CVE

GitLab privilege escalation | CVE-2023-3915

September 1, 2023

NAME__________GitLab privilege escalationPlatforms Affected:GitLab Community Edition 16.2.4 GitLab Community Edition 16.3.0 GitLab Enterprise Edition 16.3.0 GitLab Enterprise Edition 16.2.4 GitLab...

iframe popup plugin for WordPress cross-site scripting | CVE-2023-24394

August 31, 2023

NAME__________iframe popup plugin for WordPress cross-site scriptingPlatforms Affected:WordPress iframe popup Plugin for WordPress 3.3Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________iframe popup Login Plugin...

Spipu HTML2PDF cross-site scripting | CVE-2023-39062

August 31, 2023

NAME__________Spipu HTML2PDF cross-site scriptingPlatforms Affected:Spipu HTML2PDF 5.2.3 Spipu HTML2PDF 5.2.4 Spipu HTML2PDF 5.2.5 Spipu HTML2PDF 5.2.6 Spipu HTML2PDF 5.2.7Risk Level:6.1Exploitability:HighConsequences:Cross-Site...

NeoMind Fusion Platform cross-site scripting | CVE-2023-4534

August 31, 2023

NAME__________NeoMind Fusion Platform cross-site scriptingPlatforms Affected:Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________NeoMind Fusion Platform is vulnerable to cross-site scripting, caused by improper validation...

Free and Open Source Inventory Management System cross-site scripting | CVE-2023-39707

August 31, 2023

NAME__________Free and Open Source Inventory Management System cross-site scriptingPlatforms Affected:Sourcecodester Free and Open Source Inventory Management System 1.0Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting...

jupyter-server information disclosure | CVE-2023-40170

August 31, 2023

NAME__________jupyter-server information disclosurePlatforms Affected:jupyter-server jupyter-server 2.7.1Risk Level:4.6Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________jupyter-server could allow a remote authetnicated attacker to obtain sensitive information, caused...

Metal3 ironic-image security bypass | CVE-2023-40585

August 31, 2023

NAME__________Metal3 ironic-image security bypassPlatforms Affected:Metal3 ironic-image capm3-v1.4.2Risk Level:7.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Metal3 ironic-image could allow a remote attacker to bypass security restrictions,...

Webiny cross-site scripting | CVE-2023-41167

August 31, 2023

NAME__________Webiny cross-site scriptingPlatforms Affected:webiny webiny 5.37.1Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Webiny is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

giflib buffer overflow | CVE-2023-39742

August 31, 2023

NAME__________giflib buffer overflowPlatforms Affected:GIFLIB GIFLIB 5.2.1Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________giflib is vulnerable to a heap-based buffer overflow, caused by a segmentation...

Free and Open Source Inventory Management System cross-site scripting | CVE-2023-39708

August 31, 2023

Free and Open Source Inventory Management System cross-site scripting | CVE-2023-39709

August 31, 2023

OpenFGA information disclosure | CVE-2023-40579

August 31, 2023

NAME__________OpenFGA information disclosurePlatforms Affected:OpenFGA OpenFGA 1.3.0Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________OpenFGA could allow a remote authenticated attacker to obtain sensitive information, caused...

FRRouting FRR and Pica8 PICOS denial of service | CVE-2023-38802

August 31, 2023

NAME__________FRRouting FRR and Pica8 PICOS denial of servicePlatforms Affected:FRRouting FRRouting 9.0 Pica8 PICOS 4.3.3.2Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________FRRouting FRR and...

Samsung Exynos Mobile Processor and Wearable Processor denial of service | CVE-2023-36481

August 31, 2023

NAME__________Samsung Exynos Mobile Processor and Wearable Processor denial of servicePlatforms Affected:Samsung Exynos Mobile Processor Samsung Exynos Wearable ProcessorRisk Level:7.5Exploitability:UnprovenConsequences:Denial of...

Spinnaker weak security | CVE-2023-39348

August 31, 2023

NAME__________Spinnaker weak securityPlatforms Affected:Spinnaker Spinnaker 1.31.0 Spinnaker Spinnaker 1.30.2 Spinnaker Spinnaker 1.29.5 Spinnaker Spinnaker 1.28.7Risk Level:4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Spinnaker could provide...

Busybox directory traversal | CVE-2023-39810

August 31, 2023

NAME__________Busybox directory traversalPlatforms Affected:Busybox BusyboxRisk Level:6.1Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________Busybox could allow a local attacker to traverse directories on the system, caused...

Badaso cross-site scripting | CVE-2023-38969

August 31, 2023

NAME__________Badaso cross-site scriptingPlatforms Affected:Badaso Badaso 2.9.7Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Badaso is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

SpringBlade SQL injection | CVE-2023-40787

August 31, 2023

NAME__________SpringBlade SQL injectionPlatforms Affected:SpringBlade SpringBlade 3.6.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________SpringBlade is vulnerable to SQL injection. A remote attacker could send specially...

haraj security bypass |

August 31, 2023

NAME__________haraj security bypassPlatforms Affected:haraj haraj 1.1Risk Level:7.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________haraj could allow a remote attacker to bypass security restrictions, caused by...

MyBB code execution | CVE-2023-41362

August 31, 2023

NAME__________MyBB code executionPlatforms Affected:MyBB MyBB 1.8.35Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________MyBB could allow a remote authenticated attacker to execute arbitrary code on...

jupyter-server open redirect | CVE-2023-39968

August 31, 2023

NAME__________jupyter-server open redirectPlatforms Affected:jupyter-server jupyter-server 2.7.1Risk Level:4.3Exploitability:UnprovenConsequences:Other DESCRIPTION__________jupyter-server could allow a remote attacker to conduct phishing attacks, caused by an...

Hitachi HiRDB weak security | CVE-2023-1995

August 31, 2023

NAME__________Hitachi HiRDB weak securityPlatforms Affected:Hitachi HiRDB Server Hitachi HiRDB Server With Addtional Function Hitachi HiRDB Structured Data Access FacilityRisk Level:5.3Exploitability:UnprovenConsequences:Gain...

Blue-Collar i-Gallery information disclosure |

August 31, 2023

NAME__________Blue-Collar i-Gallery information disclosurePlatforms Affected:Blue-Collar i-Gallery 3.4Risk Level:7.5Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________Blue-Collar i-Gallery could allow a remote attacker to obtain...

HumHub directory traversal |

August 31, 2023

NAME__________HumHub directory traversalPlatforms Affected:HumHub HumHub 1.3.13Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________HumHub could allow a remote attacker to traverse directories on the system,...

CVE

GitLab privilege escalation | CVE-2023-3915

iframe popup plugin for WordPress cross-site scripting | CVE-2023-24394

Spipu HTML2PDF cross-site scripting | CVE-2023-39062

NeoMind Fusion Platform cross-site scripting | CVE-2023-4534

Free and Open Source Inventory Management System cross-site scripting | CVE-2023-39707

jupyter-server information disclosure | CVE-2023-40170

Metal3 ironic-image security bypass | CVE-2023-40585

Webiny cross-site scripting | CVE-2023-41167

giflib buffer overflow | CVE-2023-39742

Free and Open Source Inventory Management System cross-site scripting | CVE-2023-39708

Free and Open Source Inventory Management System cross-site scripting | CVE-2023-39709

OpenFGA information disclosure | CVE-2023-40579

FRRouting FRR and Pica8 PICOS denial of service | CVE-2023-38802

Samsung Exynos Mobile Processor and Wearable Processor denial of service | CVE-2023-36481

Spinnaker weak security | CVE-2023-39348

Busybox directory traversal | CVE-2023-39810

Badaso cross-site scripting | CVE-2023-38969

SpringBlade SQL injection | CVE-2023-40787

haraj security bypass |

MyBB code execution | CVE-2023-41362

jupyter-server open redirect | CVE-2023-39968

Hitachi HiRDB weak security | CVE-2023-1995

Blue-Collar i-Gallery information disclosure |

HumHub directory traversal |

Cobalt Strike Beacon Detected – 121[.]43[.]37[.]134:4434

Cobalt Strike Beacon Detected – 119[.]29[.]231[.]118:443

Cobalt Strike Beacon Detected – 39[.]101[.]74[.]162:443

Cobalt Strike Beacon Detected – 8[.]218[.]112[.]112:8880

Cobalt Strike Beacon Detected – 47[.]109[.]48[.]57:443

You may have missed