Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware
Microsoft has confirmed that the active exploitation of PaperCut servers is linked to attacks that are designed to deliver Cl0p...
RTM Locker’s First Linux Ransomware Strain Targeting NAS and ESXi Hosts
The threat actors behind RTM Locker have developed a ransomware strain that's capable of targeting Linux machines, marking the group's...
LimeRAT Malware Analysis: Extracting the Config
Remote Access Trojans (RATs) have taken the third leading position in ANY. RUN's Q1 2023 report on the most prevalent...
LockBit 3.0 Ransomware Victim: silbon[.]es
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: cdcbmestihl[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: multimedica[.]it
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: bg2i[.]fr
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: fsdc[.]org[.]hk
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Task Reminder System cross-site scripting | CVE-2023-2219
NAME__________Task Reminder System cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Task Reminder System is vulnerable to cross-site scripting, caused by improper validation...
Nokia OneNDS privilege escalation | CVE-2022-31244
NAME__________Nokia OneNDS privilege escalationPlatforms Affected:Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION__________Nokia OneNDS could allow a local authenticated attacker to gain elevated privileges on...
Sengled Dimmer Switch denial of service | CVE-2023-29779
NAME__________Sengled Dimmer Switch denial of servicePlatforms Affected:Sengled Dimmer Switch 0.0.9Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Sengled Dimmer Switch is vulnerable to a...
IBM Cloud Pak for Data file upload | CVE-2022-36769
NAME__________IBM Cloud Pak for Data file uploadPlatforms Affected:IBM Watson Knowledge Catalog on-prem 4.0 IBM Cloud Pak for Data 4.5 IBM...
Mattermost Server security bypass | CVE-2023-2193
NAME__________Mattermost Server security bypassPlatforms Affected:Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Mattermost Server could allow a remote authenticated attacker to bypass security restrictions, caused...
Task Reminder System SQL injection | CVE-2023-2218
NAME__________Task Reminder System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Task Reminder System is vulnerable to SQL injection. A remote authenticated attacker...
Task Reminder System SQL injection | CVE-2023-2217
NAME__________Task Reminder System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Task Reminder System is vulnerable to SQL injection. A remote authenticated attacker...
Clusternet privilege escalation | CVE-2023-30622
NAME__________Clusternet privilege escalationPlatforms Affected:Clusternet Clusternet 0.15.1Risk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Clusternet could allow a local authenticated attacker to gain elevated privileges on...
Node.js @fastify/passport module session hijacking | CVE-2023-29020
NAME__________Node.js @fastify/passport module session hijackingPlatforms Affected:Node.js @fastify/passport 1.0.1 Node.js @fastify/passport 2.0.0 Node.js @fastify/passport 2.2.0Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Node.js @fastify/passport module is...
Chitor CMS SQL injection |
NAME__________Chitor CMS SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Chitor CMS is vulnerable to SQL injection. A remote attacker could send specially...
Nokia OneNDS privilege escalation | CVE-2022-30759
NAME__________Nokia OneNDS privilege escalationPlatforms Affected:Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION__________Nokia OneNDS could allow a local authenticated attacker to gain elevated privileges on...
Third Reality Smart Blind denial of service | CVE-2023-29780
NAME__________Third Reality Smart Blind denial of servicePlatforms Affected:Third Reality Smart Blind 3RSB015BZ 1.00.54Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Third Reality Smart Blind...
Fortinet FortiGate brute force |
NAME__________Fortinet FortiGate brute forcePlatforms Affected:Risk Level:7.4Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Fortinet FortiGate is vulnerable to a brute force attack, caused by...
Online Pizza Ordering System file upload | CVE-2023-2246
NAME__________Online Pizza Ordering System file uploadPlatforms Affected:Risk Level:6.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Online Pizza Ordering System could allow a remote authenticated...
Kiwi TCMS file upload | CVE-2023-30613
NAME__________Kiwi TCMS file uploadPlatforms Affected:Kiwi TCMS Kiwi TCMS 12.1Risk Level:7.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Kiwi TCMS could allow a remote authenticated attacker to...
Online Computer and Laptop Store SQL injection | CVE-2023-2242
NAME__________Online Computer and Laptop Store SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Online Computer and Laptop Store is vulnerable to SQL injection....
