Microsoft Windows TCP/IP denial of service | CVE-2023-36603
NAME__________Microsoft Windows TCP/IP denial of servicePlatforms Affected:Microsoft Windows Server 2019 Microsoft Windows 10 1809 for x64-based Systems Microsoft Windows 10...
SAP S/4HANA Core information disclosure | CVE-2023-42475
NAME__________SAP S/4HANA Core information disclosurePlatforms Affected:SAP S/4Hana Core S4CORE 102 SAP S/4Hana Core S4CORE 103 SAP S/4Hana Core S4CORE 104...
Lenovo Desktop, Smart Edge and ThinkStation products privilege escalation | CVE-2023-45076
NAME__________Lenovo Desktop, Smart Edge and ThinkStation products privilege escalationPlatforms Affected:Lenovo ThinkStation Lenovo Desktop Lenovo Smart EdgeRisk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Lenovo Desktop,...
Apache Airflow information disclosure | CVE-2023-45348
NAME__________Apache Airflow information disclosurePlatforms Affected:Apache Airflow 2.7.1Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apache Airflow could allow a remote authenticated attacker to obtain sensitive...
Sante DICOM Viewer Pro buffer overflow | CVE-2023-35986
NAME__________Sante DICOM Viewer Pro buffer overflowPlatforms Affected:Santesoft Sante DICOM Viewer 12.2.5Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Sante DICOM Viewer Pro is vulnerable to...
Apache Airflow information disclosure | CVE-2023-42663
NAME__________Apache Airflow information disclosurePlatforms Affected:Apache Airflow 2.7.1Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apache Airflow could allow a remote authenticated attacker to obtain sensitive...
Samba security bypass | CVE-2023-3961
NAME__________Samba security bypassPlatforms Affected:Samba Samba 4.17.0 Samba Samba 4.18.0 Samba Samba 4.19Risk Level:6.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Samba could allow a remote attacker...
IBM App Connect Enterprise information disclosure | CVE-2023-40682
NAME__________IBM App Connect Enterprise information disclosurePlatforms Affected:IBM App Connect Enterprise 12.0.1.0 IBM App Connect Enterprise 12.0.8.0Risk Level:4.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM App...
Koha Library Software SQL injection | CVE-2023-44961
NAME__________Koha Library Software SQL injectionPlatforms Affected:Koha Koha Library Software 23.05.04Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Koha Library Software is vulnerable to SQL injection....
Apache Airflow information disclosure | CVE-2023-42780
NAME__________Apache Airflow information disclosurePlatforms Affected:Apache Airflow 2.7.1Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apache Airflow could allow a remote authenticated attacker to obtain sensitive...
Apache Airflow security bypass | CVE-2023-42792
NAME__________Apache Airflow security bypassPlatforms Affected:Apache Airflow 2.7.1Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Apache Airflow could allow a remote authenticated attacker to bypass security...
LeadSquared Suite Plugin for WordPress cross-site request forgery | CVE-2023-45047
NAME__________LeadSquared Suite Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress LeadSquared Suite Plugin for WordPress 0.7.4Risk Level:7.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________LeadSquared Suite Plugin...
Advantech WebAccess information disclosure | CVE-2023-4215
NAME__________Advantech WebAccess information disclosurePlatforms Affected:Advantech WebAccess 9.1.3Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Advantech WebAccess could allow a remote attacker to obtain sensitive information,...
BianLian Ransomware Victim: Air Canada
BianLian Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
BianLian Ransomware Victim: Pelindo
BianLian Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
BianLian Ransomware Victim: Instron & ITW Inc
BianLian Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Hackers use Binance Smart Chain contracts to store malicious scripts
Cybercriminals are employing a novel code distribution technique dubbed 'EtherHiding,' which abuses Binance's Smart Chain (BSC) contracts to hide malicious...
CISA shares vulnerabilities, misconfigs used by ransomware gangs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has unveiled additional details regarding misconfigurations and security vulnerabilities exploited by ransomware...
Microsoft plans to kill off NTLM authentication in Windows 11
Microsoft announced earlier this week that the NTLM authentication protocol will be killed off in Windows 11 in the future. NTLM (short for...
23andMe hit with lawsuits after hacker leaks stolen genetics data
Genetic testing provider 23andMe faces multiple class action lawsuits in the U.S. following a large-scale data breach that is believed...
The Week in Ransomware – October 13th 2023 – Increasing Attacks
Ransomware gangs continue to pummel the enterprise, with attacks causing disruption in business operations and resulting in data breaches if...
US Smashes Annual Data Breach Record With Three Months Left
There were 2116 reported US data breaches and leaks in the first nine months of 2023, making it the worst...
European Police Hackathon Hunts Down Traffickers
Law enforcers from 26 countries came together recently in a hackathon designed to enhance intelligence gathering on human trafficking gangs,...
Fifth of UK Cybersecurity Pros Work Excessive Hours
The UK’s cybersecurity professionals believe they have excellent career prospects and are employed in a “booming” sector, but many are...
