Kasseika Ransomware Using BYOVD Trick to Disarms Security Pre-Encryption
The ransomware group known as Kasseika has become the latest to leverage the Bring Your Own Vulnerable Driver (BYOVD) attack...
What is Nudge Security and How Does it Work?
In today's highly distributed workplace, every employee has the ability to act as their own CIO, adopting new cloud and...
Brute Ratel C4 Detected – 52[.]197[.]96[.]6:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Nextcloud Deck cross-site scripting | CVE-2024-22213
NAME__________Nextcloud Deck cross-site scriptingPlatforms Affected:Nextcloud Deck 1.9.0 Nextcloud Deck 1.9.4 Nextcloud Deck 1.10.0 Nextcloud Deck 1.11.0 Nextcloud Deck 1.11.1Risk Level:6.4Exploitability:HighConsequences:Cross-Site...
Nextcloud Server weak security | CVE-2024-22403
NAME__________Nextcloud Server weak securityPlatforms Affected:Nextcloud Nextcloud Server 27.0.0 Nextcloud Nextcloud Enterprise Server 27.0.0Risk Level:3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Nextcloud Server could provide weaker...
Nextcloud Guests security bypass | CVE-2024-22402
NAME__________Nextcloud Guests security bypassPlatforms Affected:Nextcloud Guests 2.4.0 Nextcloud Guests 2.5.0 Nextcloud Guests 3.0.0Risk Level:5.4Exploitability:UnprovenConsequences:Other DESCRIPTION__________Nextcloud Guests could allow a remote...
Nextcloud User Saml open redirect | CVE-2024-22400
NAME__________Nextcloud User Saml open redirectPlatforms Affected:Nextcloud User Saml 5.1.4 Nextcloud User Saml 5.2.4 Nextcloud User Saml 6.0.0 Nextcloud User Saml...
Nextcloud Files ZIP information disclosure | CVE-2024-22404
NAME__________Nextcloud Files ZIP information disclosurePlatforms Affected:Nextcloud Files ZIP 1.2.0 Nextcloud Files ZIP 1.4.0Risk Level:4.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Nextcloud Files ZIP could allow...
FreeRDP integer overflow | CVE-2024-22211
NAME__________FreeRDP integer overflowPlatforms Affected:FreeRDP FreeRDP 2.11.4 FreeRDP FreeRDP 3.1.0Risk Level:3.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________FreeRDP could allow a remote attacker to execute arbitrary...
European Chemicals Agency IUCLID code execution | CVE-2024-0770
NAME__________European Chemicals Agency IUCLID code executionPlatforms Affected:European Chemicals Agency IUCLID 7.10.3Risk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________European Chemicals Agency IUCLID could allow a...
SpyCamLizard denial of service |
NAME__________SpyCamLizard denial of servicePlatforms Affected:SpyCamLizard SpyCamLizard 1.230Risk Level:5.3Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________SpyCamLizard is vulnerable to a denial of service,...
Nsasoft Product Key Explorer code execution | CVE-2024-0771
NAME__________Nsasoft Product Key Explorer code executionPlatforms Affected:Nsasoft Product Key Explorer 4.0.9Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Nsasoft Product Key Explorer could allow a...
Nextcloud Guests security bypass | CVE-2024-22401
NAME__________Nextcloud Guests security bypassPlatforms Affected:Nextcloud Guests 2.4.0 Nextcloud Guests 2.5.0 Nextcloud Guests 3.0.0Risk Level:4.1Exploitability:UnprovenConsequences:Other DESCRIPTION__________Nextcloud Guests could allow a remote...
MiniWeb HTTP Server denial of service |
NAME__________MiniWeb HTTP Server denial of servicePlatforms Affected:MiniWeb HTTP Server 0.8.1Risk Level:5.3Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________MiniWeb HTTP Server is vulnerable...
D-Link DIR-859 directory traversal | CVE-2024-0769
NAME__________D-Link DIR-859 directory traversalPlatforms Affected:D-Link DIR-859 1.06B01Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________D-Link DIR-859 could allow a remote attacker to traverse directories on...
CodeAstro Internet Banking System cross-site scripting | CVE-2024-0773
NAME__________CodeAstro Internet Banking System cross-site scriptingPlatforms Affected:CodeAstro Internet Banking System 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________CodeAstro Internet Banking System is vulnerable to...
LinZhaoguan pb-cms cross-site scripting | CVE-2024-0776
NAME__________LinZhaoguan pb-cms cross-site scriptingPlatforms Affected:LinZhaoguan pb-cms 2.0 LinZhaoguan pb-cms 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________LinZhaoguan pb-cms is vulnerable to cross-site scripting, caused...
Nsasoft ShareAlarmPro code execution | CVE-2024-0772
NAME__________Nsasoft ShareAlarmPro code executionPlatforms Affected:Nsasoft ShareAlarmPro 2.1.4Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Nsasoft ShareAlarmPro could allow a remote attacker to execute arbitrary code...
Westermo Lynx 206-F2G cross-site scripting | CVE-2023-45222
NAME__________Westermo Lynx 206-F2G cross-site scriptingPlatforms Affected:Westermo Lynx 206-F2G 4.24Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Westermo Lynx 206-F2G is vulnerable to cross-site scripting, caused...
Spoon weak security | CVE-2024-23453
NAME__________Spoon weak securityPlatforms Affected:Spoonradio.co Spoon 7.11.1 Spoonradio.co Spoon 8.6.0Risk Level:4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Spoon could provide weaker than expected security, caused by...
CodeAstro Online Railway Reservation System cross-site scripting | CVE-2024-0782
NAME__________CodeAstro Online Railway Reservation System cross-site scriptingPlatforms Affected:CodeAstro Online Railway Reservation System 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________CodeAstro Online Railway Reservation System...
Orthanc Osimis DICOM Web Viewer cross-site scripting | CVE-2023-7238
NAME__________Orthanc Osimis DICOM Web Viewer cross-site scriptingPlatforms Affected:Orthanc Osimis DICOM Web Viewer 1.4.2.0-9d9eff4Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Orthanc Osimis DICOM Web Viewer...
biantaibao octopus SQL injection | CVE-2024-0784
NAME__________biantaibao octopus SQL injectionPlatforms Affected:biantaibao octopus 1.0Risk Level:6.5Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________biantaibao octopus is vulnerable to SQL injection. A remote attacker could...
CodeAstro Internet Banking System open redirect | CVE-2024-0781
NAME__________CodeAstro Internet Banking System open redirectPlatforms Affected:CodeAstro Internet Banking System 1.0Risk Level:6.5Exploitability:UnprovenConsequences:Other DESCRIPTION__________CodeAstro Internet Banking System could allow a remote...
