Qualcomm Releases Patch for 3 new Zero-Days Under Active Exploitation
Chipmaker Qualcomm has released security updates to address 17 vulnerabilities in various components, while warning that three other zero-days have...
Over 3 Dozen Data-Stealing Malicious npm Packages Found Targeting Developers
Nearly three dozen counterfeit packages have been discovered in the npm package repository that are designed to exfiltrate sensitive data...
CISA: NSA, FBI, CISA, and Japanese Partners Release Advisory on PRC-Linked Cyber Actors
NSA, FBI, CISA, and Japanese Partners Release Advisory on PRC-Linked Cyber Actors Today, the U.S. National Security Agency (NSA), Federal...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A remote...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on September 26, 2023. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Mozilla Releases Security Advisories for Thunderbird and Firefox
Mozilla Releases Security Advisories for Thunderbird and Firefox Mozilla has released security updates to address vulnerabilities for Thunderbird 115.3, Firefox...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on September 28, 2023. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Mozilla Releases Security Updates for Multiple Products
Mozilla Releases Security Updates for Multiple Products Mozilla has released security updates to address a vulnerability affecting Firefox, Firefox ESR,...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities in multiple products. A cyber...
US-CERT Vulnerability Summary for the Week of September 25, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoaccusoft -- imagegearAn out-of-bounds write vulnerability exists in the tiff_planar_adobe functionality of...
Nodesub – Command-Line Tool For Finding Subdomains In Bug Bounty Programs
Nodesub is a command-line tool for finding subdomains in bug bounty programs. It supports various subdomain enumeration techniques and provides...
LockBit 3.0 Ransomware Victim: aicsacorp[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
HashiCorp Vault and Vault Enterprise security bypass | CVE-2023-5077
NAME__________HashiCorp Vault and Vault Enterprise security bypassPlatforms Affected:HashiCorp Vault 1.12.0 HashiCorp Vault Enterprise 1.12.0Risk Level:7.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________HashiCorp Vault and Vault...
Online Movie Ticket Booking System cross-site scripting | CVE-2023-44174
NAME__________Online Movie Ticket Booking System cross-site scriptingPlatforms Affected:Projectworlds Online Movie Ticket Booking System 1.0Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Online Movie Ticket Booking...
Dell Data Protection Central information disclosure | CVE-2023-4129
NAME__________Dell Data Protection Central information disclosurePlatforms Affected:Dell Data Protection Central 19.9Risk Level:5.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Dell Data Protection Central could allow a...
Dell EMC AppSync privilege escalation | CVE-2023-32458
NAME__________Dell EMC AppSync privilege escalationPlatforms Affected:Dell EMC AppSync 4.4.0.0 Dell EMC AppSync 4.6.0.0Risk Level:7.3Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Dell EMC AppSync could allow...
Online Movie Ticket Booking System cross-site scripting | CVE-2023-44173
NAME__________Online Movie Ticket Booking System cross-site scriptingPlatforms Affected:Projectworlds Online Movie Ticket Booking System 1.0Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Online Movie Ticket Booking...
PostCSS security bypass | CVE-2023-44270
NAME__________PostCSS security bypassPlatforms Affected:PostCSS PostCSS 8.4.30Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________PostCSS could allow a remote attacker to bypass security restrictions, caused by...
Online Banquet Booking System cross-site scripting | CVE-2023-5303
NAME__________Online Banquet Booking System cross-site scriptingPlatforms Affected:PHPGurukul Online Banquet Booking System 1.0Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Online Banquet Booking System is vulnerable...
phpMyFAQ cross-site scripting | CVE-2023-5316
NAME__________phpMyFAQ cross-site scriptingPlatforms Affected:phpMyFAQ phpMyFAQ 2.9.0 phpMyFAQ phpMyFAQ 2.9.6 phpMyFAQ phpMyFAQ 2.9.8 phpMyFAQ phpMyFAQ 2.9.9 phpMyFAQ phpMyFAQ 2.9.10 phpMyFAQ phpMyFAQ...
PDF-XChange Editor code execution | CVE-2023-42108
NAME__________PDF-XChange Editor code executionPlatforms Affected:Tracker Software PDF-XChange EditorRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________PDF-XChange Editor could allow a remote attacker to execute arbitrary...
