Microsoft Takes Legal Action to Crack Down on Storm-1152’s Cybercrime Network
Microsoft on Wednesday said it obtained a court order to seize infrastructure set up by a group called Storm-1152 that...
Russian SVR-Linked APT29 Targets JetBrains TeamCity Servers in Ongoing Attacks
Threat actors affiliated with the Russian Foreign Intelligence Service (SVR) have targeted unpatched JetBrains TeamCity servers in widespread attacks since...
Iranian State-Sponsored OilRig Group Deploys 3 New Malware Downloaders
The Iranian state-sponsored threat actor known as OilRig deployed three different downloader malware throughout 2022 to maintain persistent access to...
Siemens User Management Component denial of service | CVE-2023-46285
NAME__________Siemens User Management Component denial of servicePlatforms Affected:Siemens TIA Portal 14 Siemens TIA Portal 16 Siemens Opcenter Quality Siemens SINUMERIK...
Fortinet FortiADC information disclosure | CVE-2023-41673
NAME__________Fortinet FortiADC information disclosurePlatforms Affected:Fortinet FortiADC 7.0.2 Fortinet FortiADC 7.0.0 Fortinet FortiADC 6.2.4 Fortinet FortiADC 7.1.0Risk Level:7.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Fortinet FortiADC...
IBM System Storage Virtualization Engine information disclosure | CVE-2023-49877
NAME__________IBM System Storage Virtualization Engine information disclosurePlatforms Affected:IBM Virtualization Engine TS7700 3957-VEC 8.52.103.23 IBM Virtualization Engine TS7700 3957-VED 8.52.103.23 IBM...
IBM Spectrum Scale information disclosure | CVE-2022-43843
NAME__________IBM Spectrum Scale information disclosurePlatforms Affected:IBM Spectrum Scale 5.1.5.1 IBM Spectrum Scale 5.1.5.0Risk Level:5.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM Spectrum Scale 5.1.5.0 through...
GaatiTrack Courier Management System cross-site scripting | CVE-2023-48206
NAME__________GaatiTrack Courier Management System cross-site scriptingPlatforms Affected:GaatiTrack Courier Management System 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________GaatiTrack Courier Management System is vulnerable to...
Xen Server information disclosure | CVE-2023-46837
NAME__________Xen Server information disclosurePlatforms Affected:Xensource Xen 4.16 XenSource Xen 4.17Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Xen Server could allow a local authenticated attacker...
IBM System Storage Virtualization Engine | CVE-2023-49878
NAME__________IBM System Storage Virtualization EnginePlatforms Affected:IBM Virtualization Engine TS7700 3957-VEC 8.52.103.23 IBM Virtualization Engine TS7700 3957-VED 8.52.103.23 IBM Virtualization Engine...
Fortinet FortiOS and Fortinet FortiProxy security bypass | CVE-2023-47536
NAME__________Fortinet FortiOS and Fortinet FortiProxy security bypassPlatforms Affected:Fortinet FortiOS 6.0.0 Fortinet FortiOS 6.2.0 Fortinet FortiOS 6.4.0 Fortinet FortiProxy 2.0.0 Fortinet...
Zoom Desktop Client for Windows, Zoom VDI Client for Windows and Zoom SDKs for Windows privilege escalation | CVE-2023-43586
NAME__________Zoom Desktop Client for Windows, Zoom VDI Client for Windows and Zoom SDKs for Windows privilege escalationPlatforms Affected:Zoom VDI Client...
Siemens SINEC INS denial of service | CVE-2023-48430
NAME__________Siemens SINEC INS denial of servicePlatforms Affected:Siemens SINEC INS 1.0 SP2 Siemens SINEC INS 1.0Risk Level:2.7Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Siemens SINEC...
Adobe Experience Manager cross-site scripting | CVE-2023-48452
NAME__________Adobe Experience Manager cross-site scriptingPlatforms Affected:Adobe Experience Manager Cloud Service (CS) Adobe Experience Manager 6.5.18.0Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Adobe Experience Manager...
Siemens SINEC INS denial of service | CVE-2023-48429
NAME__________Siemens SINEC INS denial of servicePlatforms Affected:Siemens SINEC INS 1.0 SP2 Siemens SINEC INS 1.0Risk Level:2.7Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Siemens SINEC...
Siemens User Management Component security bypass | CVE-2023-46281
NAME__________Siemens User Management Component security bypassPlatforms Affected:Siemens TIA Portal 14 Siemens TIA Portal 16 Siemens Opcenter Quality Siemens SINUMERIK Integrate...
Adobe Experience Manager cross-site scripting | CVE-2023-48480
NAME__________Adobe Experience Manager cross-site scriptingPlatforms Affected:Adobe Experience Manager Cloud Service (CS) Adobe Experience Manager 6.5.18.0Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Adobe Experience Manager...
Adobe Experience Manager cross-site scripting | CVE-2023-48446
NAME__________Adobe Experience Manager cross-site scriptingPlatforms Affected:Adobe Experience Manager Cloud Service (CS) Adobe Experience Manager 6.5.18.0Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Adobe Experience Manager...
Adobe Experience Manager cross-site scripting | CVE-2023-48481
NAME__________Adobe Experience Manager cross-site scriptingPlatforms Affected:Adobe Experience Manager Cloud Service (CS) Adobe Experience Manager 6.5.18.0Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Adobe Experience Manager...
Adobe Experience Manager cross-site scripting | CVE-2023-48458
NAME__________Adobe Experience Manager cross-site scriptingPlatforms Affected:Adobe Experience Manager Cloud Service (CS) Adobe Experience Manager 6.5.18.0Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Adobe Experience Manager...
Adobe Experience Manager cross-site scripting | CVE-2023-48443
NAME__________Adobe Experience Manager cross-site scriptingPlatforms Affected:Adobe Experience Manager Cloud Service (CS) Adobe Experience Manager 6.5.18.0Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Adobe Experience Manager...
Adobe Substance 3D Sampler code execution | CVE-2023-48629
NAME__________Adobe Substance 3D Sampler code executionPlatforms Affected:Adobe Substance 3D Sampler 4.2.1Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Adobe Substance 3D Sampler could allow a...
Adobe Experience Manager cross-site scripting | CVE-2023-48459
NAME__________Adobe Experience Manager cross-site scriptingPlatforms Affected:Adobe Experience Manager Cloud Service (CS) Adobe Experience Manager 6.5.18.0Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Adobe Experience Manager...
Adobe After Effects information disclosure | CVE-2023-48635
NAME__________Adobe After Effects information disclosurePlatforms Affected:Adobe After Effects 24.0.3 Adobe After Effects 23.6.0Risk Level:3.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Adobe After Effects could allow...
