RedPacket Security - InfoSec News & Tutorials

IBM Integration Bus for z/OS denial of service | CVE-2024-22332

February 9, 2024

NAME__________IBM Integration Bus for z/OS denial of servicePlatforms Affected:IBM Integration Bus for z/OS 10.1 IBM Integration Bus for z/OS 10.1.0.2Risk...

JetBrains Toolbox App denial of service | CVE-2024-24943

February 9, 2024

NAME__________JetBrains Toolbox App denial of servicePlatforms Affected:JetBrains Toolbox App 2.2Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________JetBrains Toolbox App is vulnerable to a...

JetBrains TeamCity weak security | CVE-2024-24936

February 9, 2024

NAME__________JetBrains TeamCity weak securityPlatforms Affected:Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________JetBrains TeamCity could provide weaker than expected security, caused by a lack of...

JetBrains Rider information disclosure | CVE-2024-24939

February 9, 2024

NAME__________JetBrains Rider information disclosurePlatforms Affected:JetBrains Rider 2023.3.2Risk Level:3.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________JetBrains Rider could allow a local authenticated attacker to obtain sensitive...

JetBrains TeamCity directory traversal | CVE-2024-24938

February 9, 2024

NAME__________JetBrains TeamCity directory traversalPlatforms Affected:JetBrains TeamCity 2023.11.1Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________JetBrains TeamCity could allow a remote attacker to traverse directories on...

GitLab denial of service | CVE-2024-1066

February 9, 2024

NAME__________GitLab denial of servicePlatforms Affected:GitLab GitLab 16.8.1 Community Edition GitLab GitLab 16.8.1 Enterprise Edition GitLab GitLab 16.7.4 Enterprise Edition GitLab...

Qolsys IQ Panel 4 and Qolsys IQ4 Hub information disclosure | CVE-2024-0242

February 9, 2024

NAME__________Qolsys IQ Panel 4 and Qolsys IQ4 Hub information disclosurePlatforms Affected:Qolsys IQ Panel 4 4.4.1 Qolsys IQ4 Hub 4.4.1Risk Level:7.3Exploitability:UnprovenConsequences:Obtain...

IBM Sterling B2B Integrator denial of service | CVE-2023-32341

February 9, 2024

NAME__________IBM Sterling B2B Integrator denial of servicePlatforms Affected:IBM Sterling B2B Integrator 6.0.0.0 IBM Sterling B2B Integrator 6.1.0.0 IBM Sterling B2B...

Apache bRPC HTTP request smuggling | CVE-2024-23452

February 9, 2024

NAME__________Apache bRPC HTTP request smugglingPlatforms Affected:Apache bRPC 1.0.0 Apache bRPC 1.1.0 Apache bRPC 1.2.0 Apache bRPC 1.3.0 Apache bRPC 1.4.0...

GitLab security bypass | CVE-2024-6840

February 9, 2024

NAME__________GitLab security bypassPlatforms Affected:GitLab GitLab 16.8.1 Community Edition GitLab GitLab 16.8.1 Enterprise Edition GitLab GitLab 16.7.4 Enterprise Edition GitLab GitLab...

IBM Engineering Lifecycle Optimization – Publishing session fixation | CVE-2023-45187

February 9, 2024

NAME__________IBM Engineering Lifecycle Optimization - Publishing session fixationPlatforms Affected:IBM Engineering Lifecycle Optimization Publishing 7.0.2 IBM Engineering Lifecycle Optimization Publishing 7.0.3Risk...

GitLab privilege escalation | CVE-2024-1250

February 9, 2024

NAME__________GitLab privilege escalationPlatforms Affected:GitLab GitLab 16.8.1 Community Edition GitLab GitLab 16.8.1 Enterprise Edition GitLab GitLab 16.7.4 Enterprise Edition GitLab GitLab...

GitLab denial of service | CVE-2024-6386

February 9, 2024

NAME__________GitLab denial of servicePlatforms Affected:GitLab GitLab 16.8.1 Community Edition GitLab GitLab 16.8.1 Enterprise Edition GitLab GitLab 16.7.4 Enterprise Edition GitLab...

IBM Engineering Lifecycle Optimization HTTP header injection | CVE-2023-45190

February 9, 2024

NAME__________IBM Engineering Lifecycle Optimization HTTP header injectionPlatforms Affected:IBM Engineering Lifecycle Optimization Publishing 7.0.2 IBM Engineering Lifecycle Optimization Publishing 7.0.3Risk Level:5.1Exploitability:UnprovenConsequences:Gain...

Dell EMC AppSync information disclosure | CVE-2024-22464

February 9, 2024

NAME__________Dell EMC AppSync information disclosurePlatforms Affected:Dell EMC AppSync 4.2.0.0 Dell EMC AppSync 4.6.0.1Risk Level:6.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Dell EMC AppSync could allow...

Wazuh in the Cloud Era: Navigating the Challenges of Cybersecurity

February 9, 2024

Cloud computing has innovated how organizations operate and manage IT operations, such as data storage, application deployment, networking, and overall...

Stealthy Zardoor Backdoor Targets Saudi Islamic Charity Organizations

February 9, 2024

An unnamed Islamic non-profit organization in Saudi Arabia has been targeted as part of a stealthy cyber espionage campaign designed...

Fortinet Warns of Critical FortiOS SSL VPN Flaw Likely Under Active Exploitation

February 9, 2024

Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in...

CACTUS Ransomware Victim: https://www[.]parksite[.]com/

February 9, 2024

NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...

BianLian Ransomware Victim: Northeast Spine and Sports Medicine’s

February 9, 2024

BianLian Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

Authentication Bypass Vulnerability in Ivanti Products

February 9, 2024

Ivanti has released security updates to address a vulnerability (CVE-2024-22024) affecting Connect Secure, Policy Secure, and ZTA gateways. Successful exploitation...

Active Exploitation of Critical Vulnerability in FortiOS

February 9, 2024

Fortinet has released updates addressing a critical vulnerability (CVE-2024-21762) in FortiOS. The vulnerability has a Common Vulnerability Scoring System (CVSS)...

Fake Lastpass Password Manager Spotted On Apples App Store

February 9, 2024

LastPass is warning that a fake copy of its app is being distributed on the Apple App Store, likely used...

Data Breaches At Viamedis And Almerys Impact 33 Million In France

February 9, 2024

Data breaches at two French healthcare payment service providers, Viamedis and Almerys, have now been determined to impact over 33...

Main Story

Security Awareness Training that Works for Changing Employee Behavior

Editor’s Picks

Trending Story

Featured Story

You may have missed