RedPacket Security - InfoSec News & Tutorials

VMware ESXi privilege escalation | CVE-2021-22043

February 17, 2022

NAME VMware ESXi privilege escalation Platforms Affected:VMware ESXi 6.5 VMware ESXi 6.7 VMware ESXi 7.0 VMware Cloud Foundation (ESXi) 3.0...

VMware ESXi unauthorized access | CVE-2021-22042

February 17, 2022

NAME VMware ESXi unauthorized access Platforms Affected:VMware ESXi 6.5 VMware ESXi 6.7 VMware ESXi 7.0 VMware Cloud Foundation (ESXi) 3.0...

TIBCO AuditSafe privilege escalation | CVE-2022-22770

February 17, 2022

NAME TIBCO AuditSafe privilege escalation Platforms Affected:TIBCO AuditSafe 1.0.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION TIBCO AuditSafe could allow a remote attacker to...

Kitodo.Presentation extension for TYPO3 server-side request forgery | CVE-2022-24980

February 17, 2022

NAME Kitodo.Presentation extension for TYPO3 server-side request forgery Platforms Affected:TYPO3 Kitodo.Presentation Extension for TYPO3 3.3.0 TYPO3 Kitodo.Presentation Extension for TYPO3...

Jenkins Pipeline: Multibranch Plugin command execution | CVE-2022-25175

February 17, 2022

NAME Jenkins Pipeline: Multibranch Plugin command execution Platforms Affected:Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Jenkins Pipeline: Multibranch Plugin...

Jenkins Custom Checkbox Parameter Plugin cross-site scripting | CVE-2022-25189

February 17, 2022

NAME Jenkins Custom Checkbox Parameter Plugin cross-site scripting Platforms Affected:Jenkins Custom Checkbox Parameter Plugin 1.1Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Custom...

Jenkins Pipeline: Groovy Plugin command execution | CVE-2022-25173

February 17, 2022

NAME Jenkins Pipeline: Groovy Plugin command execution Platforms Affected:Jenkins Pipeline: Groovy Plugin 2648.va9433432b33cRisk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Jenkins Pipeline: Groovy Plugin...

VMware ESXi, Workstation and Fusion code execution | CVE-2021-22040

February 17, 2022

NAME VMware ESXi, Workstation and Fusion code execution Platforms Affected:VMware ESXi 6.5 VMware ESXi 6.7 VMware ESXi 7.0 VMware Cloud...

x26-Cogs privilege escalation | CVE-2022-23604

February 17, 2022

NAME x26-Cogs privilege escalation Platforms Affected:x26-Cogs x26-Cogs 1.9.1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION x26-Cogs could allow a remote authenticated attacker to gain...

Huawei PCManager privilege escalation | CVE-2021-40046

February 17, 2022

NAME Huawei PCManager privilege escalation Platforms Affected:Huawei PCManager 11.1.1.95Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Huawei PCManager could allow a remote attacker to...

Nation-state actors hacked Red Cross exploiting a Zoho bug

February 17, 2022

The International Committee of the Red Cross (ICRC) said attackers that breached its network last month exploited a Zoho bug....