Tag: 2024-09-23

1 Attack Reports | 63 Vulnerabilities

Attack reports

From initial compromise to ransomware and wipers

The Twelve group, formed in April 2023 amid the Russian-Ukrainian conflict, specializes in attacking Russian government organizations. Their attacks involve encrypting and deleting victims' data, causing maximum damage without seeking financial gain. The group uses publicly available tools like Cob…
cobalt strike
chaos
2024-09-23
facefish
lockbit 3.0
shamoon
Published: September 23, 2024
Linked vulnerabilities : CVE-2021-22005, CVE-2021-21972
Downloadable IOCs: 20
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-9014

9.9
    pgAdmin
Published: September 23, 2024

CVE-2024-9090

9.8
    Mayurik
  • Modern Loan Management System
Published: September 23, 2024

CVE-2024-9091

9.8
    Code-Projects
  • Student Record System
Published: September 23, 2024

CVE-2024-9094

9.8
    Code-Projects
  • Blood Bank System
Published: September 23, 2024

CVE-2024-34331

9.8
    Parallels Desktop for Mac
Published: September 23, 2024

CVE-2024-46997

9.8
    Dataease
  • Dataease
Published: September 23, 2024

CVE-2024-0001

9.8
    Purestorage
  • Purity\/\/Fa
Published: September 23, 2024

CVE-2024-0002

9.8
    Purestorage
  • Purity\/\/Fa
Published: September 23, 2024

CVE-2024-47222

9.8
    Myoffice
  • My Office Sdk
Published: September 23, 2024

CVE-2024-7024

9.3
    Google Chrome
Published: September 23, 2024

CVE-2024-8606

8.8
    Checkmk
  • Checkmk
Published: September 23, 2024

CVE-2024-23934

8.8
    Sony XAV-AX5500
Published: September 23, 2024

CVE-2024-47066

8.8
    Lobehub
  • Lobe Chat
Published: September 23, 2024

CVE-2024-0005

8.8
    Purestorage
  • Purity\/\/Fa
  • Purity\/\/Fb
Published: September 23, 2024

CVE-2024-37779

8.8
    WoodWing Elvis DAM
Published: September 23, 2024

CVE-2021-38023

8.8
    Google Chrome
Published: September 23, 2024

CVE-2024-7018

8.8
    Google Chrome
Published: September 23, 2024

CVE-2024-7022

8.8
    Google Chrome
Published: September 23, 2024

CVE-2024-7023

8.0
    Google Chrome
Published: September 23, 2024

CVE-2018-20072

7.8
    Google
  • Chrome
Published: September 23, 2024

CVE-2024-41228

7.6
    AliyunContainerService pouch
Published: September 23, 2024

CVE-2024-46639

7.6
    HelpDeskZ
Published: September 23, 2024

CVE-2024-43989

7.5
    Justified Image Grid
Published: September 23, 2024

CVE-2024-46985

7.5
    Dataease
  • Dataease
Published: September 23, 2024

CVE-2024-42861

7.5
    Linuxptp Project
  • Linuxptp
Published: September 23, 2024

CVE-2024-9093

7.2
    Rems
  • Profile Registration Without Reload\/Refresh
Published: September 23, 2024

CVE-2024-40442

7.2
    Doccano
Published: September 23, 2024

CVE-2024-0003

7.2
    Purestorage
  • Purity\/\/Fa
Published: September 23, 2024

CVE-2024-0004

7.2
    Purestorage
  • Purity\/\/Fa
Published: September 23, 2024

CVE-2024-39842

7.2
    Centreon
Published: September 23, 2024

CVE-2024-23922

6.8
    Sony
  • Xav-Ax5500 Firmware
  • Xav-Ax5500
Published: September 23, 2024

CVE-2024-23933

6.8
    Sony XAV-AX5500 CarPlay
Published: September 23, 2024

CVE-2024-23972

6.8
    Sony
  • Xav-Ax5500 Firmware
  • Xav-Ax5500
Published: September 23, 2024

CVE-2024-39843

6.7
    Centreon
Published: September 23, 2024

CVE-2024-40441

6.6
    Doccano Open source annotation tools
    Doccano Auto Labeling Pipeline module
Published: September 23, 2024

CVE-2024-39342

6.6
    Entrust Instant Financial Issuance (formerly known as Cardwizard)
Published: September 23, 2024

CVE-2024-44540

6.6
    Ubiquiti AirMax firmware
Published: September 23, 2024

CVE-2024-43996

6.5
    ElementsKit Pro
Published: September 23, 2024

CVE-2024-44048

6.5
    wpWax Product Carousel Slider & Grid Ultimate for WooCommerce
Published: September 23, 2024

CVE-2024-45348

6.4
    Xiaomi Router AX9000
Published: September 23, 2024

CVE-2024-9092

6.1
    Rems
  • Profile Registration Without Reload\/Refresh
Published: September 23, 2024

CVE-2024-47227

6.1
    Iredmail
  • Iredadmin
Published: September 23, 2024

CVE-2024-47068

6.1
    Rollupjs
  • Rollup
Published: September 23, 2024

CVE-2024-47069

6.1
    Oveleon
  • Cookiebar
Published: September 23, 2024

CVE-2024-8770

6.1
    Github
  • Enterprise Server
Published: September 23, 2024

CVE-2024-46241

5.9
    Dairy Farm Shop Management System
Published: September 23, 2024

CVE-2024-43201

5.9
    Planetfitness
  • Planet Fitness Workouts
    Apple
    Google
Published: September 23, 2024

CVE-2024-9089

5.4
    Mayurik
  • Modern Loan Management System
Published: September 23, 2024

CVE-2024-7846

5.4
    YITH WooCommerce Ajax Search
Published: September 23, 2024

CVE-2023-46948

5.4
    Temenos T24 Browser
Published: September 23, 2024

CVE-2024-8758

4.8
    Expresstech
  • Quiz And Survey Master
Published: September 23, 2024

CVE-2024-8903

4.7
    Acronis Cyber Protect Cloud Agent (Windows, macOS)
Published: September 23, 2024

CVE-2023-7281

4.3
    Google Chrome
Published: September 23, 2024

CVE-2023-7282

4.3
    Google Chrome
Published: September 23, 2024

CVE-2024-7019

4.3
    Google Chrome
Published: September 23, 2024

CVE-2024-7020

4.3
    Google Chrome
Published: September 23, 2024

CVE-2024-45453

3.7
    Maintenance Redirect
Published: September 23, 2024

CVE-2024-8263

2.7
    Github
  • Enterprise Server
Published: September 23, 2024

CVE-2022-48945

None
    Linux kernel
Published: September 23, 2024

CVE-2024-46544

None
    Apache Tomcat Connectors
Published: September 23, 2024

CVE-2024-7735

None
    Exnet Informatics Software Ferry Reservation System
Published: September 23, 2024

CVE-2024-7835

None
    Exnet Informatics Software Ferry Reservation System
Published: September 23, 2024

CVE-2024-39341

None
    Entrust Instant Financial Issuance (On Premise) Software (formerly known as Cardwizard)
Published: September 23, 2024
Click here to see more Vulnerabilities