CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Mozilla Releases Security Advisories for Thunderbird and Firefox
Mozilla Releases Security Advisories for Thunderbird and Firefox Mozilla has released security updates to address vulnerabilities for Thunderbird 115.3, Firefox...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on September 28, 2023. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Mozilla Releases Security Updates for Multiple Products
Mozilla Releases Security Updates for Multiple Products Mozilla has released security updates to address a vulnerability affecting Firefox, Firefox ESR,...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities in multiple products. A cyber...
US-CERT Vulnerability Summary for the Week of September 25, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoaccusoft -- imagegearAn out-of-bounds write vulnerability exists in the tiff_planar_adobe functionality of...
Nodesub – Command-Line Tool For Finding Subdomains In Bug Bounty Programs
Nodesub is a command-line tool for finding subdomains in bug bounty programs. It supports various subdomain enumeration techniques and provides...
LockBit 3.0 Ransomware Victim: aicsacorp[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
HashiCorp Vault and Vault Enterprise security bypass | CVE-2023-5077
NAME__________HashiCorp Vault and Vault Enterprise security bypassPlatforms Affected:HashiCorp Vault 1.12.0 HashiCorp Vault Enterprise 1.12.0Risk Level:7.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________HashiCorp Vault and Vault...
Online Movie Ticket Booking System cross-site scripting | CVE-2023-44174
NAME__________Online Movie Ticket Booking System cross-site scriptingPlatforms Affected:Projectworlds Online Movie Ticket Booking System 1.0Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Online Movie Ticket Booking...
Dell Data Protection Central information disclosure | CVE-2023-4129
NAME__________Dell Data Protection Central information disclosurePlatforms Affected:Dell Data Protection Central 19.9Risk Level:5.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Dell Data Protection Central could allow a...
Dell EMC AppSync privilege escalation | CVE-2023-32458
NAME__________Dell EMC AppSync privilege escalationPlatforms Affected:Dell EMC AppSync 4.4.0.0 Dell EMC AppSync 4.6.0.0Risk Level:7.3Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Dell EMC AppSync could allow...
Online Movie Ticket Booking System cross-site scripting | CVE-2023-44173
NAME__________Online Movie Ticket Booking System cross-site scriptingPlatforms Affected:Projectworlds Online Movie Ticket Booking System 1.0Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Online Movie Ticket Booking...
PostCSS security bypass | CVE-2023-44270
NAME__________PostCSS security bypassPlatforms Affected:PostCSS PostCSS 8.4.30Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________PostCSS could allow a remote attacker to bypass security restrictions, caused by...
Online Banquet Booking System cross-site scripting | CVE-2023-5303
NAME__________Online Banquet Booking System cross-site scriptingPlatforms Affected:PHPGurukul Online Banquet Booking System 1.0Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Online Banquet Booking System is vulnerable...
phpMyFAQ cross-site scripting | CVE-2023-5316
NAME__________phpMyFAQ cross-site scriptingPlatforms Affected:phpMyFAQ phpMyFAQ 2.9.0 phpMyFAQ phpMyFAQ 2.9.6 phpMyFAQ phpMyFAQ 2.9.8 phpMyFAQ phpMyFAQ 2.9.9 phpMyFAQ phpMyFAQ 2.9.10 phpMyFAQ phpMyFAQ...
PDF-XChange Editor code execution | CVE-2023-42108
NAME__________PDF-XChange Editor code executionPlatforms Affected:Tracker Software PDF-XChange EditorRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________PDF-XChange Editor could allow a remote attacker to execute arbitrary...
Ajax Poll Script security bypass | CVE-2023-5313
NAME__________Ajax Poll Script security bypassPlatforms Affected:PHPKOBO Ajax Poll Script 3.18Risk Level:5.3Exploitability:Proof of ConceptConsequences:Bypass Security DESCRIPTION__________Ajax Poll Script could allow a...
E107 cross-site scripting | CVE-2023-43874
NAME__________E107 cross-site scriptingPlatforms Affected:e107 e107 2.3.2Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________E107 is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Online Banquet Booking System cross-site scripting | CVE-2023-5304
NAME__________Online Banquet Booking System cross-site scriptingPlatforms Affected:PHPGurukul Online Banquet Booking System 1.0Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Online Banquet Booking System is vulnerable...
Linux Kernel information disclosure | CVE-2023-39192
NAME__________Linux Kernel information disclosurePlatforms Affected:Linux KernelRisk Level:6.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Linux Kernel could allow a local authenticated attacker to obtain sensitive information,...
PDF-XChange Editor code execution | CVE-2023-42111
NAME__________PDF-XChange Editor code executionPlatforms Affected:Tracker Software PDF-XChange EditorRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________PDF-XChange Editor could allow a remote attacker to execute arbitrary...
