CISA: Atlassian Releases Security Updates
Atlassian Releases Security Updates Atlassian has released its Security Bulletin for July 2023(link is external) to address vulnerabilities in Confluence Data...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on July 20, 2023. This...
CISA: CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519
CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519 The Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity...
US-CERT Vulnerability Summary for the Week of July 10, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoelra -- parkmatikImproper Neutralization of Special Elements used in an SQL Command...
Play Ransomware Victim: Samson Electric
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: Samson Electric
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
SolarWinds Database Performance Analyzer cross-site scripting | CVE-2023-33231
NAME__________SolarWinds Database Performance Analyzer cross-site scriptingPlatforms Affected:SolarWinds Database Performance Analyzer 2023.2Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________SolarWinds Database Performance Analyzer is vulnerable to...
Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecified | CVE-2023-22036
NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecifiedPlatforms Affected:Oracle GraalVM for JDK 17.0.7 Oracle GraalVM for...
Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecified | CVE-2023-22044
NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecifiedPlatforms Affected:Oracle GraalVM for JDK 17.0.7 Oracle GraalVM for...
Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecified | CVE-2023-22049
NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecifiedPlatforms Affected:Oracle GraalVM for JDK 17.0.7 Oracle GraalVM for...
Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecified | CVE-2023-22041
NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecifiedPlatforms Affected:Oracle GraalVM for JDK 17.0.7 Oracle GraalVM for...
Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecified | CVE-2023-22006
NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecifiedPlatforms Affected:Oracle GraalVM for JDK 17.0.7 Oracle GraalVM for...
PaulPrinting CMS cross-site scripting |
NAME__________PaulPrinting CMS cross-site scriptingPlatforms Affected:CodeCanyon PaulPrinting CMSRisk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________PaulPrinting CMS is vulnerable to multiple cross-site scripting, caused by improper...
Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecified | CVE-2023-22045
NAME__________Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK unspecifiedPlatforms Affected:Oracle GraalVM for JDK 17.0.7 Oracle GraalVM for...
IBM Cognos Analytics cross-site scripting | CVE-2023-28530
NAME__________IBM Cognos Analytics cross-site scriptingPlatforms Affected:IBM Cognos Analytics 11.1 IBM Cognos Analytics 11.2Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________IBM Cognos Analytics 11.1 and...
PaulPrinting CMS /account/delivery cross-site scripting |
NAME__________PaulPrinting CMS /account/delivery cross-site scriptingPlatforms Affected:CodePaul PaulPrinting CMSRisk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________PaulPrinting CMS is vulnerable to cross-site scripting, caused by improper...
Mozilla Thunderbird spoofing | CVE-2023-3417
NAME__________Mozilla Thunderbird spoofingPlatforms Affected:Mozilla Thunderbird 115.0Risk Level:5.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Mozilla Thunderbird could allow a remote attacker to conduct spoofing attacks. By...
IBM Cognos Analytics cross-site scripting | CVE-2023-25929
NAME__________IBM Cognos Analytics cross-site scriptingPlatforms Affected:IBM Cognos Analytics 11.1 IBM Cognos Analytics 11.2Risk Level:4.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________IBM Cognos Analytics 11.1 and...
GMOD GBrowse file upload | CVE-2023-32637
NAME__________GMOD GBrowse file uploadPlatforms Affected:GMOD GBrowse 1.70 GMOD GBrowse 2.55Risk Level:5.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________GMOD GBrowse could allow a remote attacker to...
Micro Focus products information disclosure | CVE-2023-32265
NAME__________Micro Focus products information disclosurePlatforms Affected:Micro Focus Enterprise Server 6.0 Micro Focus Enterprise Test Server 6.0 Micro Focus Enterprise Developer...
Daily Vulnerability Trends: Sat Jul 22 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-20323A POST based reflected Cross Site Scripting vulnerability on has been identified...
Clop gang to earn over $75 million from MOVEit extortion attacks
The Clop ransomware gang is expected to earn between $75-100 million from extorting victims of their massive MOVEit data theft...
