CACTUS Ransomware Victim: www[.]hurleygroup[.]net
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Weekly Cyber Security Tip: Understanding Security Assessment and Testing
This week's cybersecurity tip revolves around the crucial topic of security assessment and testing. This is a fundamental aspect of...
Bounty offered for secret NSA seeds behind NIST elliptic curves algo
A bounty of $12,288 has been announced for the first person to crack the NIST elliptic curves seeds and discover...
US-CERT Vulnerability Summary for the Week of September 25, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoaccusoft -- imagegearAn out-of-bounds write vulnerability exists in the tiff_planar_adobe functionality of...
S4UTomato – Escalate Service Account To LocalSystem Via Kerberos
Escalate Service Account To LocalSystem via Kerberos. Traditional Potatoes Friends familiar with the "Potato" series of privilege escalation should know...
HackerOne Bug Bounty Disclosure: b-previously-created-sessions-continue-being-valid-after-fa-activation-b-tanvir-x
Company Name: b'WordPress' Company HackerOne URL: https://hackerone.com/wordpress Submitted By:b'tanvir0x'Link to Submitters Profile:https://hackerone.com/b'tanvir0x' Report Title:b'Previously created sessions continue being valid after...
Akira Ransomware Victim: Healix
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
LockBit 3.0 Ransomware Victim: sogebank[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: suncoast-chc[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Milesight routers information disclosure | CVE-2023-43261
NAME__________Milesight routers information disclosurePlatforms Affected:Milesight UR32L 32.3.0.5 Milesight UR5X 35.3.0.6 Milesight UR32 35.3.0.6 Milesight UR35 35.3.0.6 Milesight UR41 35.3.0.6Risk Level:7.5Exploitability:Proof...
Personal Management System file upload | CVE-2023-43838
NAME__________Personal Management System file uploadPlatforms Affected:Volmarg Personal Management System 1.4.64Risk Level:5.3Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________Personal Management System could allow a remote attacker...
IBM Robotic Process Automation privilege escalation | CVE-2023-43058
NAME__________IBM Robotic Process Automation privilege escalationPlatforms Affected:IBM Robotic Process Automation 23.0.9Risk Level:5.3Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________IBM Robotic Process Automation 23.0.9 is vulnerable...
D-Link DIR-846 code execution | CVE-2023-43284
NAME__________D-Link DIR-846 code executionPlatforms Affected:D-Link DIR-846 100A53DBR-RetailRisk Level:6.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________D-Link DIR-846 could allow a remote authenticated attacker to...
Swifty Bar, sticky bar by WPGens plugin for WordPress cross-site scripting | CVE-2023-41737
NAME__________Swifty Bar, sticky bar by WPGens plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Swifty Bar sticky bar by WPGens Plugin for...
WideStand cross-site scripting | CVE-2023-4090
NAME__________WideStand cross-site scriptingPlatforms Affected:Acilia WideStand 5.3.5 Acilia WideStand 5.3.4Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________WideStand is vulnerable to cross-site scripting, caused by improper...
MuseScore buffer overflow | CVE-2023-44428
NAME__________MuseScore buffer overflowPlatforms Affected:MuseScore MuseScoreRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________MuseScore is vulnerable to a heap-based buffer overflow, caused by improper bounds checking...
Ministry of Health, Labour and Welfare FD Application XML external entity injection | CVE-2023-42132
NAME__________Ministry of Health, Labour and Welfare FD Application XML external entity injectionPlatforms Affected:Ministry of Health Labour and Welfare FD Application...
IBM Security Directory Suite information disclosure | CVE-2022-33160
NAME__________IBM Security Directory Suite information disclosurePlatforms Affected:IBM Security Directory Suite 8.0.1Risk Level:3.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM Security Directory Suite 8.0.1 uses weaker...
IBM Jazz Foundation information disclosure | CVE-2022-34355
NAME__________IBM Jazz Foundation information disclosurePlatforms Affected:IBM Engineering Lifecycle Management Base 7.0 IBM Engineering Lifecycle Management Base 7.0.1 IBM Engineering Lifecycle...
Milesight routers cross-site scripting | CVE-2023-43260
NAME__________Milesight routers cross-site scriptingPlatforms Affected:Milesight UR32L 32.3.0.5 Milesight UR5X 35.3.0.6 Milesight UR32 35.3.0.6 Milesight UR35 35.3.0.6 Milesight UR41 35.3.0.6Risk Level:6.1Exploitability:UnprovenConsequences:Cross-Site...
Dell EMC SmartFabric software packages command execution | CVE-2023-43069
NAME__________Dell EMC SmartFabric software packages command executionPlatforms Affected:Dell EMC SmartFabric Storage Software Debian package for ESXi or Linux KVM 1.4.0...
Pigcms file upload | CVE-2023-43269
NAME__________Pigcms file uploadPlatforms Affected:Pigcms Pigcms 7.0 Pigcms Pigcms 6.9Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Pigcms could allow a remote attacker to upload arbitrary...
Dell EMC SmartFabric software packages command execution | CVE-2023-43068
NAME__________Dell EMC SmartFabric software packages command executionPlatforms Affected:Dell EMC SmartFabric Storage Software Debian package for ESXi or Linux KVM 1.4.0...
Dell EMC SmartFabric software packages directory traversal | CVE-2023-43070
NAME__________Dell EMC SmartFabric software packages directory traversalPlatforms Affected:Dell EMC SmartFabric Storage Software Debian package for ESXi or Linux KVM 1.4.0...
