US-CERT Vulnerability Summary for the Week of March 27, 2023
High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info grinnellplans -- grinnellplans A vulnerability...
Reportly – An AzureAD User Activity Report Tool
Reportly is an AzureAD user activity report tool. About the tool This is a tool that will help blue teams...
Daily Threat Intelligence – April 10 – 2023
Apple, as the maker of one of the most widely used devices, is also one of the most targeted brands....
HackerOne Bug Bounty Disclosure: full-passcode-bypass-on-nextcloud-app-iosbyctulhu
Programme HackerOne Nextcloud Nextcloud Submitted by ctulhu ctulhu Report Full Passcode bypass on Nextcloud App iOS Full Report A...
HackerOne Bug Bounty Disclosure: ability-to-control-the-filename-when-uploading-a-logo-or-favicon-on-themingbyctulhu
Programme HackerOne Nextcloud Nextcloud Submitted by ctulhu ctulhu Report Ability to control the filename when uploading a logo or favicon...
HackerOne Bug Bounty Disclosure: website-php-source-code-returned-in-javascriptbymdfarhanchowdhuryhasin
Programme HackerOne Nextcloud Nextcloud Submitted by mdfarhanchowdhuryhasin mdfarhanchowdhuryhasin Report Website PHP source code returned in javascript Full Report A...
HackerOne Bug Bounty Disclosure: session-mismatch-leading-to-potential-account-takeover-(local-access-required)byostracize
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by ostracize ostracize Report Session mismatch leading to potential...
Hackers Flood NPM with Bogus Packages Causing a DoS Attack
Threat actors are flooding the npm open source package repository with bogus packages that briefly even resulted in a denial-of-service...
Estonian National Charged in U.S. for Acquiring Electronics and Metasploit Pro for Russian Military
An Estonian national has been charged in the U.S. for purchasing U.S.-made electronics on behalf of the Russian government and...
Top 10 Cybersecurity Trends for 2023: From Zero Trust to Cyber Insurance
As technology advances, cyberattacks are becoming more sophisticated. With the increasing use of technology in our daily lives, cybercrime is...
Over 1 Million WordPress Sites Infected by Balada Injector Malware Campaign
Over one million WordPress websites are estimated to have been infected by an ongoing campaign to deploy malware called Balada...
Protecting your business with Wazuh: The open source security platform
Today, businesses face a variety of security challenges like cyber attacks, compliance requirements, and endpoint security administration. The threat landscape...
LockBit 3.0 Ransomware Victim: aek[.]mk
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scripting | CVE-2023-20151
NAME__________Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scriptingPlatforms Affected:Cisco Small Business RV042 Dual WAN VPN...
NetComm NF20MESH, NF20, and NL1902 routers security bypass | CVE-2022-4874
NAME__________NetComm NF20MESH, NF20, and NL1902 routers security bypassPlatforms Affected:NetComm NF20MESH NetComm NF20 NetComm NL1902Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NetComm NF20MESH, NF20, and...
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scripting | CVE-2023-20140
NAME__________Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scriptingPlatforms Affected:Cisco Small Business RV042 Dual WAN VPN...
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scripting | CVE-2023-20145
NAME__________Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scriptingPlatforms Affected:Cisco Small Business RV042 Dual WAN VPN...
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scripting | CVE-2023-20147
NAME__________Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scriptingPlatforms Affected:Cisco Small Business RV042 Dual WAN VPN...
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scripting | CVE-2023-20146
NAME__________Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scriptingPlatforms Affected:Cisco Small Business RV042 Dual WAN VPN...
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scripting | CVE-2023-20138
NAME__________Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scriptingPlatforms Affected:Cisco Small Business RV042 Dual WAN VPN...
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scripting | CVE-2023-20143
NAME__________Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scriptingPlatforms Affected:Cisco Small Business RV042 Dual WAN VPN...
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scripting | CVE-2023-20148
NAME__________Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scriptingPlatforms Affected:Cisco Small Business RV042 Dual WAN VPN...
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scripting | CVE-2023-20137
NAME__________Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scriptingPlatforms Affected:Cisco Small Business RV042 Dual WAN VPN...
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scripting | CVE-2023-20142
NAME__________Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scriptingPlatforms Affected:Cisco Small Business RV042 Dual WAN VPN...
