U.S. Feds Shut Down China-Linked “KV-Botnet” Targeting SOHO Routers
The U.S. government on Wednesday said it took steps to neutralize a botnet comprising hundreds of U.S.-based small office and...
HeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto Mining
Cybersecurity researchers have detailed an updated version of the malware HeadCrab that's known to target Redis database servers across the...
Why the Right Metrics Matter When it Comes to Vulnerability Management
How's your vulnerability management program doing? Is it effective? A success? Let's be honest, without the right metrics or analytics,...
LockBit 3.0 Ransomware Victim: caravanclub[.]co[.]uk
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
60IndexPage server-side request forgery | CVE-2024-0946
NAME__________60IndexPage server-side request forgeryPlatforms Affected:60IndexPage 60IndexPage 1.8.5 60IndexPage 60IndexPage 1.8.4Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________60IndexPage is vulnerable to server-side request forgery, caused...
REBUILD cross-site scripting | CVE-2024-1020
NAME__________REBUILD cross-site scriptingPlatforms Affected:Rebuild Rebuild 2.8.3Risk Level:3.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________REBUILD is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
REBUILD server-side request forgery | CVE-2024-1021
NAME__________REBUILD server-side request forgeryPlatforms Affected:Rebuild Rebuild 2.8.3Risk Level:6.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________REBUILD is vulnerable to server-side request forgery, caused by a flaw...
Tenda i6 buffer overflow | CVE-2024-0990
NAME__________Tenda i6 buffer overflowPlatforms Affected:Tenda i6 1.0.0.9(3857)Risk Level:7.2Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Tenda i6 is vulnerable to a stack-based buffer overflow,...
OpenText AppBuilder information disclosure | CVE-2023-4550
NAME__________OpenText AppBuilder information disclosurePlatforms Affected:OpenText AppBuilder 21.2 OpenText AppBuilder 23.1Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________OpenText AppBuilder could allow a remote attacker to...
OpenText AppBuilder information disclosure | CVE-2023-4552
NAME__________OpenText AppBuilder information disclosurePlatforms Affected:OpenText AppBuilder 21.2 OpenText AppBuilder 23.1Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________OpenText AppBuilder could allow a remote authenticated attacker...
OpenText AppBuilder command execution | CVE-2023-4551
NAME__________OpenText AppBuilder command executionPlatforms Affected:OpenText AppBuilder 21.2 OpenText AppBuilder 23.1Risk Level:7.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________OpenText AppBuilder could allow a remote authenticated attacker...
OpenText AppBuilder information disclosure | CVE-2023-4554
NAME__________OpenText AppBuilder information disclosurePlatforms Affected:OpenText AppBuilder 21.2 OpenText AppBuilder 23.1Risk Level:4.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________OpenText AppBuilder could allow a remote authenticated attacker...
60IndexPage server-side request forgery | CVE-2024-0945
NAME__________60IndexPage server-side request forgeryPlatforms Affected:60IndexPage 60IndexPage 1.8.5 60IndexPage 60IndexPage 1.8.4Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________60IndexPage is vulnerable to server-side request forgery, caused...
eReserv cross-site scripting | CVE-2024-1026
NAME__________eReserv cross-site scriptingPlatforms Affected:Cogites eReserv 7.7.58Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________eReserv is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
OpenText AppBuilder information disclosure | CVE-2023-4553
NAME__________OpenText AppBuilder information disclosurePlatforms Affected:OpenText AppBuilder 21.2 OpenText AppBuilder 23.1Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________OpenText AppBuilder could allow a remote attacker to...
Tenda i6 buffer overflow | CVE-2024-0991
NAME__________Tenda i6 buffer overflowPlatforms Affected:Tenda i6 1.0.0.9(3857)Risk Level:7.2Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Tenda i6 is vulnerable to a stack-based buffer overflow,...
Simple Student Result Management System cross-site scripting | CVE-2024-1022
NAME__________Simple Student Result Management System cross-site scriptingPlatforms Affected:CodeAstro Simple Student Result Management System 5.6Risk Level:2.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Simple Student Result Management...
aio-libs aiohttp HTTP request smuggling | CVE-2024-23829
NAME__________aio-libs aiohttp HTTP request smugglingPlatforms Affected:aio-libs aiohttp 3.9.1Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________aio-libs aiohttp is vulnerable to HTTP request smuggling, caused by...
Facebook News Feed Like cross-site scripting | CVE-2024-1028
NAME__________Facebook News Feed Like cross-site scriptingPlatforms Affected:Sourcecodester Facebook News Feed Like 1.0Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Facebook News Feed Like is vulnerable...
SUPERAntiSpyware Pro denial of service | CVE-2024-0788
NAME__________SUPERAntiSpyware Pro denial of servicePlatforms Affected:SUPERAntiSpyware SUPERAntiSpyware Pro X 10.0.1260Risk Level:5.8Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________SUPERAntiSpyware Pro is vulnerable to a denial...
Facebook News Feed Like file upload | CVE-2024-1027
NAME__________Facebook News Feed Like file uploadPlatforms Affected:Sourcecodester Facebook News Feed Like 1.0Risk Level:6.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Facebook News Feed Like could allow...
Emerson Rosemount GC370XA, GC700XA, GC1500XA information disclosure | CVE-2023-43609
NAME__________Emerson Rosemount GC370XA, GC700XA, GC1500XA information disclosurePlatforms Affected:Emerson Rosemount GC370XA Emerson Rosemount GC700XA Emerson Rosemount GC1500XARisk Level:6.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Emerson Rosemount...
OpenBI code execution | CVE-2024-1032
NAME__________OpenBI code executionPlatforms Affected:OpenBI OpenBI 1.0.8 OpenBI OpenBI 1.0.7Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________OpenBI could allow a remote attacker to execute arbitrary...
aio-libs aiohttp directory traversal | CVE-2024-23334
NAME__________aio-libs aiohttp directory traversalPlatforms Affected:aio-libs aiohttp 3.9.1Risk Level:5.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________aio-libs aiohttp could allow a remote attacker to traverse directories on...
