IBM Storage Protect Plus Server improper access control | CVE-2023-47715
NAME__________IBM Storage Protect Plus Server improper access controlPlatforms Affected:IBM Storage Protect Plus Server 10.1.0 IBM Storage Protect Plus Server 10.1.16Risk...
Apache Commons Configuration code execution | CVE-2024-29131
NAME__________Apache Commons Configuration code executionPlatforms Affected:Apache Software Foundation Apache Commons Configuration 2.0Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Commons Configuration could allow a...
OneBlog cross-site scripting | CVE-2024-29473
NAME__________OneBlog cross-site scriptingPlatforms Affected:OneBlog OneBlog 2.3.4Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________OneBlog is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
IBM Storage Protect Plus Server information disclosure | CVE-2024-27277
NAME__________IBM Storage Protect Plus Server information disclosurePlatforms Affected:IBM Storage Protect Plus Server 10.1.0 IBM Storage Protect Plus Server 10.1.16Risk Level:6.2Exploitability:UnprovenConsequences:Obtain...
OneBlog cross-site scripting | CVE-2024-29474
NAME__________OneBlog cross-site scriptingPlatforms Affected:OneBlog OneBlog 2.3.4Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________OneBlog is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Tenda AC10U buffer overflow | CVE-2024-2711
NAME__________Tenda AC10U buffer overflowPlatforms Affected:Tenda AC10U 15.03.06.48Risk Level:7.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Tenda AC10U is vulnerable to a stack-based buffer overflow,...
Progress Telerik code execution | CVE-2024-1801
NAME__________Progress Telerik code executionPlatforms Affected:Progress Telerik Reporting 2024 Q1Risk Level:7.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Progress Telerik Reporting could allow a remote authenticated attacker...
Campcodes Online Beauty Parlor Management System SQL injection | CVE-2024-2667
NAME__________Campcodes Online Beauty Parlor Management System SQL injectionPlatforms Affected:Campcodes Complete Online Beauty Parlor Management System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Campcodes Online...
Tenda AC10U buffer overflow | CVE-2024-2764
NAME__________Tenda AC10U buffer overflowPlatforms Affected:Tenda AC10U 15.03.06.48Risk Level:7.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Tenda AC10U is vulnerable to a stack-based buffer overflow,...
Tenda AC10U buffer overflow | CVE-2024-2710
NAME__________Tenda AC10U buffer overflowPlatforms Affected:Tenda AC10U 15.03.06.48Risk Level:7.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Tenda AC10U is vulnerable to a stack-based buffer overflow,...
Advantech WebAccess/SCADA SQL injection | CVE-2024-2453
NAME__________Advantech WebAccess/SCADA SQL injectionPlatforms Affected:Advantech WebAccess/SCADA 9.1.5URisk Level:6.4Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Advantech WebAccess/SCADA is vulnerable to SQL injection. A remote authenticated attacker...
SolarEdge mySolarEdge man-in-the-middle | CVE-2024-28756
NAME__________SolarEdge mySolarEdge man-in-the-middlePlatforms Affected:SolarEdge MySolarEdge android app 2.20Risk Level:5.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________SolarEdge mySolarEdge is vulnerable to a man-in-the-middle attack, caused by...
ChirpStack chirpstack-mqtt-forwarder and chirpstack-gateway-bridge weak security | CVE-2024-29862
NAME__________ChirpStack chirpstack-mqtt-forwarder and chirpstack-gateway-bridge weak securityPlatforms Affected:ChirpStack chirpstack-mqtt-forwarder 4.2.0 ChirpStack chirpstack-gateway-bridge 4.0.10Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________ChirpStack chirpstack-mqtt-forwarder and chirpstack-gateway-bridge could provide...
Apache Doris security bypass | CVE-2024-26307
NAME__________Apache Doris security bypassPlatforms Affected:Apache Software Foundation Apache Doris 1.2.0Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Apache Doris could allow a remote attacker to...
Campcodes Online Beauty Parlor Management System SQL injection | CVE-2024-2666
NAME__________Campcodes Online Beauty Parlor Management System SQL injectionPlatforms Affected:Campcodes Complete Online Beauty Parlor Management System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Campcodes Online...
Apache Doris command execution | CVE-2024-27438
NAME__________Apache Doris command executionPlatforms Affected:Apache Software Foundation Apache Doris 1.2.0Risk Level:6.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Doris could allow a remote authenticated attacker...
Active Exploitation of Critical Vulnerability in JetBrains TeamCity On-Premises
JetBrains has released updates addressing a critical vulnerability (CVE-2024-27198) affecting JetBrains TeamCity On-Premises. The vulnerability is reportedly being actively exploited and...
BianLian Ransomware Victim: Mayer Antonellis Jachowicz & Haranas, LLP
BianLian Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Ivanti Fixes Critical Standalone Sentry Bug Reported By Nato
Ivanti warned customers to immediately patch a critical severity Standalone Sentry vulnerability reported by NATO Cyber Security Centre researchers. Standalone...
Flipper Zero Makers Respond To Canadas Harmful Ban Proposal
The makers of Flipper Zero have responded to the Canadian government's plan to ban the device in the country, arguing...
Spa Grand Prix Email Account Hacked To Phish Banking Info From Fans
Hackers hijacked the official contact email for the Belgian Grand Prix event and used it to lure fans to a...
New Loop Dos Attack May Impact Up To 300 000 Online Systems
A new denial-of-service attack dubbed 'Loop DoS' targeting application layer protocols can pair network services into an indefinite communication loop that creates large...
Githubs New Ai Powered Tool Auto Fixes Vulnerabilities In Your Code
GitHub introduced a new AI-powered feature capable of speeding up vulnerability fixes while coding. This feature is in public beta...
Exploit Released For Fortinet Rce Bug Used In Attacks Patch Now
Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software,...
