Vulnerabilities

RaspAP information disclosure | CVE-2024-28753

March 11, 2024

NAME__________RaspAP information disclosurePlatforms Affected:RaspAP RaspAP 3.0.9Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________RaspAP could allow a remote attacker to obtain sensitive information. By sending...

Wasmi weak security | CVE-2024-28123

March 11, 2024

NAME__________Wasmi weak securityPlatforms Affected:wasmi wasmi 0.31.0 wasmi wasmi 0.15.0Risk Level:9.8Exploitability:Consequences:Gain Access DESCRIPTION__________Wasmi could provide weaker than expected security, caused by...

nGrinder information disclosure | CVE-2024-28216

March 11, 2024

NAME__________nGrinder information disclosurePlatforms Affected:NAVER nGrinder 3.5.8Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________nGrinder could allow a remote attacker to obtain sensitive information, caused by...

Numbas weak security | CVE-2024-27612

March 11, 2024

NAME__________Numbas weak securityPlatforms Affected:Numbas Numbas 7.2Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Numbas could provide weaker than expected security, caused by the mishandling of...

Categorify plugin for WordPress security bypass | CVE-2024-1652

March 4, 2024

NAME__________Categorify plugin for WordPress security bypassPlatforms Affected:WordPress WordPress WordPress Categorify plugin for WordPress 1.0.7.4Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Categorify plugin for WordPress...

Categorify plugin for WordPress security bypass | CVE-2024-1653

March 4, 2024

Categorify plugin for WordPress cross-side request forgery | CVE-2024-1910

March 4, 2024

NAME__________Categorify plugin for WordPress cross-side request forgeryPlatforms Affected:WordPress WordPress WordPress Categorify plugin for WordPress 1.0.7.4Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Categorify plugin for...

Categorify plugin for WordPress cross-side request forgery | CVE-2024-1909

March 4, 2024

Categorify plugin for WordPress security bypass | CVE-2024-1649

March 4, 2024

Categorify plugin for WordPress cross-side request forgery | CVE-2024-1906

March 4, 2024

Categorify plugin for WordPress security bypass | CVE-2024-1650

March 4, 2024

Webasyst cross-site scripting | CVE-2024-27517

March 4, 2024

NAME__________Webasyst cross-site scriptingPlatforms Affected:Webasyst Webasyst 2.9.9Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Webasyst is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

FRRouting denial of service | CVE-2024-27913

March 4, 2024

NAME__________FRRouting denial of servicePlatforms Affected:FRRouting FRRouting 9.1Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________FRRouting is vulnerable to a denial of service, caused by...

Categorify plugin for WordPress cross-side request forgery | CVE-2024-1912

March 4, 2024

Categorify plugin for WordPress cross-side request forgery | CVE-2024-1907

March 4, 2024

Atheme denial of service | CVE-2024-27508

March 4, 2024

NAME__________Atheme denial of servicePlatforms Affected:Atheme Atheme 7.2.12Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Atheme is vulnerable to a denial of service, caused by...

libLAS denial of service | CVE-2024-27507

March 4, 2024

NAME__________libLAS denial of servicePlatforms Affected:libLAS libLAS 1.8.1Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________libLAS is vulnerable to a denial of service, caused by...

IBM MQ Container information disclosure | CVE-2024-27255

March 4, 2024

NAME__________IBM MQ Container information disclosurePlatforms Affected:IBM MQ Operator 2.3.0 IBM MQ Operator 2.3.3 IBM MQ Operator 2.0.0 IBM MQ Operator...

IBM Engineering Test Management cross-site scripting | CVE-2023-43054

March 4, 2024

NAME__________IBM Engineering Test Management cross-site scriptingPlatforms Affected:IBM Engineering Test Management 7.0.2 IBM Engineering Test Management 7.0.3Risk Level:6.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________IBM Engineering...

YARD cross-site scripting | CVE-2024-27285

March 4, 2024

NAME__________YARD cross-site scriptingPlatforms Affected:lsegal yard 0.9.35Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________YARD is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

IBM QRadar Suite information dislosure | CVE-2023-47742

March 4, 2024

NAME__________IBM QRadar Suite information dislosurePlatforms Affected:IBM Cloud Pak for Security 1.10.0.0 IBM Cloud Pak for Security 1.10.11.0 IBM QRadar Suite...

Osclass index.php SQL injection | CVE-2024-27515

March 4, 2024

NAME__________Osclass index.php SQL injectionPlatforms Affected:Osclass Osclass 5.1.2Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Osclass is vulnerable to SQL injection. A remote attacker could send...

dp-golang security bypass | CVE-2024-27294

March 4, 2024

NAME__________dp-golang security bypassPlatforms Affected:dp-golang dp-golang 1.2.6Risk Level:7.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________dp-golang could allow a local authenticated attacker to bypass security restrictions, caused...

Sirv plugin for WordPress security bypass | CVE-2024-27950

March 4, 2024

NAME__________Sirv plugin for WordPress security bypassPlatforms Affected:WordPress WordPress WordPress Sirv Plugin for WordPress 7.2.0Risk Level:5.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Sirv plugin for WordPress...

Vulnerabilities

RaspAP information disclosure | CVE-2024-28753

Wasmi weak security | CVE-2024-28123

nGrinder information disclosure | CVE-2024-28216

Numbas weak security | CVE-2024-27612

Categorify plugin for WordPress security bypass | CVE-2024-1652

Categorify plugin for WordPress security bypass | CVE-2024-1653

Categorify plugin for WordPress cross-side request forgery | CVE-2024-1910

Categorify plugin for WordPress cross-side request forgery | CVE-2024-1909

Categorify plugin for WordPress security bypass | CVE-2024-1649

Categorify plugin for WordPress cross-side request forgery | CVE-2024-1906

Categorify plugin for WordPress security bypass | CVE-2024-1650

Webasyst cross-site scripting | CVE-2024-27517

FRRouting denial of service | CVE-2024-27913

Categorify plugin for WordPress cross-side request forgery | CVE-2024-1912

Categorify plugin for WordPress cross-side request forgery | CVE-2024-1907

Atheme denial of service | CVE-2024-27508

libLAS denial of service | CVE-2024-27507

IBM MQ Container information disclosure | CVE-2024-27255

IBM Engineering Test Management cross-site scripting | CVE-2023-43054

YARD cross-site scripting | CVE-2024-27285

IBM QRadar Suite information dislosure | CVE-2023-47742

Osclass index.php SQL injection | CVE-2024-27515

dp-golang security bypass | CVE-2024-27294

Sirv plugin for WordPress security bypass | CVE-2024-27950

Cobalt Strike Beacon Detected – 121[.]41[.]167[.]80:80

Cobalt Strike Beacon Detected – 38[.]190[.]224[.]63:80

Cobalt Strike Beacon Detected – 152[.]32[.]251[.]78:80

Cobalt Strike Beacon Detected – 156[.]233[.]233[.]134:80

Cobalt Strike Beacon Detected – 124[.]220[.]164[.]98:80

You may have missed