RedPacket Security - InfoSec News & Tutorials

Role Delegation module for Drupal privilege escalation |

March 25, 2022

NAME Role Delegation module for Drupal privilege escalation Platforms Affected:Parking Management System Parking Management SystemRisk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Role Delegation...

Netatalk buffer overflow | CVE-2022-23125

March 25, 2022

NAME Netatalk buffer overflow Platforms Affected:Netatalk Netatalk 3.1.12Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Netatalk is vulnerable to a stack-based buffer overflow, caused...

Sourcecodester Event Management System file upload |

March 25, 2022

NAME Sourcecodester Event Management System file upload Platforms Affected:Sourcecodester Event Management System 1.0Risk Level:8.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Sourcecodester Event...

Multiple NXP products buffer overflow | CVE-2022-22819

March 25, 2022

NAME Multiple NXP products buffer overflow Platforms Affected:NXP LPC55S66JBD64 NXP LPC55S66JBD100 NXP LPC55S66JEV98 NXP LPC55S69JBD64 NXP LPC55S69JBD100 NXP LPC55S69JEV98Risk Level:9.8Exploitability:UnprovenConsequences:Gain...

mySCADA myPRO command execution | CVE-2022-0999

March 25, 2022

NAME mySCADA myPRO command execution Platforms Affected:mySCADA myPRO 7.0.26 mySCADA myPRO 8.19.0 mySCADA myPRO 8.18.0 mySCADA myPRO 8.17.0 mySCADA myPRO...

Netatalk code execution | CVE-2022-23121

March 25, 2022

NAME Netatalk code execution Platforms Affected:Netatalk Netatalk 3.1.12Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Netatalk could allow a remote attacker to execute arbitrary...

VMware Carbon Black App Control file upload | CVE-2022-22952

March 25, 2022

NAME VMware Carbon Black App Control file upload Platforms Affected:VMware Carbon Black App Control 8.8 VMware Carbon Black App Control...

Delta Electronics DIAEnergie SQL injection | CVE-2022-26013

March 25, 2022

NAME Delta Electronics DIAEnergie SQL injection Platforms Affected:Delta Electronics DIAEnergie 1.7.5Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Delta Electronics DIAEnergie is vulnerable to...

Sound Exchange libsox buffer overflow | CVE-2021-40426

March 25, 2022

NAME Sound Exchange libsox buffer overflow Platforms Affected:Sound Exchange libsox 14.4.2 Sound Exchange libsox master commit 42b3557eRisk Level:10Exploitability:Proof of ConceptConsequences:Gain...

Kingsoft WPS Office code execution | CVE-2022-24934

March 25, 2022

NAME Kingsoft WPS Office code execution Platforms Affected:Kingsoft WPS Office 11.2.0.10382Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Kingsoft WPS Office could allow a...

Sourcecodester Microfinance Management System SQL injection |

March 25, 2022

NAME Sourcecodester Microfinance Management System SQL injection Platforms Affected:Sourcecodester Microfinance Management System 1.0Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Sourcecodester Microfinance Management System...

Delta Electronics DIAEnergie SQL injection | CVE-2022-25880

March 25, 2022

Delta Electronics DIAEnergie directory traversal | CVE-2022-25347

March 25, 2022

NAME Delta Electronics DIAEnergie directory traversal Platforms Affected:Delta Electronics DIAEnergie 1.7.5Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Delta Electronics DIAEnergie could allow a...

Delta Electronics DIAEnergie SQL injection | CVE-2022-26667

March 25, 2022

Delta Electronics DIAEnergie SQL injection | CVE-2022-27175

March 25, 2022

VMware Carbon Black App Control command execution | CVE-2022-22951

March 25, 2022

NAME VMware Carbon Black App Control command execution Platforms Affected:VMware Carbon Black App Control 8.8 VMware Carbon Black App Control...

Delta Electronics DIAEnergie SQL injection | CVE-2022-26349

March 25, 2022

Delta Electronics DIAEnergie SQL injection | CVE-2022-26514

March 25, 2022

Delta Electronics DIAEnergie SQL injection | CVE-2022-26065

March 25, 2022

Delta Electronics DIAEnergie SQL injection | CVE-2022-26069

March 25, 2022

Delta Electronics DIAEnergie SQL injection | CVE-2022-0923

March 25, 2022

US indicted 4 Russian government employees for attacks on critical infrastructure

March 25, 2022

The U.S. has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. The U.S....

sl-abstract-phishing-equipment-kit-hook-float-990x400-1

Phishing-kit market: what’s inside “off-the-shelf” phishing packages

March 25, 2022

What are phishing kits? One of the most common tricks scammers use in phishing attacks is to create a fake...

Anti-war open-source software developer targets Russians and Belarussians with “protestware”

March 25, 2022

Russia is in the midst of its fourth week of attack against Ukraine. People worldwide have been increasingly and passionately...

Main Story

Editor’s Picks

Trending Story

Featured Story

You may have missed