HackerOne Bug Bounty Disclosure: [hta2]-xxe-on-https://-via-spellcheck-endpoint-bycdl
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by cdl cdl Report XXE on https:// via SpellCheck...
HackerOne Bug Bounty Disclosure: sensitive-data-exposure-via-wp-config-php-fileby0r10nh4ck
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by 0r10nh4ck 0r10nh4ck Report Sensitive Data Exposure via wp-config.php...
HackerOne Bug Bounty Disclosure: ldap-server-null-bind-connection-information-disclosureby0xmaruf
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by 0xmaruf 0xmaruf Report LDAP Server NULL Bind Connection...
HackerOne Bug Bounty Disclosure: [hta3]-remote-code-execution-onbycdl
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by cdl cdl Report Remote Code Execution on Full...
HackerOne Bug Bounty Disclosure: csrf-to-delete-accounts-[htus]bynightm4re
Programme HackerOne U.S. Dept Of Defense U.S. Dept Of Defense Submitted by nightm4re nightm4re Report CSRF to delete accounts Full...
Industrial Cellular Routers at Risk: 11 New Vulnerabilities Expose OT Networks
Several security vulnerabilities have been disclosed in cloud management platforms associated with three industrial cellular router vendors that could expose...
New Ransomware Gang RA Group Hits U.S. and South Korean Organizations
A new ransomware group known as RA Group has become the latest threat actor to leverage the leaked Babuk ransomware...
Researchers Uncover Powerful Backdoor and Custom Implant in Year-Long Cyber Campaign
Government, aviation, education, and telecom sectors located in South and Southeast Asia have come under the radar of a new...
New ‘MichaelKors’ Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems
A new ransomware-as-service (RaaS) operation called MichaelKors has become the latest file-encrypting malware to target Linux and VMware ESXi systems...
Why High Tech Companies Struggle with SaaS Security
It's easy to think high-tech companies have a security advantage over other older, more mature industries. Most are unburdened by...
LockBit 3.0 Ransomware Victim: troteclaser[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: tool-temp[.]net
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: mundo-r[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: pikenursery[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: euskaltel[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Webroot SecureAnywhere Endpoint Protection CE security bypass | CVE-2023-29818
NAME__________Webroot SecureAnywhere Endpoint Protection CE security bypassPlatforms Affected:Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39Risk Level:4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Webroot SecureAnywhere Endpoint Protection...
Webroot SecureAnywhere Endpoint Protection CE information disclosure | CVE-2023-29820
NAME__________Webroot SecureAnywhere Endpoint Protection CE information disclosurePlatforms Affected:Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39Risk Level:4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Webroot SecureAnywhere Endpoint Protection...
Webroot SecureAnywhere Endpoint Protection CE security bypass | CVE-2023-29819
NAME__________Webroot SecureAnywhere Endpoint Protection CE security bypassPlatforms Affected:Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39Risk Level:4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Webroot SecureAnywhere Endpoint Protection...
GL.iNet devices information disclosure | CVE-2023-31473
NAME__________GL.iNet devices information disclosurePlatforms Affected:GL.iNet GL.iNet devices 3.215Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________GL.iNet devices could allow a remote attacker to obtain sensitive...
OpenStack Cinder, Glance_store, Nova and Os-brick information disclosure | CVE-2023-2088
NAME__________OpenStack Cinder, Glance_store, Nova and Os-brick information disclosurePlatforms Affected:OpenStack Nova 26.0.0 OpenStack Nova 27.0.0 OpenStack Cinder 21.0.0 OpenStack Cinder 22.0.0...
WordPress Project Management Plugin for WordPress cross-site scripting | CVE-2023-23810
NAME__________WordPress Project Management Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress WordPress Project Management Plugin for WordPress 1.5Risk Level:5.9Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________WordPress Project...
Vyper denial of service | CVE-2023-32058
NAME__________Vyper denial of servicePlatforms Affected:Vyper Vyper 0.3.7Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Vyper is vulnerable to a denial of service, caused by...
Vyper security bypass | CVE-2023-32059
NAME__________Vyper security bypassPlatforms Affected:Vyper Vyper 0.3.7Risk Level:7.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Vyper could allow a remote attacker to bypass security restrictions, caused by...
Vyperlang Vyper denial of service | CVE-2023-31146
NAME__________Vyperlang Vyper denial of servicePlatforms Affected:Vyper Vyper 0.3.7Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Vyperlang Vyper is vulnerable to a denial of service,...
