Company Name: b'Internet Bug Bounty' Company HackerOne URL: https://hackerone.com/ibb Submitted By:b'leixiao'Link to Submitters Profile:https://hackerone.com/b'leixiao' Report Title:b'CVE-2023-40273: Session fixation in Apache...
A new large-scale smishing campaign is targeting the U.S. by sending iMessages from compromised Apple iCloud accounts with an aim...
Malicious actors associated with the Vietnamese cybercrime ecosystem are leveraging advertising-as-a-vector on social media platforms such as Meta-owned Facebook to...
There's been a great deal of AI hype recently, but that doesn't mean the robots are here to replace us....
X, the social media site formerly known as Twitter, has updated its privacy policy to collect users' biometric data to...
An unknown threat actor has been observed weaponizing high-severity security flaws in the MinIO high-performance object storage system to achieve...
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
NAME__________Cloudflare WARP Mobile Client security bypassPlatforms Affected:Cloudflare WARP mobile client (Android) 6.28Risk Level:3.9Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Cloudflare WARP Mobile Client could allow...
NAME__________Acronis Agent information disclosurePlatforms Affected:Risk Level:4.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Acronis Agent could allow a local authenticated attacker to obtain sensitive information, caused...
NAME__________All Users Messenger Plugin for WordPress security bypassPlatforms Affected:WordPress All Users Messenger Plugin for WordPress 1.24Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________All Users...
NAME__________Cloudflare WARP Mobile Client spoofingPlatforms Affected:Cloudflare WARP mobile client (Android) 6.28Risk Level:3.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Cloudflare WARP Mobile Client could allow a...
NAME__________PostX - Gutenberg Post Grid Blocks Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress PostX - Gutenberg Post Grid Blocks Plugin for...
NAME__________Acronis Cyber Protect Home Office privilege escalationPlatforms Affected:Acronis Cyber Protect Home Office (Windows)Risk Level:7.3Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Acronis Cyber Protect Home Office...
NAME__________Acronis Cyber Protect Home Office privilege escalationPlatforms Affected:Acronis Cyber Protect Home Office (Windows)Risk Level:7.5Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Acronis Cyber Protect Home Office...
NAME__________Waiting: One-click countdowns Plugin for cross-site request forgery,Platforms Affected:WordPress One-click countdowns Plugin for WordPress 0.6.2Risk Level:6.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Waiting: One-click countdowns...
NAME__________GDPR Cookie Compliance Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress GDPR Cookie Compliance Plugin for WordPress 4.12.4Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________GDPR...
NAME__________One-click countdowns Plugin for WordPress security bypassPlatforms Affected:WordPress One-click countdowns Plugin for WordPress 0.6.2Risk Level:6.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________One-click countdowns Plugin for...
Cybersecurity researchers have called attention to a new antivirus evasion technique that involves embedding a malicious Microsoft Word file into...
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Supermarket chain Lidl has been recalling four types of PAW Patrol-themed snacks across the UK. Except, the reason for the...
The University of Sydney (USYD) announced that a breach at a third-party service provider exposed personal information of recently applied...
Proof-of-concept (PoC) exploit code has been made available for a recently disclosed and patched critical flaw impacting VMware Aria Operations...
