femanager extension for TYPO3 security bypass | CVE-2023-25013
NAME__________femanager extension for TYPO3 security bypassPlatforms Affected:TYPO3 Femanager extension TYPO3 6.3.0 TYPO3 femanager extension for TYPO3 6.0.0 TYPO3 femanager extension...
Mura CMS security bypass | CVE-2022-47003
NAME__________Mura CMS security bypassPlatforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Mura CMS could allow a remote attacker to bypass security restrictions, caused by...
Dell PowerProtect Data Domain appliance command execution | CVE-2023-23692
NAME__________Dell PowerProtect Data Domain appliance command executionPlatforms Affected:Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Dell PowerProtect Data Domain appliance could allow a remote authenticated...
SelfWealth iOS application default account | CVE-2023-23132
NAME__________SelfWealth iOS application default accountPlatforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________SelfWealth iOS application contains default hardcoded credentials. A remote attacker could exploit...
femanager extension for TYPO3 security bypass | CVE-2013-25014
NAME__________femanager extension for TYPO3 security bypassPlatforms Affected:TYPO3 Femanager extension TYPO3 6.3.0 TYPO3 femanager extension for TYPO3 6.0.0 TYPO3 femanager extension...
SelfWealth iOS application security bypass | CVE-2023-23131
NAME__________SelfWealth iOS application security bypassPlatforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________SelfWealth iOS application could allow a remote attacker to bypass security restrictions,...
Zoho ManageEngine Support Center Plus command execution | CVE-2023-23076
NAME__________Zoho ManageEngine Support Center Plus command executionPlatforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Zoho ManageEngine Support Center Plus could allow a remote attacker...
Masa CMS security bypass | CVE-2022-47002
NAME__________Masa CMS security bypassPlatforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Masa CMS could allow a remote attacker to bypass security restrictions, caused by...
Dell EMC PowerScale OneFS information disclosure | CVE-2023-22574
NAME__________Dell EMC PowerScale OneFS information disclosurePlatforms Affected:Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Dell EMC PowerScale OneFS could allow a remote authenticated attacker to...
Experts Warn of ‘Ice Breaker’ Cyberattacks Targeting Gaming and Gambling Industry
A new attack campaign has been targeting the gaming and gambling sectors since at least September 2022, just as...
North Korean Hackers Exploit Unpatched Zimbra Devices in ‘No Pineapple’ Campaign
A new intelligence gathering campaign linked to the prolific North Korean state-sponsored Lazarus Group leveraged known security flaws in...
New Threat: Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers
At least 1,200 Redis database servers worldwide have been corralled into a botnet using an "elusive and severe threat"...
Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility
Cybersecurity researchers have disclosed details of two security flaws in the open source ImageMagick software that could potentially lead...
New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products
F5 has warned of a high-severity flaw impacting BIG-IP appliances that could lead to denial-of-service (DoS) or arbitrary code...
Cybersecurity Budgets Are Going Up. So Why Aren’t Breaches Going Down?
Over the past few years, cybersecurity has become a major concern for businesses around the globe. With the total cost...
Atlassian’s Jira Software Found Vulnerable to Critical Authentication Vulnerability
Atlassian has released fixes to resolve a critical security flaw in Jira Service Management Server and Data Center that...
CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on February 2 added two security flaws to its Known Exploited...
New Russian-Backed Gamaredon’s Spyware Variants Targeting Ukrainian Authorities
The State Cyber Protection Centre (SCPC) of Ukraine has called out the Russian state-sponsored threat actor known as Gamaredon...
Daily Vulnerability Trends: Fri Feb 03 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-34462Windows AppX Deployment Extensions Elevation of Privilege VulnerabilityCVE-2023-24055** DISPUTED ** KeePass through...
BugCrowd Bug Bounty Disclosure: – Idor – Access To Private Resumes – By mar0uane
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Email Html Injection @https://gigs.indeed.com/ – By pphreak_1001
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Session is not invalidated on password change –> https://my.zapinfo.io – By h_-_cker
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
LockBit 3.0 Ransomware Victim: guardiananalytics[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
School District 42 – 18,850 breached accounts
HIBP In January 2023, Pitt Meadows School District 42 in British Columbia suffered a data breach. The incident exposed the...
