CISA: Cisco Releases Security Updates for IOS XR Software
Cisco Releases Security Updates for IOS XR Software Cisco released security updates to address vulnerabilities in Cisco IOS XR software....
CISA: CISA Releases Fifteen Industrial Control Systems Advisories
CISA Releases Fifteen Industrial Control Systems Advisories CISA released fifteen Industrial Control Systems (ICS) advisories on March 14, 2024. These...
HackerOne Bug Bounty Disclosure: github-app-link-takeover-listed-on-hxxps-docs-doppler-com-docs-github-actions-page-w-shi
Company Name: Doppler Company HackerOne URL: https://hackerone.com/doppler Submitted By:w3shiLink to Submitters Profile:https://hackerone.com/w3shi Report Title:Github app(link) Takeover Listed on "hXXps://docsdopplercom/docs/github-actions" pageReport...
Sliver C2 Detected – 162[.]120[.]71[.]48:31337
The Information provided at the time of posting was detected as "Sliver C2". Depending on when you are viewing this...
Critical Vulnerability in QNAP Products
QNAP has released security updates to address a critical vulnerability (CVE-2024-21899) affecting their QTS, QuTS hero, QuTScloud, and myQNAPcloud products....
Palo Alto Networks GlobalProtect app on Windows privilege escalation | CVE-2024-2432
NAME__________Palo Alto Networks GlobalProtect app on Windows privilege escalationPlatforms Affected:Palo Alto Networks GlobalProtect App on Windows 6.2 Palo Alto Networks...
Siemens SENTRON 7KM PAC3x20 information disclosure | CVE-2024-21483
NAME__________Siemens SENTRON 7KM PAC3x20 information disclosurePlatforms Affected:Siemens SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0) 3.2.3 Siemens SENTRON 7KM PAC3120 DC (7KM3120-1BA01-1EA0) 3.2.3...
YourSpotify clickjacking | CVE-2024-28196
NAME__________YourSpotify clickjackingPlatforms Affected:YourSpotify YourSpotify 1.8.9 YourSpotify YourSpotify 1.8.8Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________YourSpotify could allow a remote attacker to hijack the clicking...
IBM Integration Bus for z/OS cross-site request forgery | CVE-2024-27265
NAME__________IBM Integration Bus for z/OS cross-site request forgeryPlatforms Affected:IBM Integration Bus for z/OS 10.1 IBM Integration Bus for z/OS 10.1.0.3Risk...
Gacjie Server file upload | CVE-2024-2406
NAME__________Gacjie Server file uploadPlatforms Affected:Gacjie Server Gacjie Server 1.0 Gacjie Server Gacjie Server 0.9Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Gacjie Server could allow...
YourSpotify information disclosure | CVE-2024-28193
NAME__________YourSpotify information disclosurePlatforms Affected:YourSpotify YourSpotify 1.7.9 YourSpotify YourSpotify 1.7.8Risk Level:6.5Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________YourSpotify could allow a remote authenticated attacker...
YourSpotify security bypass | CVE-2024-28192
NAME__________YourSpotify security bypassPlatforms Affected:YourSpotify YourSpotify 1.7.9 YourSpotify YourSpotify 1.7.8Risk Level:5.3Exploitability:Proof of ConceptConsequences:Bypass Security DESCRIPTION__________YourSpotify could allow a remote attacker to...
Palo Alto Networks GlobalProtect app denial of service | CVE-2024-2431
NAME__________Palo Alto Networks GlobalProtect app denial of servicePlatforms Affected:Palo Alto Networks GlobalProtect App 6.2 Palo Alto Networks GlobalProtect App 6.1...
Palo Alto Networks Panorama software denial of service | CVE-2024-2433
NAME__________Palo Alto Networks Panorama software denial of servicePlatforms Affected:Palo Alto Networks Cloud NGFW Palo Alto Networks Prisma Access Palo Alto...
IBM i privilege escalation | CVE-2024-22346
NAME__________IBM i privilege escalationPlatforms Affected:IBM i 7.2 IBM i 7.3 IBM i 7.4 IBM i 7.5Risk Level:8.4Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Db2 for...
Delinea PAM Secret Server security bypass | CVE-2024-25653
NAME__________Delinea PAM Secret Server security bypassPlatforms Affected:Delinea PAM Secret Server 11.4Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Delinea PAM Secret Server could allow a...
Siemens SENTRON denial of service | CVE-2024-22044
NAME__________Siemens SENTRON denial of servicePlatforms Affected:Siemens SENTRON 3KC ATC6 Expansion Module Ethernet (3KC9000-8TL75)Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Siemens SENTRON is vulnerable...
Siemens SINEMA Remote Connect Client information disclosure | CVE-2024-22045
NAME__________Siemens SINEMA Remote Connect Client information disclosurePlatforms Affected:Siemens SINEMA Remote Connect ClientRisk Level:7.6Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Siemens SINEMA Remote Connect Client could...
Delinea PAM Secret Server information disclosure | CVE-2024-25649
NAME__________Delinea PAM Secret Server information disclosurePlatforms Affected:Delinea PAM Secret Server 11.4Risk Level:6.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Delinea PAM Secret Server could allow a...
Siemens SINEMA Remote Connect Server cross-site scripting | CVE-2020-23064
NAME__________Siemens SINEMA Remote Connect Server cross-site scriptingPlatforms Affected:Siemens SINEMA Remote Connect Server 3.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Siemens SINEMA Remote Connect Server...
Delinea PAM Secret Server security bypass | CVE-2024-25652
NAME__________Delinea PAM Secret Server security bypassPlatforms Affected:Delinea PAM Secret Server 11.4Risk Level:7.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Delinea PAM Secret Server could allow a...
Delinea PAM Secret Server information disclosure | CVE-2024-25651
NAME__________Delinea PAM Secret Server information disclosurePlatforms Affected:Delinea PAM Secret Server 11.4Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Delinea PAM Secret Server could allow a...
Delinea PAM Secret Server information disclosure | CVE-2024-25650
NAME__________Delinea PAM Secret Server information disclosurePlatforms Affected:Delinea PAM Secret Server 11.4 Delinea Distributed Engine 8.4.3Risk Level:5.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Delinea PAM Secret...
Siemens Sinteso EN Cerberus PRO EN Fire Protection Systems denial of service | CVE-2024-22040
NAME__________Siemens Sinteso EN Cerberus PRO EN Fire Protection Systems denial of servicePlatforms Affected:Siemens Cerberus PRO EN Engineering Tool Siemens Cerberus...
