RedPacket Security - InfoSec News & Tutorials

CISA: Apple Releases Security Updates for Multiple Products

July 27, 2023

Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities in multiple products. An attacker...

CISA: CISA Releases Analysis of FY22 Risk and Vulnerability Assessments

July 27, 2023

CISA Releases Analysis of FY22 Risk and Vulnerability Assessments CISA has released an analysis and infographic detailing the findings from...

CISA: CISA Releases Four Industrial Control Systems Advisories

July 27, 2023

CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on July 25, 2023. These...

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

July 27, 2023

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...

BreachForums – 212,156 breached accounts

July 27, 2023

HIBP In November 2022, the well-known hacking forum "BreachForums" was itself, breached. Later the following year, the operator of the...

US-CERT Vulnerability Summary for the Week of July 17, 2023

July 26, 2023

High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infooliva_expertise -- oliva_expertise_eks Improper Neutralization of Special Elements used in an SQL...

HackerOne Bug Bounty Disclosure: b-csrf-in-seller-us-tiktok-com-profile-account-setting-delegation-login-b-eye

July 26, 2023

Company Name: b'TikTok' Company HackerOne URL: https://hackerone.com/tiktok Submitted By:b'eye_'Link to Submitters Profile:https://hackerone.com/b'eye_' Report Title:b'CSRF in seller-us.tiktok.com/profile/account-setting/delegation-login 'Report Link:https://hackerone.com/reports/2002352Date Submitted:26 July...

CISA: CISA Releases Analysis of FY22 Risk and Vulnerability Assessments

July 26, 2023

CISA Releases Analysis of FY22 Risk and Vulnerability Assessments CISA has released an analysis and infographic detailing the findings from...

Akira Ransomware Victim: Becht Engineering

July 26, 2023

NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...

LockBit 3.0 Ransomware Victim: selmi[.]com[.]br

July 26, 2023

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

GNOME librsvg directory traversal | CVE-2023-38633

July 26, 2023

NAME__________GNOME librsvg directory traversalPlatforms Affected:GNOME librsvg 2.56.2Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________GNOME librsvg could allow a remote attacker to traverse directories on...

Weaver e-cology SQL injection | CVE-2023-3793

July 26, 2023

NAME__________Weaver e-cology SQL injectionPlatforms Affected:Weaver e-cology 10.57Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Weaver e-cology is vulnerable to SQL injection. A remote attacker could...

Indico cross-site scripting | CVE-2023-37901

July 26, 2023

NAME__________Indico cross-site scriptingPlatforms Affected:Indico Indico 3.2.5Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Indico is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

EyouCMS information disclosure | CVE-2023-37645

July 26, 2023

NAME__________EyouCMS information disclosurePlatforms Affected:EyouCMS EyouCMS 1.6.3Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________EyouCMS could allow a remote attacker to obtain sensitive information, caused by...

MobiSystems Office Suite cross-site scripting | CVE-2023-38617

July 26, 2023

NAME__________MobiSystems Office Suite cross-site scriptingPlatforms Affected:MobiSystems Office Suite Premium 10.9.1.42602Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________MobiSystems Office Suite is vulnerable to cross-site scripting,...

IceWarp Icearp cross-site scripting | CVE-2023-37728

July 26, 2023

NAME__________IceWarp Icearp cross-site scriptingPlatforms Affected:IceWarp Icearp 10.2.1Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________IceWarp Icearp is vulnerable to cross-site scripting, caused by improper validation...

Bug Finder ChainCity Real Estate Investment Platform SQL injection | CVE-2023-3795

July 26, 2023

NAME__________Bug Finder ChainCity Real Estate Investment Platform SQL injectionPlatforms Affected:Bug Finder ChainCity Real Estate Investment Platform 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Bug...

OpenDDS denial of service | CVE-2023-37915

July 26, 2023

NAME__________OpenDDS denial of servicePlatforms Affected:OpenDDS OpenDDS 3.23.1Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________OpenDDS is vulnerable to a denial of service, caused by...

Dapr information disclosure | CVE-2023-37918

July 26, 2023

NAME__________Dapr information disclosurePlatforms Affected:Dapr Dapr 1.10.8 Dapr Dapr 1.11.1Risk Level:6.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Dapr could allow a remote authenticated attacker to obtain...

Bug Finder Wedding Wonders cross-site scripting | CVE-2023-3832

July 26, 2023

NAME__________Bug Finder Wedding Wonders cross-site scriptingPlatforms Affected:Bug Finder Wedding Wonders 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Bug Finder Wedding Wonders is vulnerable to...

Bug Finder ChainCity Real Estate Investment Platform SQL injection | CVE-2023-3794

July 26, 2023

1Panel-dev KubePi information disclosure | CVE-2023-37916

July 26, 2023

NAME__________1Panel-dev KubePi information disclosurePlatforms Affected:1Panel-dev KubePi 1.6.4Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________1Panel-dev KubePi could allow a remote authenticated attacker to obtain sensitive...

NxFilter cross-site scripting | CVE-2023-3840

July 26, 2023

NAME__________NxFilter cross-site scriptingPlatforms Affected:NxFilter NxFilter 4.3.2.5Risk Level:6.1Exploitability:HighConsequences:Gain Access DESCRIPTION__________NxFilter is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

Bug Finder MineStack cross-site scripting | CVE-2023-3835

July 26, 2023

NAME__________Bug Finder MineStack cross-site scriptingPlatforms Affected:Bug Finder MineStack 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Bug Finder MineStack is vulnerable to cross-site scripting, caused...

Main Story

Editor’s Picks

Trending Story

Featured Story

You may have missed