RedPacket Security - InfoSec News & Tutorials

OpenKM cross-site scripting | CVE-2023-50072

January 29, 2024

NAME__________OpenKM cross-site scriptingPlatforms Affected:OpenKM OpenKM 7.1.40Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________OpenKM is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

GitLab Community Edition and Enterprise Edition denial of service | CVE-2023-6159

January 29, 2024

NAME__________GitLab Community Edition and Enterprise Edition denial of servicePlatforms Affected:GitLab Enterprise Edition 16.8.0 GitLab Enterprise Edition 16.7.3 GitLab Enterprise Edition...

rhboot shim denial of service | CVE-2023-40549

January 29, 2024

NAME__________rhboot shim denial of servicePlatforms Affected:rhboot shim 15.7Risk Level:6.2Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________rhboot shim is vulnerable to a denial of service,...

rhboot shim information disclsoure | CVE-2023-40550

January 29, 2024

NAME__________rhboot shim information disclsourePlatforms Affected:rhboot shim 15.7Risk Level:5.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________rhboot shim could allow a remote authenticated attacker to obtain...

MachineSense FeverWarn information disclosure | CVE-2023-49115

January 29, 2024

NAME__________MachineSense FeverWarn information disclosurePlatforms Affected:MachineSense FeverWarn: ESP32 MachineSense FeverWarn: RaspberryPi MachineSense FeverWarn: DataHub RaspberryPiRisk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________MachineSense FeverWarn could allow...

GitLab Community Edition and Enterprise Edition security bypass | CVE-2024-0456

January 29, 2024

NAME__________GitLab Community Edition and Enterprise Edition security bypassPlatforms Affected:GitLab Enterprise Edition 16.8.0 GitLab Enterprise Edition 16.7.3 GitLab Enterprise Edition 16.6.5...

rhboot shim denial of service | CVE-2023-40546

January 29, 2024

rhboot shim denial of service | CVE-2023-40551

January 29, 2024

NAME__________rhboot shim denial of servicePlatforms Affected:rhboot shim 15.7Risk Level:5.1Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________rhboot shim is vulnerable to a denial of service,...

rhboot shim integer overflow | CVE-2023-40548

January 29, 2024

NAME__________rhboot shim integer overflowPlatforms Affected:rhboot shim 15.7Risk Level:4.9Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________rhboot shim could allow a local attacker to execute arbitrary...

MachineSense FeverWarn information disclosure | CVE-2023-6221

January 29, 2024

NAME__________MachineSense FeverWarn information disclosurePlatforms Affected:MachineSense FeverWarn: ESP32 MachineSense FeverWarn: RaspberryPi MachineSense FeverWarn: DataHub RaspberryPiRisk Level:7.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________MachineSense FeverWarn could allow...

Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines

January 29, 2024

Cybersecurity researchers have identified malicious packages on the open-source Python Package Index (PyPI) repository that deliver an information stealing malware...

NSA Admits Secretly Buying Your Internet Browsing Data without Warrants

January 29, 2024

The U.S. National Security Agency (NSA) has admitted to buying internet browsing records from data brokers to identify the websites...

BianLian Ransomware Victim: Shoma group

January 29, 2024

BianLian Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

Kansas City Public Transportation Authority Hit By Ransomware

January 29, 2024

The Kansas City Area Transportation Authority (KCATA) announced it was targeted by a ransomware attack on Tuesday, January 23. KCATA...

Exploits Released For Critical Jenkins Rce Flaw Patch Now

January 29, 2024

Multiple proof-of-concept (PoC) exploits for a critical Jenkins vulnerability allowing unauthenticated attackers to read arbitrary files have been made publicly...

CISA: CISA Joins ACSC-led Guidance on How to Use AI Systems Securely

January 29, 2024

CISA Joins ACSC-led Guidance on How to Use AI Systems Securely CISA has collaborated with the Australian Signals Directorate’s Australian...

CISA: CISA Releases Six Industrial Control Systems Advisories

January 29, 2024

CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on January 23, 2024. These...

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

January 29, 2024

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

CISA: Apple Releases Security Updates for Multiple Products

January 29, 2024

Apple Releases Security Updates for Multiple Products Apple has released security updates for iOS and iPadOS, macOS, Safari, watchOS, and tvOS....

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

January 29, 2024

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

January 29, 2024

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

CISA: Cisco Releases Security Advisory for Multiple Unified Communications and Contact Center Solutions Products

January 29, 2024

Cisco Releases Security Advisory for Multiple Unified Communications and Contact Center Solutions Products Cisco released a security advisory to address...

CISA: CISA Releases Two Industrial Control Systems Advisories

January 29, 2024

CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on January 25, 2024. These...

CISA: Guidance: Assembling a Group of Products for SBOM

January 29, 2024

Guidance: Assembling a Group of Products for SBOM Today, CISA published Guidance on Assembling a Group of Products created by the Software...

Main Story

Security Awareness Training that Works for Changing Employee Behavior

Editor’s Picks

Trending Story

Featured Story

You may have missed