View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.9 ATTENTION: Exploitable remotely Vendor: Hitachi Energy Equipment: MACH SCM Vulnerabilities: Improper Control of Generation of Code, Improper Neutralization of Directives in Dynamically Evaluated Code 2. RISK EVALUATION Successful exploitation of these...
8.3AI Score
0.0004EPSS
Multiple Vulnerabilities in Hitachi Energy RTU500 Series
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 Series Vulnerabilities: Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow the...
7.3AI Score
0.0004EPSS
Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Honeywell Equipment: Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC Vulnerabilities: Exposed Dangerous Method or Function, Absolute Path Traversal,...
8.6AI Score
0.001EPSS
Rockwell Automation 5015-AENFTXT (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: 5015-AENFTXT Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to crash the...
7.6AI Score
0.0004EPSS
Siemens RUGGEDCOM APE1808 Devices Configured with Palo Alto Networks Virtual NGFW
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....
8.5AI Score
0.957EPSS
Exploit for Code Injection in Crushftp
CVE-2024-4040 - Exploit Scanners Introduction This...
9.7AI Score
0.959EPSS
Ubuntu 16.04 LTS / 18.04 LTS : Dnsmasq vulnerabilities (USN-6657-2)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6657-2 advisory. An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of...
7.7AI Score
Juniper Junos OS Vulnerability (JSA79105)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79105 advisory. An Incorrect Calculation of Buffer Size vulnerability in Juniper Networks Junos OS SRX 5000 Series devices using SPC2 line cards while ALGs are enabled allows an...
7.1AI Score
Ubuntu 22.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6743-3)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6743-3 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfs_evict_inode When the execution of diMount(ipimap) fails, the...
7AI Score
Grassroot DICOM RAWCodec::DecodeBytes out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2024-1944 Grassroot DICOM RAWCodec::DecodeBytes out-of-bounds read vulnerability April 25, 2024 CVE Number CVE-2024-25569 SUMMARY An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A...
6.5AI Score
0.0004EPSS
pyLoad allows upload to arbitrary folder lead to RCE
Summary An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution Details example version: 0.5 file:src/pyload/webui/app/blueprints/app_blueprint.py python @bp.route("/render/<path:filename>", endpoint="render") de...
7.2AI Score
0.0004EPSS
pyLoad allows upload to arbitrary folder lead to RCE
Summary An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution Details example version: 0.5 file:src/pyload/webui/app/blueprints/app_blueprint.py python @bp.route("/render/<path:filename>", endpoint="render") de...
7.1AI Score
0.0004EPSS
CHAOS v5.0.8 is a free and open-source Remote Administration Tool that allows generated binaries to control remote operating systems. The webapp contains a remote command execution vulnerability which can be triggered by an authenticated user when generating a new executable. The webapp also...
6.8AI Score
0.0004EPSS
Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity
CVE-2023-42793 - TeamCity Admin Account Creation lead to RCE ...
10AI Score
0.97EPSS
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices
*Updated 2024-04-25 16:57 GMT with minor wording corrections regarding the targeting of other vendors. ArcaneDoor is a campaign that is the latest example of state-sponsored actors targeting perimeter network devices from multiple vendors. Coveted by these actors, perimeter network devices are...
8.3AI Score
0.942EPSS
7.3AI Score
7.9AI Score
0.975EPSS
imet2000-pal.org Cross Site Scripting vulnerability OBB-3921694
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
C2-Tracker - Live Feed Of C2 Servers, Tools, And Botnets
Free to use IOC feed for various tools/malware. It started out for just C2 tools but has morphed into tracking infostealers and botnets as well. It uses shodan.io/">Shodan searches to collect the IPs. The most recent collection is always stored in data; the IPs are broken down by tool and there ...
7.1AI Score
Ubuntu 20.04 LTS : Squid vulnerability (USN-6728-3)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6728-3 advisory. Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug....
7.4AI Score
Oracle Linux 7 : kernel (ELSA-2024-2004)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2004 advisory. A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local...
7.7AI Score
RHEL 8 : kernel (RHSA-2024:2006)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2006 advisory. kernel: netfilter: divide error in nft_limit_init (CVE-2021-46915) kernel: use-after-free in smb2_is_status_io_timeout()...
7.7AI Score
RHEL 8 : kernel-rt (RHSA-2024:2008)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2008 advisory. kernel: netfilter: divide error in nft_limit_init (CVE-2021-46915) kernel: use-after-free in smb2_is_status_io_timeout()...
7.7AI Score
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6742-2)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6742-2 advisory. Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain...
7.4AI Score
RHEL 7 : kernel (RHSA-2024:2004)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2004 advisory. kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference (CVE-2020-36558) ...
7.9AI Score
RHEL 6 : qemu-kvm-rhev (RHSA-2017:1441)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:1441 advisory. Qemu: cirrus: heap buffer overflow via vnc connection (CVE-2016-9603) Qemu: VNC: memory corruption due to unchecked resolution limit...
8.1AI Score
RHEL 7 : kernel-rt (RHSA-2024:2003)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2003 advisory. kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference (CVE-2020-36558) ...
7.9AI Score
Unauthenticated CrushFTP Zero-Day Enables Complete Server Compromise
Rapid7 vulnerability researcher Ryan Emmons contributed to this blog. On Friday, April 19, 2024, managed file transfer vendor CrushFTP released information to a private mailing list on a new zero-day vulnerability affecting versions below 10.7.1 and 11.1.0 (as well as legacy 9.x versions) across...
10CVSS
10AI Score
0.959EPSS
Mitsubishi Electric Electrical Discharge Machines (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: Electrical discharge machines Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...
9.5AI Score
0.959EPSS
CrushFTP VFS - Sandbox Escape LFR
VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS...
9.2AI Score
0.959EPSS
German Authorities Issue Arrest Warrants for Three Suspected Chinese Spies
German authorities said they have issued arrest warrants against three citizens on suspicion of spying for China. The full names of the defendants were not disclosed by the Office of the Federal Prosecutor (aka Generalbundesanwalt), but it includes Herwig F., Ina F., and Thomas R. "The suspects...
6.8AI Score
Exploit for Code Injection in Crushftp
CVE-2024-4040 - exploit scanners This repository contains...
9.5AI Score
0.959EPSS
9.8CVSS
9.9AI Score
0.008EPSS
Ubuntu 22.04 LTS : Linux kernel (Low Latency) vulnerabilities (USN-6743-2)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6743-2 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfs_evict_inode When the execution of diMount(ipimap) fails, the...
6.7AI Score
RHEL 8 : kpatch-patch (RHSA-2024:1961)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1961 advisory. kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags (CVE-2023-3812) Note that Nessus has not tested for this issue...
8.8AI Score
Ubuntu 20.04 LTS : Pillow vulnerability (USN-6744-2)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6744-2 advisory. In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy. (CVE-2024-28219) Note that Nessus has not...
6.9AI Score
10CVSS
9.8AI Score
0.937EPSS
Oracle Linux 6 : kernel (ELSA-2024-1831)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1831 advisory. An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation....
7.3AI Score
openSUSE: Security Advisory for tomcat (SUSE-SU-2024:1345-1)
The remote host is missing an update for...
7.6AI Score
0.0004EPSS
FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution Exploit
A remote SQL injection vulnerability exists in FortiNet FortiClient EMS (Endpoint Management Server) versions 7.2.0 through 7.2.2 and 7.0.1 through 7.0.10. FortiClient EMS serves as an endpoint management solution tailored for enterprises, offering a centralized platform for overseeing enrolled...
10AI Score
0.711EPSS
A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code...
Exploit for Exposure of Private Personal Information to an Unauthorized Actor in Easyappointments
CVE-2022-0482 Vulnerability Exploitation Introduction This...
7.2AI Score
0.192EPSS
ToddyCat is making holes in your infrastructure
We continue covering the activities of the APT group ToddyCat. In our previous article, we described tools for collecting and exfiltrating files (LoFiSe and PcExter). This time, we have investigated how attackers obtain constant access to compromised infrastructure, what information on the hosts...
7.6AI Score
Exploit for Vulnerability in Reportlab
CVE-2023-33733 on Reportlab v3.6.12 This lab was set up to...
7.8CVSS
7.6AI Score
0.001EPSS
A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code...
10AI Score
0.964EPSS
7.4AI Score
9.8AI Score
0.957EPSS
7.4AI Score
0.957EPSS
7.4AI Score
kshs.org Cross Site Scripting vulnerability OBB-3918946
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score