CISA: Juniper Releases Security Advisory for Juniper Secure Analytics
Juniper Releases Security Advisory for Juniper Secure Analytics Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
RansomwareSim – A Simulated Ransomware
Overview RansomwareSim is a simulated ransomware application developed for educational and training purposes. It is designed to demonstrate how ransomware...
Malware Using Google MultiLogin Exploit to Maintain Access Despite Password Reset
Information stealing malware are actively taking advantage of an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions and...
Play Ransomware Victim: Madison Capital & WPM & The Time Group
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
5 Ways to Reduce SaaS Security Risks
As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security...
SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof Emails
A new exploitation technique called Simple Mail Transfer Protocol (SMTP) smuggling can be weaponized by threat actors to send spoofed...
mUPnP for C denial of service | CVE-2023-52152
NAME__________mUPnP for C denial of servicePlatforms Affected:mUPnP mUPnP 3.0.2Risk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________mUPnP for C is vulnerable to...
Winter CMS cross-site scripting | CVE-2023-52083
NAME__________Winter CMS cross-site scriptingPlatforms Affected:Winter CMS Winter CMS 1.2.3Risk Level:2.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Winter CMS is vulnerable to cross-site scripting, caused by...
Winter CMS local file include | CVE-2023-52085
NAME__________Winter CMS local file includePlatforms Affected:Winter CMS Winter CMS 1.2.3Risk Level:3.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Winter CMS could allow a remote authenticated attacker...
Winter CMS cross-site scripting | CVE-2023-52084
NAME__________Winter CMS cross-site scriptingPlatforms Affected:Winter CMS Winter CMS 1.2.3Risk Level:2.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Winter CMS is vulnerable to cross-site scripting, caused by...
MOXA OnCell G3150A-LTE Series security bypass | CVE-2023-6093
NAME__________MOXA OnCell G3150A-LTE Series security bypassPlatforms Affected:MOXA OnCell G3150A-LTE Series 1.3Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________MOXA OnCell G3150A-LTE Series could allow a...
Cloudflare Miniflare server-side request forgery | CVE-2023-7078
NAME__________Cloudflare Miniflare server-side request forgeryPlatforms Affected:Cloudflare Miniflare 3.20231030.1Risk Level:6.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Cloudflare Miniflare is vulnerable to server-side request forgery, caused by...
Cloudflare Wrangler information disclosure | CVE-2023-7079
NAME__________Cloudflare Wrangler information disclosurePlatforms Affected:Cloudflare Wrangler 3.18.0Risk Level:5.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Cloudflare Wrangler could allow a remote attacker to obtain sensitive information,...
novel-plus cross-site scripting | CVE-2023-7166
NAME__________novel-plus cross-site scriptingPlatforms Affected:Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________novel-plus is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...
novel-plus cross-site scripting | CVE-2023-7171
NAME__________novel-plus cross-site scriptingPlatforms Affected:Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________novel-plus is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...
Chinese Perpetual Calendar information disclosure | CVE-2023-51006
NAME__________Chinese Perpetual Calendar information disclosurePlatforms Affected:Chinese Perpetual Calendar Chinese Perpetual Calendar 9.0.0Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Chinese Perpetual Calendar could allow a...
tj-actions verify-changed-files command execution | CVE-2023-52137
NAME__________tj-actions verify-changed-files command executionPlatforms Affected:tj-actions verify-changed-files 16.1.1Risk Level:7.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________tj-actions verify-changed-files could allow a remote authenticated attacker to execute arbitrary...
ffcss security bypass | CVE-2023-52081
NAME__________ffcss security bypassPlatforms Affected:ffcss ffcss 0.1.2Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________ffcss could allow a remote attacker to bypass security restrictions, caused by...
Hail security bypass | CVE-2023-51663
NAME__________Hail security bypassPlatforms Affected:Hail Hail 0.2.126Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Hail could allow a remote attacker to bypass security restrictions, caused by...
Libsystem SQL injection | CVE-2023-7177
NAME__________Libsystem SQL injectionPlatforms Affected:Campcodes Online College Library System 1.0Risk Level:4.7Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Libsystem is vulnerable to SQL injection. A remote authenticated...
WooCommerce Payments Plugin for WordPress information disclosure | CVE-2023-51503
NAME__________WooCommerce Payments Plugin for WordPress information disclosurePlatforms Affected:WordPress WooCommerce Payments plugin for WordPress 6.6.2Risk Level:5.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________WooCommerce Payments Plugin for...
S-CMS /member/ad.php?action=ad SQL injection | CVE-2023-7190
NAME__________S-CMS /member/ad.php?action=ad SQL injectionPlatforms Affected:S-CMS S-CMS 2.0_build20220529-20231006Risk Level:5.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________S-CMS is vulnerable to SQL injection. A remote authenticated attacker could...
GPT3 AI Content Writer Plugin for WordPress information disclosure | CVE-2023-51527
NAME__________GPT3 AI Content Writer Plugin for WordPress information disclosurePlatforms Affected:WordPress GPT3 AI Content Writer Plugin for WordPress 1.8.2Risk Level:5.3Exploitability:UnprovenConsequences:Gain Access...
