CVE

Grav code execution | CVE-2023-34252

June 16, 2023

NAME__________Grav code executionPlatforms Affected:Grav Grav 1.7.40Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Grav could allow a remote authenticated attacker to execute arbitrary code on...

Jenkins Dimensions Plugin information disclosure | CVE-2023-32262

June 16, 2023

NAME__________Jenkins Dimensions Plugin information disclosurePlatforms Affected:Jenkins Dimensions Plugin 0.9.3Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins Dimensions Plugin could allow a remote authenticated attacker...

Grav code execution | CVE-2023-34253

June 16, 2023

Jenkins Digital.ai App Management Publisher Plugin security bypass | CVE-2023-35149

June 16, 2023

NAME__________Jenkins Digital.ai App Management Publisher Plugin security bypassPlatforms Affected:Jenkins Digital.ai App Management Publisher Plugin 2.6Risk Level:4.2Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Jenkins Digital.ai App...

Jenkins Digital.ai App Management Publisher Plugin cross-site request forgery | CVE-2023-35148

June 16, 2023

NAME__________Jenkins Digital.ai App Management Publisher Plugin cross-site request forgeryPlatforms Affected:Jenkins Digital.ai App Management Publisher Plugin 2.6Risk Level:4.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Digital.ai...

Grav code execution | CVE-2023-34448

June 16, 2023

Tang information disclosure | CVE-2023-1672

June 16, 2023

NAME__________Tang information disclosurePlatforms Affected:Tang Tang 13 Tang Tang 12 Tang Tang 11Risk Level:5.3Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________Tang could allow a...

Palo Alto Networks PAN-OS cross-site scripting | CVE-2023-0010

June 16, 2023

NAME__________Palo Alto Networks PAN-OS cross-site scriptingPlatforms Affected:Palo Alto Networks PAN-OS 8.1 Palo Alto Networks PAN-OS 9.1.0 Palo Alto Networks PAN-OS...

Jenkins Checkmarx Plugin man-in-the-middle | CVE-2023-35142

June 16, 2023

NAME__________Jenkins Checkmarx Plugin man-in-the-middlePlatforms Affected:Jenkins Checkmarx Plugin 2022.4.3Risk Level:5.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Checkmarx Plugin is vulnerable to a man-in-the-middle attack, caused...

Grav cross-site scripting | CVE-2023-34452

June 16, 2023

NAME__________Grav cross-site scriptingPlatforms Affected:Grav Grav 1.7.42Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Grav is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

X.Org libX11 denial of service | CVE-2023-3138

June 16, 2023

NAME__________X.Org libX11 denial of servicePlatforms Affected:X.Org libX11 1.8.5Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________X.Org libX11 is vulnerable to a denial of service,...

Palo Alto Networks GlobalProtect App for Windows privilege escalation | CVE-2023-0009

June 16, 2023

NAME__________Palo Alto Networks GlobalProtect App for Windows privilege escalationPlatforms Affected:Palo Alto Networks GlobalProtect app for Windows 5.2 Palo Alto Networks...

Jenkins Dimensions Plugin information disclosure | CVE-2023-32261

June 16, 2023

NAME__________Jenkins Dimensions Plugin information disclosurePlatforms Affected:Jenkins Dimensions Plugin 0.9.3Risk Level:4.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Dimensions Plugin could allow a remote authenticated attacker...

Parity Technologies ink! security bypass | CVE-2023-34449

June 16, 2023

NAME__________Parity Technologies ink! security bypassPlatforms Affected:Parity Technologies ink! 4.2.0Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Parity Technologies ink! could allow a remote attacker to...

SUBNET PowerSYSTEM Center denial of service | CVE-2023-29158

June 16, 2023

NAME__________SUBNET PowerSYSTEM Center denial of servicePlatforms Affected:SUBNET PowerSYSTEM CenterRisk Level:6.1Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________SUBNET PowerSYSTEM Center is vulnerable to a denial...

SUBNET PowerSYSTEM Center cross-site scripting | CVE-2023-32659

June 16, 2023

NAME__________SUBNET PowerSYSTEM Center cross-site scriptingPlatforms Affected:SUBNET PowerSYSTEM CenterRisk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SUBNET PowerSYSTEM Center is vulnerable to cross-site scripting, caused by...

Keystone open redirect | CVE-2023-34247

June 15, 2023

NAME__________Keystone open redirectPlatforms Affected:Keystone KeystoneRisk Level:6.1Exploitability:UnprovenConsequences:Other DESCRIPTION__________Keystone could allow a remote authenticated attacker to conduct phishing attacks, caused by an...

Fortinet FortiOS and FortiProxy code execution | CVE-2022-43953

June 15, 2023

NAME__________Fortinet FortiOS and FortiProxy code executionPlatforms Affected:Fortinet FortiOS 6.4.0 Fortinet FortiOS 7.0.0 Fortinet FortiProxy 7.0.0 Fortinet FortiOS 7.2.0 Fortinet FortiProxy...

Schneider Electric EcoStruxure Foxboro DCS Control Core Services execution | CVE-2023-2569

June 15, 2023

NAME__________Schneider Electric EcoStruxure Foxboro DCS Control Core Services executionPlatforms Affected:Schneider Electric EcoStruxure Foxboro DCS Control Core ServicesRisk Level:7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Schneider...

CVE

Grav code execution | CVE-2023-34252

Jenkins Dimensions Plugin information disclosure | CVE-2023-32262

Grav code execution | CVE-2023-34253

Jenkins Digital.ai App Management Publisher Plugin security bypass | CVE-2023-35149

Jenkins Digital.ai App Management Publisher Plugin cross-site request forgery | CVE-2023-35148

Grav code execution | CVE-2023-34448

Tang information disclosure | CVE-2023-1672

Palo Alto Networks PAN-OS cross-site scripting | CVE-2023-0010

Jenkins Checkmarx Plugin man-in-the-middle | CVE-2023-35142

Grav cross-site scripting | CVE-2023-34452

X.Org libX11 denial of service | CVE-2023-3138

Palo Alto Networks GlobalProtect App for Windows privilege escalation | CVE-2023-0009

Jenkins Dimensions Plugin information disclosure | CVE-2023-32261

Parity Technologies ink! security bypass | CVE-2023-34449

SUBNET PowerSYSTEM Center denial of service | CVE-2023-29158

SUBNET PowerSYSTEM Center cross-site scripting | CVE-2023-32659

Keystone open redirect | CVE-2023-34247

Fortinet FortiOS and FortiProxy code execution | CVE-2022-43953

Schneider Electric EcoStruxure Foxboro DCS Control Core Services execution | CVE-2023-2569

Shipyaari Shipping Management plugin for WordPress cross-site scripting | CVE-2023-26528

Call Now Accessibility Button plugin for WordPress cross-site scripting | CVE-2023-28933

Contact Forms by Cimatti plugin for WordPress cross-site request forgery | CVE-2023-2563

Were Open plugin for WordPress cross-site scripting | CVE-2023-25964

WP Abstracts Plugin for WordPress cross-site scripting | CVE-2023-29385

[INCRANSOM] – Ransomware Victim: VZW Avalon

Ai Layoffs To Backfire: Half Quietly Rehired At Lower Pay

[BLACKSHRANTAC] – Ransomware Victim: The Matlusky Firm LLC

[QILIN] – Ransomware Victim: bagnoles[.]nl

[BLACKSHRANTAC] – Ransomware Victim: ApleNet Co[.], Ltd

You may have missed