CISA: Adobe Releases Security Updates for ColdFusion
Adobe Releases Security Updates for ColdFusion On Nov. 14, 2023, Adobe released security updates addressing vulnerabilities affecting unpatched ColdFusion software....
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on November 21, 2023. These...
General Electric investigates claims of cyber attack, data theft
General Electric is investigating claims that a threat actor breached the company's development environment in a cyberattack and leaked allegedly...
Atomic Stealer malware strikes macOS via fake browser updates
The 'ClearFake' fake browser update campaign has expanded to macOS, targeting Apple computers with Atomic Stealer (AMOS) malware. The ClearFake...
US-CERT Vulnerability Summary for the Week of November 13, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocheckpoint -- endpoint_securityLocal attacker can escalate privileges on affected installations of Check...
OSINT-Framework – OSINT Framework
OSINT framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT...
Warning: 3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches
The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to...
LockBit 3.0 Ransomware Victim: preidlhof[.]it
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: nrtw[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: ribolia[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
UserPro Plugin for WordPress information disclosure | CVE-2023-2446
NAME__________UserPro Plugin for WordPress information disclosurePlatforms Affected:WordPress UserPro Plugin for WordPress 5.1.0Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________UserPro Plugin for WordPress could allow...
OpenHarmony information disclosure | CVE-2023-46100
NAME__________OpenHarmony information disclosurePlatforms Affected:Risk Level:6.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________OpenHarmony could allow a local attacker to obtain sensitive information, caused by the use...
UserPro Plugin for WordPress cross-site request forgery | CVE-2023-2438
NAME__________UserPro Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress UserPro Plugin for WordPress 5.1.0Risk Level:6.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________UserPro Plugin for WordPress is...
UserPro Plugin for WordPress cross-site request forgery | CVE-2023-2447
NAME__________UserPro Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress UserPro Plugin for WordPress 5.1.0Risk Level:6.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________UserPro Plugin for WordPress is...
UserPro Plugin for WordPress security bypass | CVE-2023-2448
NAME__________UserPro Plugin for WordPress security bypassPlatforms Affected:WordPress UserPro Plugin for WordPress 5.1.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________UserPro Plugin for WordPress could allow...
OpenHarmony denial of service | CVE-2023-47217
NAME__________OpenHarmony denial of servicePlatforms Affected:Risk Level:4Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________OpenHarmony is vulnerable to a denial of service, caused by a buffer...
Anywhere Flash Embed Plugin for WordPress cross-site scripting | CVE-2023-47811
NAME__________Anywhere Flash Embed Plugin for WordPress cross-site scriptingPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Anywhere Flash Embed Plugin for WordPress is vulnerable to...
Add Widgets to Page Plugin for WordPress cross-site scripting | CVE-2023-47808
NAME__________Add Widgets to Page Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Add Widgets to Page Plugin for WordPress 1.3.2Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting...
BP Profile Shortcodes Extra Plugin for WordPress cross-site scripting | CVE-2023-47815
NAME__________BP Profile Shortcodes Extra Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress BP Profile Shortcodes Extra Plugin for WordPress 2.5.2Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting...
Bamboo Columns Plugin for WordPress cross-site scripting | CVE-2023-47812
NAME__________Bamboo Columns Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Bamboo Columns Plugin for WordPress 1.6.1Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Bamboo Columns Plugin for...
BMI Calculator Plugin for WordPress cross-site scripting | CVE-2023-47814
NAME__________BMI Calculator Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress BMI Calculator Plugin for WordPress 1.0.3Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________BMI Calculator Plugin for...
Elastic Elasticsearch denial of service | CVE-2023-46673
NAME__________Elastic Elasticsearch denial of servicePlatforms Affected:Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Elastic Elasticsearch is vulnerable to a denial of service, caused by...
Accordion Plugin for WordPress cross-site scripting | CVE-2023-47809
NAME__________Accordion Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Accordion Plugin for WordPress 2.6Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Accordion Plugin for WordPress is vulnerable...
Ajax Domain Checker Plugin for WordPress cross-site scripting | CVE-2023-47810
NAME__________Ajax Domain Checker Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress UserPro Plugin for WordPress 5.1.0Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Ajax Domain Checker Plugin...
