CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on January 25, 2024. These...
CISA: Juniper Networks Releases Security Bulletin for J-Web in Junos OS SRX Series and EX Series
Juniper Networks Releases Security Bulletin for J-Web in Junos OS SRX Series and EX Series Juniper Networks released a security...
BlackCat/ALPHV Ransomware Victim: Dutton Brock
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
US-CERT Vulnerability Summary for the Week of January 22, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
HackerOne Bug Bounty Disclosure: b-argo-cd-csrf-leads-to-kubernetes-cluster-compromise-b-tint
Company Name: b'Internet Bug Bounty' Company HackerOne URL: https://hackerone.com/ibb Submitted By:b'tint0'Link to Submitters Profile:https://hackerone.com/b'tint0' Report Title:b'Argo CD CSRF leads to...
HackerOne Bug Bounty Disclosure: b-xss-on-terra-indriverapp-com-b-maxdha
Company Name: b'inDrive' Company HackerOne URL: https://hackerone.com/indrive Submitted By:b'maxdha'Link to Submitters Profile:https://hackerone.com/b'maxdha' Report Title:b'XSS on terra-6.indriverapp.com'Report Link:https://hackerone.com/reports/1969696Date Submitted:29 January 2024...
HackerOne Bug Bounty Disclosure: b-html-injection-in-event-description-b-khaledx
Company Name: b'LinkedIn' Company HackerOne URL: https://hackerone.com/linkedin Submitted By:b'khaledx'Link to Submitters Profile:https://hackerone.com/b'khaledx' Report Title:b'Html injection in event Description 'Report Link:https://hackerone.com/reports/2215418Date...
HackerOne Bug Bounty Disclosure: b-pickle-deserialization-vulnerability-in-xcoms-b-zpbrent
Company Name: b'Internet Bug Bounty' Company HackerOne URL: https://hackerone.com/ibb Submitted By:b'zpbrent'Link to Submitters Profile:https://hackerone.com/b'zpbrent' Report Title:b'Pickle deserialization vulnerability in XComs'Report...
CISA: Juniper Networks Releases Security Bulletin for J-Web in Junos OS SRX Series and EX Series
Juniper Networks Releases Security Bulletin for J-Web in Junos OS SRX Series and EX Series Juniper Networks released a security...
Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords
A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2...
Riding the AI Waves: The Rise of Artificial Intelligence to Combat Cyber Threats
In nearly every segment of our lives, AI (artificial intelligence) now makes a significant impact: It can deliver better healthcare...
Albabat, Kasseika, Kuiper: New Ransomware Gangs Rise with Rust and Golang
Cybersecurity researchers have detected in the wild yet another variant of the Phobos ransomware family known as Faust. Fortinet FortiGuard...
493 Companies Share Their SaaS Security Battles – Get Insights in this Webinar
In today's digital world, security risks are more prevalent than ever, especially when it comes to Software as a Service...
Ministry of Agriculture, Forestry and Fisheries Electronic Delivery Check System XML external entity injection | CVE-2024-22380
NAME__________Ministry of Agriculture, Forestry and Fisheries Electronic Delivery Check System XML external entity injectionPlatforms Affected:Japanese Ministry of Agriculture Forestry and...
Flexbyte Software Solar FTP Server denial of service |
NAME__________Flexbyte Software Solar FTP Server denial of servicePlatforms Affected:Flexbyte Software Solar FTP Server 2.1.2Risk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________Flexbyte...
GitLab Community Edition and Enterprise Edition security bypass | CVE-2023-5933
NAME__________GitLab Community Edition and Enterprise Edition security bypassPlatforms Affected:GitLab Enterprise Edition 16.8.0 GitLab Enterprise Edition 16.7.3 GitLab Enterprise Edition 16.6.5...
Juniper Networks Junos OS information disclosure | CVE-2024-21619
NAME__________Juniper Networks Junos OS information disclosurePlatforms Affected:Juniper Networks Junos OS 21.2 Juniper Networks Junos OS 21.3 Juniper Networks Junos OS...
Gabriels FTP Server denial of service |
NAME__________Gabriels FTP Server denial of servicePlatforms Affected:Gabriels FTP Server 1.2Risk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________Gabriels FTP Server is vulnerable...
Open Social module for Drupal information disclosure |
NAME__________Open Social module for Drupal information disclosurePlatforms Affected:Drupal Open Social module for Drupal 12.04Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Open Social module for...
Employee Management System SQL injection |
NAME__________Employee Management System SQL injectionPlatforms Affected:Sourcecodester Employee Management System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Employee Management System is vulnerable to SQL injection....
Ministry of Agriculture, Forestry and Fisheries Electronic Delivery Check System XML external entity injection | CVE-2024-21796
NAME__________Ministry of Agriculture, Forestry and Fisheries Electronic Delivery Check System XML external entity injectionPlatforms Affected:Japanese Ministry of Agriculture Forestry and...
OpenSSL denial of service | CVE-2024-0727
NAME__________OpenSSL denial of servicePlatforms Affected:OpenSSL OpenSSL 1.1.1 OpenSSL OpenSSL 1.0.2 OpenSSL OpenSSL 3.0.0 OpenSSL OpenSSL 3.1.0 OpenSSL OpenSSL 3.2.0Risk Level:3.1Exploitability:UnprovenConsequences:Denial...
Swift Mailer module for Drupal security bypass |
NAME__________Swift Mailer module for Drupal security bypassPlatforms Affected:Drupal Swift Mailer module for DrupalRisk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Swift Mailer module for Drupal...
GitLab Community Edition and Enterprise Edition information disclosure | CVE-2023-5612
NAME__________GitLab Community Edition and Enterprise Edition information disclosurePlatforms Affected:GitLab Enterprise Edition 16.8.0 GitLab Enterprise Edition 16.7.3 GitLab Enterprise Edition 16.6.5...
