CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on December 19, 2023. These...
CISA: Mozilla Releases Security Updates for Firefox and Thunderbird
Mozilla Releases Security Updates for Firefox and Thunderbird Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird....
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on December 21, 2023. These...
CISA: CISA Releases Microsoft 365 Secure Configuration Baselines and SCuBAGear Tool
CISA Releases Microsoft 365 Secure Configuration Baselines and SCuBAGear Tool CISA has published the finalized Microsoft 365 Secure Configuration Baselines,...
CISA: Juniper Releases Security Advisory for Juniper Secure Analytics
Juniper Releases Security Advisory for Juniper Secure Analytics Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
RansomwareSim – A Simulated Ransomware
Overview RansomwareSim is a simulated ransomware application developed for educational and training purposes. It is designed to demonstrate how ransomware...
Malware Using Google MultiLogin Exploit to Maintain Access Despite Password Reset
Information stealing malware are actively taking advantage of an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions and...
Play Ransomware Victim: Madison Capital & WPM & The Time Group
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
5 Ways to Reduce SaaS Security Risks
As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security...
SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof Emails
A new exploitation technique called Simple Mail Transfer Protocol (SMTP) smuggling can be weaponized by threat actors to send spoofed...
mUPnP for C denial of service | CVE-2023-52152
NAME__________mUPnP for C denial of servicePlatforms Affected:mUPnP mUPnP 3.0.2Risk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________mUPnP for C is vulnerable to...
Winter CMS cross-site scripting | CVE-2023-52083
NAME__________Winter CMS cross-site scriptingPlatforms Affected:Winter CMS Winter CMS 1.2.3Risk Level:2.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Winter CMS is vulnerable to cross-site scripting, caused by...
Winter CMS local file include | CVE-2023-52085
NAME__________Winter CMS local file includePlatforms Affected:Winter CMS Winter CMS 1.2.3Risk Level:3.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Winter CMS could allow a remote authenticated attacker...
Winter CMS cross-site scripting | CVE-2023-52084
NAME__________Winter CMS cross-site scriptingPlatforms Affected:Winter CMS Winter CMS 1.2.3Risk Level:2.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Winter CMS is vulnerable to cross-site scripting, caused by...
MOXA OnCell G3150A-LTE Series security bypass | CVE-2023-6093
NAME__________MOXA OnCell G3150A-LTE Series security bypassPlatforms Affected:MOXA OnCell G3150A-LTE Series 1.3Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________MOXA OnCell G3150A-LTE Series could allow a...
Cloudflare Miniflare server-side request forgery | CVE-2023-7078
NAME__________Cloudflare Miniflare server-side request forgeryPlatforms Affected:Cloudflare Miniflare 3.20231030.1Risk Level:6.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Cloudflare Miniflare is vulnerable to server-side request forgery, caused by...
Cloudflare Wrangler information disclosure | CVE-2023-7079
NAME__________Cloudflare Wrangler information disclosurePlatforms Affected:Cloudflare Wrangler 3.18.0Risk Level:5.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Cloudflare Wrangler could allow a remote attacker to obtain sensitive information,...
novel-plus cross-site scripting | CVE-2023-7166
NAME__________novel-plus cross-site scriptingPlatforms Affected:Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________novel-plus is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...
novel-plus cross-site scripting | CVE-2023-7171
NAME__________novel-plus cross-site scriptingPlatforms Affected:Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________novel-plus is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...
Chinese Perpetual Calendar information disclosure | CVE-2023-51006
NAME__________Chinese Perpetual Calendar information disclosurePlatforms Affected:Chinese Perpetual Calendar Chinese Perpetual Calendar 9.0.0Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Chinese Perpetual Calendar could allow a...
tj-actions verify-changed-files command execution | CVE-2023-52137
NAME__________tj-actions verify-changed-files command executionPlatforms Affected:tj-actions verify-changed-files 16.1.1Risk Level:7.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________tj-actions verify-changed-files could allow a remote authenticated attacker to execute arbitrary...
ffcss security bypass | CVE-2023-52081
NAME__________ffcss security bypassPlatforms Affected:ffcss ffcss 0.1.2Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________ffcss could allow a remote attacker to bypass security restrictions, caused by...
