RedPacket Security - InfoSec News & Tutorials

CVE Alert: CVE-2025-3642

April 26, 2025

Vulnerability Summary: CVE-2025-3642 A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS...

CVE Alert: CVE-2025-46618

April 26, 2025

Vulnerability Summary: CVE-2025-46618 In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab Affected Endpoints: No affected...

CVE Alert: CVE-2025-43016

April 26, 2025

Vulnerability Summary: CVE-2025-43016 In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session Affected...

CVE Alert: CVE-2025-46433

April 26, 2025

Vulnerability Summary: CVE-2025-46433 In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was possible Affected Endpoints: No affected...

CVE Alert: CVE-2025-46432

April 26, 2025

Vulnerability Summary: CVE-2025-46432 In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs Affected Endpoints: No affected...

CVE Alert: CVE-2025-43862

April 26, 2025

Vulnerability Summary: CVE-2025-43862 Dify is an open-source LLM app development platform. Prior to version 0.6.12, a normal user is able...

CVE Alert: CVE-2025-2070

April 26, 2025

Vulnerability Summary: CVE-2025-2070 An improper XML parsing vulnerability was reported in the FileZ client that could allow arbitrary file reads...

CVE Alert: CVE-2025-2068

April 26, 2025

Vulnerability Summary: CVE-2025-2068 An open redirect vulnerability was reported in the FileZ client that could allow information disclosure if a...

CVE Alert: CVE-2025-25775

April 26, 2025

Vulnerability Summary: CVE-2025-25775 Codeastro Bus Ticket Booking System v1.0 is vulnerable to SQL injection via the kodetiket parameter in /BusTicket-CI/tiket/cekorder....

CVE Alert: CVE-2025-2069

April 26, 2025

Vulnerability Summary: CVE-2025-2069 A cross-site scripting vulnerability was reported in the FileZ client that could allow execution of code if...

CVE Alert: CVE-2025-3928

April 26, 2025

Vulnerability Summary: CVE-2025-3928 Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. According...

CVE Alert: CVE-2025-32984

April 26, 2025

Vulnerability Summary: CVE-2025-32984 NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored Cross-Site Scripting (XSS) via a certain POST parameter. Affected Endpoints:...

CVE Alert: CVE-2025-3935

April 26, 2025

Vulnerability Summary: CVE-2025-3935 ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web...

CVE Alert: CVE-2024-30152

April 26, 2025

Vulnerability Summary: CVE-2024-30152 HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit this...

CVE Alert: CVE-2025-28128

April 26, 2025

Vulnerability Summary: CVE-2025-28128 An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP verification process...

CVE Alert: CVE-2025-32983

April 26, 2025

Vulnerability Summary: CVE-2025-32983 NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace. Affected Endpoints: No affected...

ce9974c3b4ee5bd0afe5dbf513bacc234175f99c0f4f3bcdeac15483b944f15a

Qualcomm Says License Fight Was Because Arm Wants To Make Its Own Server Chips

April 26, 2025

Qualcomm has amended its complaint against Arm in a 2024 lawsuit, adding more allegations about Arm's purported breach of license...

[NITROGEN] – Ransomware Victim: Seneca Gaming & Entertainment

April 26, 2025

Ransomware Group: NITROGEN VICTIM NAME: Seneca Gaming & Entertainment NOTE: No files or stolen information are by RedPacket Security. Any...

CVE Alert: CVE-2025-46517

April 26, 2025

Vulnerability Summary: CVE-2025-46517 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdiscover Blog Manager WP allows...

CVE Alert: CVE-2025-46502

April 26, 2025

Vulnerability Summary: CVE-2025-46502 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bas Matthee LSD Custom taxonomy...

CVE Alert: CVE-2025-46513

April 26, 2025

Vulnerability Summary: CVE-2025-46513 Cross-Site Request Forgery (CSRF) vulnerability in Codebangers All in One Time Clock Lite allows Cross Site Request...

CVE Alert: CVE-2025-46516

April 26, 2025

Vulnerability Summary: CVE-2025-46516 Cross-Site Request Forgery (CSRF) vulnerability in silencecm Twitter Card Generator allows Stored XSS. This issue affects Twitter...

CVE Alert: CVE-2025-46514

April 26, 2025

Vulnerability Summary: CVE-2025-46514 Cross-Site Request Forgery (CSRF) vulnerability in milat Milat jQuery Automatic Popup allows Stored XSS. This issue affects...

CVE Alert: CVE-2025-46525

April 26, 2025

Vulnerability Summary: CVE-2025-46525 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in msmitley WP Cookie Consent allows...

Main Story

Fortifying the Supply Chain through Practical Security for Modern Organizations

Security Awareness Training that Works for Changing Employee Behavior

Editor’s Picks

Trending Story

Featured Story

You may have missed