NAME__________Office Hours module for Drupal cross-site scriptingPlatforms Affected:Drupal Office Hours module for Drupal 8.x-1.5Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Office Hours module for...
NAME__________Jenkins AWS CodeCommit Trigger Plugin information disclosurePlatforms Affected:Jenkins AWS CodeCommit Trigger Plugin 3.0.12Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins AWS CodeCommit Trigger Plugin...
NAME__________Jenkins Team Concert Plugin information disclosurePlatforms Affected:Jenkins Team Concert Plugin 2.4.1Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Team Concert could allow a remote...
NAME__________Contiki-NG buffer overflowPlatforms Affected:Contiki-NG Contiki-NG 4.8Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Contiki-NG is vulnerable to a stack-based buffer overflow, caused by improper bounds...
NAME__________SUBNET PowerSYSTEM Center cross-site scriptingPlatforms Affected:SUBNET PowerSYSTEM CenterRisk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SUBNET PowerSYSTEM Center is vulnerable to cross-site scripting, caused by...
NAME__________SUBNET PowerSYSTEM Center denial of servicePlatforms Affected:SUBNET PowerSYSTEM CenterRisk Level:6.1Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________SUBNET PowerSYSTEM Center is vulnerable to a denial...
NAME__________Parity Technologies ink! security bypassPlatforms Affected:Parity Technologies ink! 4.2.0Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Parity Technologies ink! could allow a remote attacker to...
NAME__________Jenkins Dimensions Plugin information disclosurePlatforms Affected:Jenkins Dimensions Plugin 0.9.3Risk Level:4.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Dimensions Plugin could allow a remote authenticated attacker...
NAME__________Palo Alto Networks GlobalProtect App for Windows privilege escalationPlatforms Affected:Palo Alto Networks GlobalProtect app for Windows 5.2 Palo Alto Networks...
NAME__________X.Org libX11 denial of servicePlatforms Affected:X.Org libX11 1.8.5Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________X.Org libX11 is vulnerable to a denial of service,...
NAME__________Grav cross-site scriptingPlatforms Affected:Grav Grav 1.7.42Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Grav is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
NAME__________Jenkins Checkmarx Plugin man-in-the-middlePlatforms Affected:Jenkins Checkmarx Plugin 2022.4.3Risk Level:5.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Checkmarx Plugin is vulnerable to a man-in-the-middle attack, caused...
NAME__________Palo Alto Networks PAN-OS cross-site scriptingPlatforms Affected:Palo Alto Networks PAN-OS 8.1 Palo Alto Networks PAN-OS 9.1.0 Palo Alto Networks PAN-OS...
NAME__________Tang information disclosurePlatforms Affected:Tang Tang 13 Tang Tang 12 Tang Tang 11Risk Level:5.3Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________Tang could allow a...
RansomHouse Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
The Russian state-sponsored hacking group Gamaredon (aka Armageddon or Shuckworm) continues to target critical organizations in Ukraine's military and security intelligence...
A suspected pro-China hacker group tracked by Mandiant as UNC4841 has been linked to data-theft attacks on Barracuda ESG (Email...
While traditional penetration testing (pen testing) has long been the go-to method for identifying security gaps in a organization’s network and...
The Clop ransomware gang has started extorting companies impacted by the MOVEit data theft attacks, first listing the company's names on...
Threat actors behind a recently surfaced ransomware operation known as Rhysida have leaked online what they claim to be documents...
Russian national Ruslan Magomedovich Astamirov was arrested in Arizona and charged by the U.S. Justice Department for allegedly deploying LockBit...
A new Android malware campaign spreading the latest version of GravityRAT has been underway since August 2022, infecting mobile devices...
Progress warned MOVEit Transfer customers to restrict all HTTP access to their environments after info on a new SQL injection (SQLi)...
Progress Software on Thursday disclosed a third vulnerability impacting its MOVEit Transfer application, as the Cl0p cybercrime gang deployed extortion...
