RedPacket Security - InfoSec News & Tutorials

Razer Synapse privilege escalation | CVE-2022-47631

September 19, 2023

NAME__________Razer Synapse privilege escalationPlatforms Affected:Razer Synapse 3.8.0228.022313Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Razer Synapse could allow a local authenticated attacker to gain elevated...

Strapi information disclosure | CVE-2023-37263

September 19, 2023

NAME__________Strapi information disclosurePlatforms Affected:Strapi Strapi 4.12.0Risk Level:6.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Strapi could allow a remote authenticated attacker to obtain sensitive information, caused...

China Unicom TEWA-800G information disclosure | CVE-2023-5028

September 19, 2023

NAME__________China Unicom TEWA-800G information disclosurePlatforms Affected:China Unicom TEWA-800G 4.16L.04_CT2015_YuemeRisk Level:2.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________China Unicom TEWA-800G could allow a physically proximate attacker...

NLnet Labs bcder library denial of service | CVE-2023-39914

September 19, 2023

NAME__________NLnet Labs bcder library denial of servicePlatforms Affected:NLnet Labs bcder library 0.7.2Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________NLnet Labs bcder library is...

NLnet Labs Routinator denial of service | CVE-2023-39915

September 19, 2023

NAME__________NLnet Labs Routinator denial of servicePlatforms Affected:NLnet Labs Routinator 0.12.1Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________NLnet Labs Routinator is vulnerable to a...

Dell PowerEdge BIOS and Dell Precision BIOS privilege escalation | CVE-2023-32461

September 19, 2023

NAME__________Dell PowerEdge BIOS and Dell Precision BIOS privilege escalationPlatforms Affected:Dell BIOSRisk Level:5Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Dell PowerEdge BIOS and Dell Precision BIOS...

WooCommerce CVR Payment Gateway Plugin for WordPress security bypass | CVE-2023-4948

September 19, 2023

NAME__________WooCommerce CVR Payment Gateway Plugin for WordPress security bypassPlatforms Affected:WordPress WooCommerce CVR Payment Gateway Plugin for WordPress 6.1.0Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security...

Webmin cross-site scripting | CVE-2023-40984

September 19, 2023

NAME__________Webmin cross-site scriptingPlatforms Affected:Webmin Webmin 2.100Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Webmin is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

Lenosp SQL Injection | CVE-2023-42178

September 19, 2023

NAME__________Lenosp SQL InjectionPlatforms Affected:lenosp lenosp 1.0-1.2.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Lenosp is vulnerable to SQL injection. A remote attacker could send specially...

Strapi brute force | CVE-2023-38507

September 19, 2023

NAME__________Strapi brute forcePlatforms Affected:Strapi Strapi 4.12.0Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Strapi is vulnerable to a brute force attack, caused by improper rate...

Engineering & Lifecycle Management SQL injection | CVE-2023-40957

September 19, 2023

NAME__________Engineering & Lifecycle Management SQL injectionPlatforms Affected:Odoo Apps Engineering & Lifecycle Management 16.0Risk Level:6.5Exploitability:HighConsequences:Gain Access DESCRIPTION__________Engineering & Lifecycle Management is...

strapi information disclosure | CVE-2023-36472

September 19, 2023

NAME__________strapi information disclosurePlatforms Affected:Strapi Strapi 4.11.6Risk Level:5.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________strapi could allow a remote authenticated attacker to obtain sensitive information, caused...

Fortinet FortiAP-W2, FortiAP-C, FortiAP, and FortiAP-U information disclosure | CVE-2023-25608

September 19, 2023

NAME__________Fortinet FortiAP-W2, FortiAP-C, FortiAP, and FortiAP-U information disclosurePlatforms Affected:Fortinet FortiAP-C 5.4.0 Fortinet FortiAP-U 6.2.0 Fortinet FortiAP 7.2.0 Fortinet FortiAP-W2 7.2.0...

Webmin cross-site scripting | CVE-2023-40986

September 19, 2023

Siemens SIMATIC PCS neo (Administration Console) information disclosure | CVE-2023-38558

September 19, 2023

NAME__________Siemens SIMATIC PCS neo (Administration Console) information disclosurePlatforms Affected:Siemens SIMATIC PCS neo (Administration Console) 4.0 Siemens SIMATIC PCS neo (Administration...

Lenosp file upload | CVE-2023-42180

September 19, 2023

NAME__________Lenosp file uploadPlatforms Affected:lenosp lenosp 1.0-1.2.0Risk Level:5.3Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________Lenosp could allow a remote attacker to upload arbitrary files, caused by...

WS Facebook Like Box Widget plugin for WordPress cross-site scripting | CVE-2023-4963

September 19, 2023

NAME__________WS Facebook Like Box Widget plugin for WordPress cross-site scriptingPlatforms Affected:WordPress WS Facebook Like Box Widget plugin for WordPress 5.0...

Webmin cross-site scripting | CVE-2023-40985

September 19, 2023

Engineering & Lifecycle Management SQL injection | CVE-2023-40955

September 19, 2023

NAME__________Engineering & Lifecycle Management SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Gain Access DESCRIPTION__________Engineering & Lifecycle Management is vulnerable to SQL injection. A remote...

Microsoft Edge (Chromium-based) spoofing | CVE-2023-36727

September 19, 2023

NAME__________Microsoft Edge (Chromium-based) spoofingPlatforms Affected:Microsoft Edge (Chromium-based) 117.0Risk Level:6.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Microsoft Edge (Chromium-based) could allow a remote attacker to conduct...

OPSWAT MetaDefender KIOSK privilege escalation | CVE-2023-36659

September 19, 2023

NAME__________OPSWAT MetaDefender KIOSK privilege escalationPlatforms Affected:OPSWAT MetaDefender KIOSK 4.6.1.9996Risk Level:6.2Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________OPSWAT MetaDefender KIOSK could allow a physically proximate attacker...

Main Story

Editor’s Picks

Trending Story

Featured Story

You may have missed