Vulnerability Summary: CVE-2024-53459 Sysax Multi Server 6.99 is vulnerable to Cross Site Scripting (XSS) via the /scgi?sid parameter. Affected Endpoints:...
CVE Alert: CVE-2024-53364
Vulnerability Summary: CVE-2024-53364 A SQL injection vulnerability was found in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/view-detail.php. This vulnerability...
CVE Alert: CVE-2024-46909
Vulnerability Summary: CVE-2024-46909 In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute...
[LYNX] – Ransomware Victim: New Age Micro
Ransomware Group: LYNX VICTIM NAME: New Age Micro NOTE: No files or stolen information are by RedPacket Security. Any legal...
CVE Alert: CVE-2024-53566
Vulnerability Summary: CVE-2024-53566 An issue in the action_listcategories() function of Sangoma Asterisk v22/22.0.0/22.0.0-rc1/22.0.0-rc2/22.0.0-pre1 allows attackers to execute a path traversal....
CVE Alert: CVE-2024-52806
Vulnerability Summary: CVE-2024-52806 SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. When loading an (untrusted) XML document,...
CVE Alert: CVE-2024-5890
Vulnerability Summary: CVE-2024-5890 ServiceNow has addressed an HTML injection vulnerability that was identified in the Now Platform. This vulnerability could...
CVE Alert: CVE-2024-53259
Vulnerability Summary: CVE-2024-53259 quic-go is an implementation of the QUIC protocol in Go. An off-path attacker can inject an ICMP...
CVE Alert: CVE-2024-53617
Vulnerability Summary: CVE-2024-53617 A Cross Site Scripting vulnerability in LibrePhotos before commit 32237 allows attackers to takeover any account via...
CVE Alert: CVE-2024-39890
Vulnerability Summary: CVE-2024-39890 An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990,...
CVE Alert: CVE-2024-39343
Vulnerability Summary: CVE-2024-39343 An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 2100, 1280, 2200, 1330, 1380,...
CVE Alert: CVE-2024-49581
Vulnerability Summary: CVE-2024-49581 Restricted Views backed objects (OSV1) could be bypassed under specific circumstances due to a software bug, this...
CVE Alert: CVE-2018-9381
Vulnerability Summary: CVE-2018-9381 In gatts_process_read_by_type_req of gatt_sr.c, there is a possible information disclosure due to uninitialized data. This could lead...
CVE Alert: CVE-2018-9380
Vulnerability Summary: CVE-2018-9380 In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds write due to improper input validation....
[DARKVAULT] – Ransomware Victim: salesgig[.]com
Ransomware Group: DARKVAULT VICTIM NAME: salesgigcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[QILIN] – Ransomware Victim: Billaud Segeba
Ransomware Group: QILIN VICTIM NAME: Billaud Segeba NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA Adds Four Known Exploited Vulnerabilities to Catalog CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: Foreign Threat Actor Conducting Large-Scale Spearphishing Campaign with RDP Attachments
Foreign Threat Actor Conducting Large-Scale Spearphishing Campaign with RDP Attachments CISA has received multiple reports of a large-scale spearphishing campaign...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
