Lucene search

K

ABB Ability™ Symphony® Plus Operations Security Vulnerabilities

thn
thn

UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term Spying

The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed utilizing multiple persistence mechanisms in order to maintain unfettered access to compromised environments. "Persistence mechanisms encompassed...

9.8CVSS

8AI Score

0.321EPSS

2024-06-19 03:09 PM
28
cvelist
cvelist

CVE-2024-22263 Arbitrary File Write Vulnerability in Spring Cloud Data Flow

Spring Cloud Data Flow is a microservices-based Streaming and Batch data processing in Cloud Foundry and Kubernetes. The Skipper server has the ability to receive upload package requests. However, due to improper sanitization for upload path, a malicious user who has access to skipper server api...

8.8CVSS

0.0004EPSS

2024-06-19 02:48 PM
4
vulnrichment
vulnrichment

CVE-2024-22263 Arbitrary File Write Vulnerability in Spring Cloud Data Flow

Spring Cloud Data Flow is a microservices-based Streaming and Batch data processing in Cloud Foundry and Kubernetes. The Skipper server has the ability to receive upload package requests. However, due to improper sanitization for upload path, a malicious user who has access to skipper server api...

8.8CVSS

7AI Score

0.0004EPSS

2024-06-19 02:48 PM
thn
thn

New Case Study: Unmanaged GTM Tags Become a Security Nightmare

Are your tags really safe with Google Tag Manager? If you've been thinking that using GTM means that your tracking tags and pixels are safely managed, then it might be time to think again. In this article we look at how a big-ticket seller that does business on every continent came unstuck when it....

6.9AI Score

2024-06-19 11:03 AM
15
nvd
nvd

CVE-2024-36480

Use of hard-coded credentials issue exists in Ricoh Streamline NX PC Client ver.3.7.2 and earlier. If this vulnerability is exploited, an attacker may obtain LocalSystem Account of the PC where the product is installed. As a result, unintended operations may be performed on the...

0.0004EPSS

2024-06-19 07:15 AM
1
cve
cve

CVE-2024-36480

Use of hard-coded credentials issue exists in Ricoh Streamline NX PC Client ver.3.7.2 and earlier. If this vulnerability is exploited, an attacker may obtain LocalSystem Account of the PC where the product is installed. As a result, unintended operations may be performed on the...

6.9AI Score

0.0004EPSS

2024-06-19 07:15 AM
12
cvelist
cvelist

CVE-2024-36480

Use of hard-coded credentials issue exists in Ricoh Streamline NX PC Client ver.3.7.2 and earlier. If this vulnerability is exploited, an attacker may obtain LocalSystem Account of the PC where the product is installed. As a result, unintended operations may be performed on the...

0.0004EPSS

2024-06-19 06:40 AM
2
nessus
nessus

Fedora 40 : composer (2024-9ed24c98cd)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-9ed24c98cd advisory. Version 2.7.7 2024-06-10 * Security: Fixed command injection via malicious git branch name (GHSA-47f6-5gq3-vx9c / CVE-2024-35241 ) *...

8.8CVSS

9.3AI Score

0.0004EPSS

2024-06-19 12:00 AM
nessus
nessus

CentOS 7 : firefox (RHSA-2024:3951)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3951 advisory. If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects...

7.5AI Score

0.0004EPSS

2024-06-19 12:00 AM
1
ibm
ibm

Security Bulletin: Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server

Summary IBM Db2 is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM Db2 have been published in a security bulletin CVE-2023-45853, CVE-2023-29267, CVE-2024-25710, CVE-2024-26308, CVE-2023-45178, CVE-2024-28762, CVE-2024-28757, CVE-2024-29025,...

9.8CVSS

6.9AI Score

EPSS

2024-06-18 08:03 PM
1
cve
cve

CVE-2022-23829

A potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 (kernel mode) access to bypass the native System Management Mode (SMM) ROM...

8.2CVSS

6.8AI Score

0.0004EPSS

2024-06-18 07:15 PM
19
rapid7blog
rapid7blog

Helpful tools to get started in IoT Assessments

The Internet of Things (IoT) can be a daunting field to get into. With many different tools and products available on the market it can be confusing to even know where to start. Having performed dozens of IoT assessments, I felt it would be beneficial to compile a basic list of items that are...

6.9AI Score

2024-06-18 01:00 PM
kitploit
kitploit

CyberChef - The Cyber Swiss Army Knife - A Web App For Encryption, Encoding, Compression And Data Analysis

CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR and Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data,...

6.9AI Score

2024-06-18 12:30 PM
5
talosblog
talosblog

Exploring malicious Windows drivers (Part 2): the I/O system, IRPs, stack locations, IOCTLs and more

This blog post is part of a multi-part series, and it is highly recommended to read the first entry here before continuing. As the second entry in our "Exploring malicious Windows drivers" series, we will continue where the first left off: Discussing the I/O system and IRPs. We will expand on...

6.6AI Score

2024-06-18 12:00 PM
5
thn
thn

The Annual SaaS Security Report: 2025 CISO Plans and Priorities

Seventy percent of enterprises are prioritizing investment in SaaS security by establishing dedicated teams to secure SaaS applications, as part of a growing trend of maturity in this field of cybersecurity, according to a new survey released this month by the Cloud Security Alliance (CSA)....

7.2AI Score

2024-06-18 11:23 AM
12
zdi
zdi

Tenable Nessus Network Monitor Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Tenable Nessus Network Monitor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS

7.1AI Score

0.001EPSS

2024-06-18 12:00 AM
1
zdi
zdi

Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate....

7.4AI Score

0.001EPSS

2024-06-18 12:00 AM
1
openvas
openvas

Ubuntu: Security Advisory (USN-6838-1)

The remote host is missing an update for...

7.1AI Score

EPSS

2024-06-18 12:00 AM
1
zdi
zdi

Toshiba e-STUDIO2518A unzip Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Toshiba e-STUDIO2518A printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the unzip method. The issue results from the lack of proper...

8.8CVSS

7.5AI Score

0.0004EPSS

2024-06-18 12:00 AM
openvas
openvas

Mageia: Security Advisory (MGASA-2024-0226)

The remote host is missing an update for...

7.1AI Score

EPSS

2024-06-18 12:00 AM
zdi
zdi

(0Day) Autodesk AutoCAD IGES File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.2AI Score

EPSS

2024-06-18 12:00 AM
1
zdi
zdi

(0Day) Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Spokes...

7.5AI Score

0.001EPSS

2024-06-18 12:00 AM
f5
f5

K000140043: runc vulnerability CVE-2024-21626

Security Advisory Description runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working...

8.6CVSS

7AI Score

0.051EPSS

2024-06-18 12:00 AM
3
f5
f5

K000140039: Intel QAT vulnerability CVE-2023-32641

Security Advisory Description Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access. (CVE-2023-32641) Impact There is no impact; F5 products are not affected by this...

8.8CVSS

7.5AI Score

0.001EPSS

2024-06-18 12:00 AM
4
f5
f5

K000140042: libldap vulnerability CVE-2020-15719

Security Advisory Description libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8.....

4.2CVSS

6.4AI Score

0.002EPSS

2024-06-18 12:00 AM
1
hp
hp

Insyde BIOS June 2024 EDK II Reference Vulnerabilities

Potential EDK II reference code vulnerabilities have been identified in certain HP PC products using Insyde BIOS (Insyde H20 UEFI Firmware), which might allow arbitrary code execution. Inysde has released updates to mitigate the potential vulnerabilities. Insyde has released updates to mitigate...

7.8CVSS

8.2AI Score

0.0004EPSS

2024-06-18 12:00 AM
1
f5
f5

K000140029: libcurl vulnerability CVE-2024-2398

Security Advisory Description When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously...

6.6AI Score

0.0004EPSS

2024-06-18 12:00 AM
8
zdi
zdi

PaperCut NG generateNextFileName Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerability. The specific flaw exists within the generateNextFileName method. The issue results from the lack of proper validation of a...

7.2CVSS

7.3AI Score

0.001EPSS

2024-06-18 12:00 AM
zdi
zdi

Hewlett Packard Enterprise OneView startUpgradeCommon Command Injection Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges code on affected installations of Hewlett Packard Enterprise OneView. An attacker must first obtain the ability to execute low-privileged code on the target system or send an HTTP request to a local service in order to exploit this...

7.8CVSS

7.5AI Score

0.012EPSS

2024-06-18 12:00 AM
zdi
zdi

Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability

This vulnerability allows local attackers to downgrade Parallels software on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the...

7AI Score

0.001EPSS

2024-06-18 12:00 AM
jvn
jvn

JVN#00442488: Multiple vulnerabilities in Ricoh Streamline NX PC Client

Ricoh Streamline NX PC Client provided by RICOH COMPANY, LTD. contains multiple vulnerabilities listed below. Improper restriction of communication channel to intended endpoints (CWE-923) CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Base Score 6.3 CVE-2024-36252 ricoh-2024-000004 Use of...

7.5AI Score

0.0004EPSS

2024-06-18 12:00 AM
1
f5
f5

K000140040: OpenLDAP slapd vulnerabilities CVE-2020-36230, CVE-2020-36229, CVE-2017-17740, CVE-2017-9287, and CVE-2017-14159

Security Advisory Description CVE-2020-36230 A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. CVE-2020-36229 A flaw was discovered in ldap_X509dn2bv in OpenLDAP before...

7.5CVSS

7.4AI Score

0.915EPSS

2024-06-18 12:00 AM
4
packetstorm

9.8CVSS

7AI Score

0.967EPSS

2024-06-18 12:00 AM
66
cve
cve

CVE-2024-34833

Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload images via the "save_settings" page. An unauthenticated attacker can leverage this functionality to upload a malicious PHP file instead. Successful exploitation of this vulnerability results in the ability....

7.9AI Score

0.0004EPSS

2024-06-17 09:15 PM
20
nvd
nvd

CVE-2024-34833

Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload images via the "save_settings" page. An unauthenticated attacker can leverage this functionality to upload a malicious PHP file instead. Successful exploitation of this vulnerability results in the ability....

0.0004EPSS

2024-06-17 09:15 PM
7
mageia
mageia

Updated iperf packages fix security vulnerability

iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with RSA authentication, allows a timing side channel in RSA decryption operations. This side channel could be sufficient for an attacker to recover credential plaintext. It requires the attacker to send a large number of messages....

6.7AI Score

EPSS

2024-06-17 08:44 PM
3
wallarmlab
wallarmlab

Zero-Day Marketplace Explained: How Zerodium, BugTraq, and Fear contributed to the Rise of the Zero-Day Vulnerability Black Market

Whenever a company is notified about or discovers a critical flaw in their system/application that has the potential to be exploited by malicious elements, it’s termed a vulnerability. However, every time a flaw being actively exploited is discovered, code red is punched as the organization’s IT...

7.9AI Score

2024-06-17 08:33 PM
5
osv
osv

ruby2.7, ruby3.0, ruby3.1, ruby3.2 vulnerabilities

It was discovered that Ruby RDoc incorrectly parsed certain YAML files. If a user or automated system were tricked into parsing a specially crafted .rdoc_options file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2024-27281) It was discovered that the Ruby regex.....

7AI Score

EPSS

2024-06-17 02:24 PM
malwarebytes
malwarebytes

Microsoft Recall delayed after privacy and security concerns

Microsoft has announced it will postpone the broadly available preview of the heavily discussed Recall feature for Copilot+ PCs. Copilot+ PCs are personal computers that come equipped with several artificial intelligence (AI) features. The Recall feature tracks anything from web browsing to voice.....

6.7AI Score

2024-06-17 01:55 PM
4
ibm
ibm

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to libssh, Linux-pam ,Kerberos 5, systemd and idna packages/liberaries.

Summary IBM MQ Operator and Queue manager container images are vulnerable to libssh, Linux-pam ,Kerberos 5, systemd and idna. This bulletin identifies the steps required to address these vulnerabilities Vulnerability Details ** CVEID: CVE-2023-6004 DESCRIPTION: **libssh could allow a local...

5.9CVSS

8.6AI Score

EPSS

2024-06-17 11:59 AM
4
thn
thn

What is DevSecOps and Why is it Essential for Secure Software Delivery?

Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or after a service is deployed), the ensuing process of compiling and fixing vulnerabilities creates massive.....

7.4AI Score

2024-06-17 11:26 AM
6
ibm
ibm

Security Bulletin: IBM Maximo Application Suite uses jose-2.0.6.tgz which is vulnerable to CVE-2024-28176.

Summary Security Bulletin: IBM Maximo Application Suite uses jose-2.0.6.tgz which is vulnerable to CVE-2024-28176. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2024-28176 DESCRIPTION: **Node.js jose module is vulnerable to a...

4.9CVSS

7AI Score

0.0004EPSS

2024-06-17 08:34 AM
1
osv
osv

BIT-elasticsearch-2024-23445

It was identified that if a cross-cluster API key https://www.elastic.co/guide/en/elasticsearch/reference/8.14/security-api-create-cross-cluster-api-key.html#security-api-create-cross-cluster-api-key-request-body restricts search for a given index using the query or the field_security parameter,...

6.5CVSS

6.9AI Score

0.0004EPSS

2024-06-17 07:18 AM
3
cvelist
cvelist

CVE-2024-34833

Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload images via the "save_settings" page. An unauthenticated attacker can leverage this functionality to upload a malicious PHP file instead. Successful exploitation of this vulnerability results in the ability....

0.0004EPSS

2024-06-17 12:00 AM
1
ubuntu
ubuntu

Ruby vulnerabilities

Releases Ubuntu 24.04 LTS Ubuntu 23.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages ruby2.7 - Object-oriented scripting language ruby3.0 - Object-oriented scripting language ruby3.1 - Object-oriented scripting language ruby3.2 - Object-oriented scripting language Details It was discovered that...

7.4AI Score

EPSS

2024-06-17 12:00 AM
1
nessus
nessus

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Ruby vulnerabilities (USN-6838-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6838-1 advisory. It was discovered that Ruby RDoc incorrectly parsed certain YAML files. If a user or automated system were tricked...

8.1AI Score

EPSS

2024-06-17 12:00 AM
2
wired
wired

Ransomware Attacks Are Getting Worse

Plus: US lawmakers have nothing to say about an Israeli influence campaign aimed at US voters, a former LA Dodgers owner wants to fix the internet, and...

7.2AI Score

2024-06-15 10:30 AM
3
cve
cve

CVE-2024-37369

A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the...

7.1AI Score

0.0004EPSS

2024-06-14 05:15 PM
20
cve
cve

CVE-2024-5659

Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be exploited by sending abnormal packets to the mDNS port. If exploited, the availability of the device...

6.8AI Score

0.0004EPSS

2024-06-14 05:15 PM
23
vulnrichment
vulnrichment

CVE-2024-37369 Rockwell Automation FactoryTalk® View SE Local Privilege Escalation Vulnerability via Local File Permissions

A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the...

7AI Score

0.0004EPSS

2024-06-14 04:50 PM
3
Total number of security vulnerabilities104362