Security Incident Impacts CardioComm’s Operations
CardioComm Solutions, a Canadian medical provider of consumer heart monitoring and medical ECG software solutions, has disclosed a cybersecurity incident...
CISA: Atlassian Releases Security Updates
Atlassian Releases Security Updates Atlassian has released its Security Bulletin for July 2023(link is external) to address vulnerabilities in Confluence Data...
CISA: Ivanti Releases Security Updates for Endpoint Manager Mobile (EPMM) CVE-2023-35078
Ivanti Releases Security Updates for Endpoint Manager Mobile (EPMM) CVE-2023-35078 A vulnerability discovered in Ivanti Endpoint Manager Mobile (EPMM, previously...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on July 25, 2023. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities in multiple products. An attacker...
CISA: CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse
CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse The Australian Signals Directorate’s Australian Cyber...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
CISA: CISA Releases Analysis of FY22 Risk and Vulnerability Assessments
CISA Releases Analysis of FY22 Risk and Vulnerability Assessments CISA has released an analysis and infographic detailing the findings from...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on July 27, 2023. These...
US-CERT Vulnerability Summary for the Week of July 17, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infooliva_expertise -- oliva_expertise_eks Improper Neutralization of Special Elements used in an SQL...
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on July 27, 2023. These...
Posh C2 Detected – 3[.]70[.]143[.]123:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
LockBit 3.0 Ransomware Victim: scmh[.]org[.]tw
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Beauty Salon Management System cross-site scripting | CVE-2023-3886
NAME__________Beauty Salon Management System cross-site scriptingPlatforms Affected:CampCodes Beauty Salon Management System 1.0Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Beauty Salon Management System is vulnerable...
Certifi unspecified | CVE-2023-37920
NAME__________Certifi unspecifiedPlatforms Affected:Certifi Certifi 2023.05.07Risk Level:7.5Exploitability:UnprovenConsequences:Unknown DESCRIPTION__________An unspecified error with the removal of e-Tugra root certificate in Certifi has an...
copyparty cross-site scripting | CVE-2023-38501
NAME__________copyparty cross-site scriptingPlatforms Affected:copyparty copyparty 1.8.6Risk Level:6.3Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________copyparty is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
DataEase cross-site scripting | CVE-2023-37257
NAME__________DataEase cross-site scriptingPlatforms Affected:DataEase DataEase 1.18.6 DataEase DataEase 1.18.7 DataEase DataEase 1.18.8Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________DataEase is vulnerable to cross-site scripting,...
Apptainer security bypass | CVE-2023-38496
NAME__________Apptainer security bypassPlatforms Affected:Apptainer Apptainer 1.2.0-rc.2 Apptainer Apptainer 1.2.0Risk Level:6.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Apptainer could allow a remote attacker to bypass security...
Gallagher Command Centre Server security bypass | CVE-2023-22428
NAME__________Gallagher Command Centre Server security bypassPlatforms Affected:Gallagher Command Centre Server 8.50 Gallagher Command Centre Server 8.40 Gallagher Command Centre Server...
AMD Ryzen, Gen AMD EPYC Processors information disclosure | CVE-2023-20593
NAME__________AMD Ryzen, Gen AMD EPYC Processors information disclosurePlatforms Affected:AMD 2nd Generation EPYC AMD Ryzen 3000 series Desktop processors AMD Ryzen...
Gallagher Command Centre Server security bypass | CVE-2023-23568
NAME__________Gallagher Command Centre Server security bypassPlatforms Affected:Gallagher Command Centre Server 8.50 Gallagher Command Centre Server 8.40 Gallagher Command Centre Server...
Nokia NetAct cross-site scripting | CVE-2022-28867
NAME__________Nokia NetAct cross-site scriptingPlatforms Affected:Nokia NetAct 22.0.0.62Risk Level:5.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Nokia NetAct is vulnerable to cross-site scripting, caused by improper validation...
