NAME__________Zephyr buffer overflowPlatforms Affected:Zephyr Project Zephyr 3.4.0Risk Level:7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Zephyr is vulnerable to a buffer overflow, caused by unsigned conversion...
NAME__________JumpServer information disclosurePlatforms Affected:JumpServer JumpServer 2.28.19 JumpServer JumpServer 3.7.0Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________JumpServer could allow a remote attacker to obtain sensitive...
NAME__________PrestaShop security bypassPlatforms Affected:PrestaShop PrestaShop 8.1.1Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________PrestaShop could allow a remote authenticated attacker to bypass security restrictions, caused...
NAME__________Everest News Pro Theme for WordPress cross-site scriptingPlatforms Affected:WordPress Everest News Pro Theme Plugin for WordPress 1.1.7Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Everest...
NAME__________Samsung Mobile Processor Exynos 2200 denial of servicePlatforms Affected:Samsung Mobile Processor Exynos 2200Risk Level:5.1Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Samsung Mobile Processor Exynos...
NAME__________Prestashop security bypassPlatforms Affected:PrestaShop PrestaShop 8.1.1Risk Level:6.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________PrestaShop could allow a remote authenticated attacker to bypass security restrictions. By...
NAME__________Fortect privilege escalationPlatforms Affected:Fortect FortectRisk Level:6.3Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Fortect could allow a remote authenticated attacker to gain elevated privileges on the...
NAME__________Dell Common Event Enabler privilege escalationPlatforms Affected:Dell Common Event Enabler 8.9.8.2Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Dell Common Event Enabler could allow a...
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-21554Microsoft Message Queuing Remote Code Execution VulnerabilityCVE-2023-43261 No description provided CVE-2023-36845A PHP...
The LostTrust ransomware operation is believed to be a rebrand of MetaEncryptor, utilizing almost identical data leak sites and encryptors....
A flaw related to the PKCS #1 v1.5 padding in SSL servers discovered in 1998 and believed to have been...
10/1/23 update adds Amazon statement below. Amazon mistakenly sent out purchase confirmation emails for Hotels.com, Google Play, and Mastercard gift...
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoacronis -- cyber_protect_home_officeSensitive information disclosure due to insecure folder permissions. The following...
OSDP attack tool (and the Elvish word for friend) Attack #1: Encryption is Optional OSDP supports, but doesn't strictly require,...
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
NAME__________Discourse Encrypt cross-site scriptingPlatforms Affected:Discourse EncryptRisk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Discourse Encrypt is vulnerable to cross-site scripting, caused by improper validation of...
NAME__________OpenFGA denial of servicePlatforms Affected:OpenFGA OpenFGA 1.3.1Risk Level:5.9Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________OpenFGA is vulnerable to a denial of service, caused by...
NAME__________Chai.js Assertion Library get-func-name denial of servicePlatforms Affected:Chai.js Assertion Library get-func-name 2.0.0Risk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________Chai.js Assertion Library...
