CISA: VMware Releases Security Advisory for vCenter Server
VMware Releases Security Advisory for vCenter Server VMware released a security advisory for a vulnerability (CVE-2023-34048) affecting the VMware vCenter...
CISA: CISA Releases Nine Industrial Control Systems Advisories
CISA Releases Nine Industrial Control Systems Advisories CISA released nine Industrial Control Systems (ICS) advisories on October 26, 2023. These...
US-CERT Vulnerability Summary for the Week of October 16, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info1e -- platformAffected 1E Platform versions have a Blind SQL Injection vulnerability...
PathFinder – Tool That Provides Information About A Website
Web Path Finder is a Python program that provides information about a website. It retrieves various details such as page...
Record-Breaking 100 Million RPS DDoS Attack Exploits HTTP/2 Rapid Reset Flaw
Cloudflare on Thursday said it mitigated thousands of hyper-volumetric HTTP distributed denial-of-service (DDoS) attacks that exploited a recently disclosed flaw...
iLeakage: New Safari Exploit Impacts Apple iPhones and Macs with A and M-Series CPUs
A group of academics has devised a novel side-channel attack dubbed iLeakage that exploits a weakness in the A- and...
HackerOne Bug Bounty Disclosure: b-flickr-api-key-leaked-in-github-commit-b-m-y-nk
Company Name: b'Mozilla Core Services' Company HackerOne URL: https://hackerone.com/mozilla_core_services Submitted By:b'm4y4nk'Link to Submitters Profile:https://hackerone.com/b'm4y4nk' Report Title:b'Flickr API key leaked in...
HackerOne Bug Bounty Disclosure: b-rce-on-ingress-nginx-controller-via-ingress-spec-rules-http-paths-path-field-b-ginoah
Company Name: b'Kubernetes' Company HackerOne URL: https://hackerone.com/kubernetes Submitted By:b'ginoah'Link to Submitters Profile:https://hackerone.com/b'ginoah' Report Title:b'RCE on ingress-nginx-controller via Ingress spec.rules.http.paths.path field'Report...
CISA: Apple Releases Security Advisories for Multiple Products
Apple Releases Security Advisories for Multiple Products Apple has released security updates to address vulnerabilities in multiple products. A cyber...
CISA: CISA Releases Nine Industrial Control Systems Advisories
CISA Releases Nine Industrial Control Systems Advisories CISA released nine Industrial Control Systems (ICS) advisories on October 26, 2023. These...
Play Ransomware Victim: Laiho Group
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware
The prolific threat actor known as Scattered Spider has been observed impersonating newly hired employees in targeted firms as a...
The Danger of Forgotten Pixels on Websites: A New Case Study
While cyberattacks on websites receive much attention, there are often unaddressed risks that can lead to businesses facing lawsuits and...
Critical Flaw in NextGen’s Mirth Connect Could Expose Healthcare Data
Users of Mirth Connect, an open-source data integration platform from NextGen HealthCare, are being urged to update to the latest...
Aruba Networks ClearPass Policy Manager SQL injection | CVE-2023-43507
NAME__________Aruba Networks ClearPass Policy Manager SQL injectionPlatforms Affected:Risk Level:7.2Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Aruba Networks ClearPass Policy Manager is vulnerable to SQL injection....
Aruba Networks ClearPass Policy Manager open redirect | CVE-2023-43509
NAME__________Aruba Networks ClearPass Policy Manager open redirectPlatforms Affected:Risk Level:5.8Exploitability:UnprovenConsequences:Other DESCRIPTION__________Aruba Networks ClearPass Policy Manager could allow a remote attacker to...
Aruba Networks ClearPass Policy Manager command execution | CVE-2023-43510
NAME__________Aruba Networks ClearPass Policy Manager command executionPlatforms Affected:Risk Level:4.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Aruba Networks ClearPass Policy Manager could allow a remote authenticated...
Aruba Networks ClearPass Policy Manager privilege escalation | CVE-2023-43506
NAME__________Aruba Networks ClearPass Policy Manager privilege escalationPlatforms Affected:Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Aruba Networks ClearPass Policy Manager could allow a local authenticated...
Aruba Networks ClearPass Policy Manager privilege escalation | CVE-2023-43508
NAME__________Aruba Networks ClearPass Policy Manager privilege escalationPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Aruba Networks ClearPass Policy Manager could allow a remote authenticated...
Apple macOS Sonoma spoofing | CVE-2023-42438
NAME__________Apple macOS Sonoma spoofingPlatforms Affected:Apple macOS Sonoma 14.0Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apple macOS Sonoma could allow a remote attacker to conduct...
Auto Amazon Links Plugin for WordPress cross-site scripting | CVE-2023-4482
NAME__________Auto Amazon Links Plugin for WordPress cross-site scriptingPlatforms Affected:Zenario ZenarioCMS 9.4.59197Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Auto Amazon Links Plugin for WordPress is...
Apple macOS Monterey privilege escalation | CVE-2023-40423
NAME__________Apple macOS Monterey privilege escalationPlatforms Affected:Apple macOS Monterey 12.7.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Apple macOS Monterey could allow a local attacker to...
Apple macOS Sonoma information disclosure | CVE-2023-40405
NAME__________Apple macOS Sonoma information disclosurePlatforms Affected:Apple macOS Sonoma 14.0Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apple macOS Sonoma could allow a local attacker to...
Apple macOS Monterey code execution | CVE-2023-42856
NAME__________Apple macOS Monterey code executionPlatforms Affected:Apple macOS Monterey 12.7.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apple macOS Monterey could allow a remote attacker to...
