CVE

VMware Tanzu Reactor Netty denial of service | CVE-2023-34054

November 30, 2023

NAME__________VMware Tanzu Reactor Netty denial of servicePlatforms Affected:Tanzu VMware Reactor Netty 1.0.0 Tanzu VMware Reactor Netty 1.0.38 Tanzu VMware Reactor...

Meta Incubator Katran information disclosure | CVE-2023-49062

November 30, 2023

NAME__________Meta Incubator Katran information disclosurePlatforms Affected:Meta Incubator KatranRisk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Meta Incubator Katran could allow a remote attacker to obtain...

VMware Tanzu Spring Framework denial of service | CVE-2023-34053

November 30, 2023

NAME__________VMware Tanzu Spring Framework denial of servicePlatforms Affected:VMware Tanzu Spring Framework 6.0.0 VMware Tanzu Spring Framework 6.0.13Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service...

VMware Tanzu Spring Boot denial of service | CVE-2023-34055

November 30, 2023

NAME__________VMware Tanzu Spring Boot denial of servicePlatforms Affected:VMware Tanzu Spring Boot 2.7.0 VMware Tanzu Spring Boot 3.0.0 Tanzu VMware Spring...

Mattermost Server security bypass | CVE-2023-47865

November 30, 2023

NAME__________Mattermost Server security bypassPlatforms Affected:Mattermost Mattermost Server 7.8.12 Mattermost Mattermost Server 8.1.3Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Mattermost Server could allow a remote...

Raptor-Web cross-site scripting | CVE-2023-49078

November 30, 2023

NAME__________Raptor-Web cross-site scriptingPlatforms Affected:Raptor-Web Raptor-Web 0.4.4Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Raptor-Web is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

QOS.ch Sarl Logback denial of service | CVE-2023-6378

November 30, 2023

NAME__________QOS.ch Sarl Logback denial of servicePlatforms Affected:QOS.ch Sarl Logback 1.4.11Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________QOS.ch Sarl Logback is vulnerable to a...

Mattermost open redirect | CVE-2023-47168

November 30, 2023

NAME__________Mattermost open redirectPlatforms Affected:Mattermost Mattermost Server 7.8.12 Mattermost Mattermost Server 8.1.3 Mattermost Mattermost Server 9.0.1 Mattermost Mattermost Server 9.1.0Risk Level:4.3Exploitability:UnprovenConsequences:Other...

Trellix Enterprise Security Manager (ESM) server-side request forgery | CVE-2023-6070

November 30, 2023

NAME__________Trellix Enterprise Security Manager (ESM) server-side request forgeryPlatforms Affected:Trellix Enterprise Security Manager 11.6.3 Trellix Enterprise Security Manager 11.6.2 Trellix Enterprise...

Jenkins MATLAB Plugin information disclosure | CVE-2023-49656

November 30, 2023

NAME__________Jenkins MATLAB Plugin information disclosurePlatforms Affected:Jenkins MATLAB Plugin 2.11.0Risk Level:7.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins MATLAB Plugin could allow a remote authenticated attacker...

Jenkins MATLAB Plugin cross-site request forgery | CVE-2023-49655

November 30, 2023

NAME__________Jenkins MATLAB Plugin cross-site request forgeryPlatforms Affected:Jenkins MATLAB Plugin 2.11.0Risk Level:7.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins MATLAB Plugin is vulnerable to cross-site request...

Jenkins Google Compute Engine Plugin information disclosure | CVE-2023-49652

November 30, 2023

NAME__________Jenkins Google Compute Engine Plugin information disclosurePlatforms Affected:Jenkins Google Compute Engine Plugin 4.550.vb_327fca_3db_11Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins Google Compute Engine Plugin...

ESKOM Computer e-municipality module information disclosure | CVE-2023-6151

November 30, 2023

NAME__________ESKOM Computer e-municipality module information disclosurePlatforms Affected:ESKOM Computer e-municipality module 104Risk Level:7.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________ESKOM Computer e-municipality module could allow a...

Alumne LMS cross-site scripting | CVE-2023-6359

November 30, 2023

NAME__________Alumne LMS cross-site scriptingPlatforms Affected:Alumne LMS Alumne LMS 4.0.0.1.08Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Alumne LMS is vulnerable to cross-site scripting, caused by...

Jenkins NeuVector Vulnerability Scanner Plugin security bypass | CVE-2023-49674

November 30, 2023

NAME__________Jenkins NeuVector Vulnerability Scanner Plugin security bypassPlatforms Affected:Jenkins NeuVector Vulnerability Scanner Plugin 1.22Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins NeuVector Vulnerability Scanner Plugin...

Jenkins Jira Plugin information disclosure | CVE-2023-49653

November 30, 2023

NAME__________Jenkins Jira Plugin information disclosurePlatforms Affected:Jenkins Jira Plugin 3.11Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins Jira Plugin could allow a remote authenticated attacker...

Jenkins MATLAB Plugin security bypass | CVE-2023-49654

November 30, 2023

NAME__________Jenkins MATLAB Plugin security bypassPlatforms Affected:Jenkins MATLAB Plugin 2.11.0Risk Level:7.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Jenkins MATLAB Plugin could allow a remote authenticated attacker...

Jenkins NeuVector Vulnerability Scanner Plugin cross-site request forgery | CVE-2023-49673

November 30, 2023

NAME__________Jenkins NeuVector Vulnerability Scanner Plugin cross-site request forgeryPlatforms Affected:Jenkins NeuVector Vulnerability Scanner Plugin 1.22Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins NeuVector Vulnerability Scanner...

CVE

VMware Tanzu Reactor Netty denial of service | CVE-2023-34054

Meta Incubator Katran information disclosure | CVE-2023-49062

VMware Tanzu Spring Framework denial of service | CVE-2023-34053

VMware Tanzu Spring Boot denial of service | CVE-2023-34055

Mattermost Server security bypass | CVE-2023-47865

Raptor-Web cross-site scripting | CVE-2023-49078

QOS.ch Sarl Logback denial of service | CVE-2023-6378

Mattermost open redirect | CVE-2023-47168

Trellix Enterprise Security Manager (ESM) server-side request forgery | CVE-2023-6070

Jenkins MATLAB Plugin information disclosure | CVE-2023-49656

Jenkins MATLAB Plugin cross-site request forgery | CVE-2023-49655

Jenkins Google Compute Engine Plugin information disclosure | CVE-2023-49652

ESKOM Computer e-municipality module information disclosure | CVE-2023-6151

Alumne LMS cross-site scripting | CVE-2023-6359

Jenkins NeuVector Vulnerability Scanner Plugin security bypass | CVE-2023-49674

Jenkins Jira Plugin information disclosure | CVE-2023-49653

Jenkins MATLAB Plugin security bypass | CVE-2023-49654

Jenkins NeuVector Vulnerability Scanner Plugin cross-site request forgery | CVE-2023-49673

CSV Feeds PRO module for PrestaShop information disclosure | CVE-2023-46355

Pandora FMS file upload | CVE-2023-41812

Chamilo LMS command execution | CVE-2023-4221

Zyxel products denial of service | CVE-2023-4398

Zyxel products denial of service | CVE-2023-4397

BookingPress Plugin for WordPress file upload | CVE-2023-6219

Cobalt Strike Beacon Detected – 193[.]112[.]83[.]36:8080

Cobalt Strike Beacon Detected – 60[.]204[.]245[.]37:8080

Cobalt Strike Beacon Detected – 118[.]24[.]117[.]221:8080

Cobalt Strike Beacon Detected – 47[.]120[.]13[.]85:8889

Cobalt Strike Beacon Detected – 20[.]41[.]73[.]175:8080

You may have missed