CISA: Cisco Releases Security Update for SD-WAN vManage API
Cisco Releases Security Update for SD-WAN vManage API Cisco has released a security update to address a critical vulnerability affecting...
US-CERT Vulnerability Summary for the Week of July 3, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infosem-cms -- semcmsFile Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers...
Akira Ransomware Victim: 4LEAF, Inc
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
LockBit 3.0 Ransomware Victim: eyedoc[.]com[.]na
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
SAP S/4HANA security bypass | CVE-2023-35870
NAME__________SAP S/4HANA security bypassPlatforms Affected:SAP S/4HANA 104 SAP S/4HANA 105 SAP S/4HANA 106 SAP S/4HANA 107Risk Level:6.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________SAP S/4HANA...
WP Mail Log plugin for WordPress cross-site scripting | CVE-2023-3088
NAME__________WP Mail Log plugin for WordPress cross-site scriptingPlatforms Affected:WPVibes WP Mail Log plugin for WordPress 1.1.1Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________WP Mail...
Google Android privilege escalation | CVE-2023-21256
NAME__________Google Android privilege escalationPlatforms Affected:Google AndroidRisk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Google Android could allow a local attacker to gain elevated privileges on...
Google Android privilege escalation | CVE-2023-21400
NAME__________Google Android privilege escalationPlatforms Affected:Google AndroidRisk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Google Android could allow a local authenticated attacker to gain elevated privileges...
Google Android denial of service | CVE-2023-21240
NAME__________Google Android denial of servicePlatforms Affected:Google AndroidRisk Level:6.2Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Google Android is vulnerable to a denial of service, caused...
Wireshark denial of service | CVE-2023-3649
NAME__________Wireshark denial of servicePlatforms Affected:Wireshark Wireshark 4.0.6 Wireshark Wireshark 3.6.14Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Wireshark is vulnerable to a denial of...
Wireshark denial of service | CVE-2023-3648
NAME__________Wireshark denial of servicePlatforms Affected:Wireshark Wireshark 4.0.6 Wireshark Wireshark 3.6.14Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Wireshark is vulnerable to a denial of...
Google Android information disclosure | CVE-2023-21261
NAME__________Google Android information disclosurePlatforms Affected:Google AndroidRisk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Google Android could allow a remote attacker to obtain sensitive information, caused...
YaySMTP plugin for WordPress cross-site scripting | CVE-2023-3093
NAME__________YaySMTP plugin for WordPress cross-site scriptingPlatforms Affected:YayCommerce YaySMTP plugin for WordPress 2.4.5Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________YaySMTP plugin for WordPress is vulnerable...
WP Mail Catcher plugin for WordPress cross-site scripting | CVE-2023-3080
NAME__________WP Mail Catcher plugin for WordPress cross-site scriptingPlatforms Affected:James Ward WP Mail Catcher plugin for WordPress 2.1.2Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________WP...
GZ Scripts Vacation Rental Website cross-site scripting | CVE-2023-3642
NAME__________GZ Scripts Vacation Rental Website cross-site scriptingPlatforms Affected:GZ Scripts Vacation Rental Website 1.8Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________GZ Scripts Vacation Rental Website...
Sourcecodester Service Provider Management System SQL injection | CVE-2023-3644
NAME__________Sourcecodester Service Provider Management System SQL injectionPlatforms Affected:Sourcecodester Service Provider Management System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Sourcecodester Service Provider Management System...
khodakhah NodCMS cross-site scripting | CVE-2023-3641
NAME__________khodakhah NodCMS cross-site scriptingPlatforms Affected:khodakhah NodCMS 3.4.1Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________khodakhah NodCMS is vulnerable to cross-site scripting, caused by improper validation...
Google Android denial of service | CVE-2023-21243
NAME__________Google Android denial of servicePlatforms Affected:Google AndroidRisk Level:5.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Google Android is vulnerable to a denial of service, caused...
POST SMTP Mailer plugin for WordPress cross-site scripting | CVE-2023-3082
NAME__________POST SMTP Mailer plugin for WordPress cross-site scriptingPlatforms Affected:Post SMTP POST SMTP Mailer plugin for WordPress 2.5.7Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________POST...
Multiple BD Alaris system products cross-site scripting | CVE-2023-30564
NAME__________Multiple BD Alaris system products cross-site scriptingPlatforms Affected:BD Alaris Point-of-Care Unit (PCU) Model 8015 12.1.3 BD Alaris Guardrails Editor 12.1.2...
Kofax Power PDF code execution | CVE-2023-37337
NAME__________Kofax Power PDF code executionPlatforms Affected:Kofax Power PDF 4.1Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Kofax Power PDF could allow a remote attacker to...
Palo Alto Networks PAN-OS information disclosure | CVE-2023-38046
NAME__________Palo Alto Networks PAN-OS information disclosurePlatforms Affected:Palo Alto Networks PAN-OS 10.2 Palo Alto Networks PAN-OS 11.0Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Palo Alto...
WP Mail Logging plugin for WordPress cross-site scripting | CVE-2023-3081
NAME__________WP Mail Logging plugin for WordPress cross-site scriptingPlatforms Affected:WP Mail Logging Team WP Mail Logging Team WP Mail Logging plugin...
Multiple BD Alaris system products information disclosure | CVE-2023-30565
NAME__________Multiple BD Alaris system products information disclosurePlatforms Affected:BD Alaris Point-of-Care Unit (PCU) Model 8015 12.1.3 BD Alaris Guardrails Editor 12.1.2...
