Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to identity spoofing. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected Product(s) and Version(s)|...
8.8CVSS
6.8AI Score
0.0004EPSS
Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to identity spoofing. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected Product(s) and Version(s)|...
8.8CVSS
6.8AI Score
0.0004EPSS
Hfinger - Fingerprinting HTTP Requests
Tool for Fingerprinting HTTP requests of malware. Based on Tshark and written in Python3. Working prototype stage :-) Its main objective is to provide unique representations (fingerprints) of malware requests, which help in their identification. Unique means here that each fingerprint should be...
7AI Score
Malicious code in kami-richtext (npm)
-= Per source details. Do not edit below this line.=- Source: ghsa-malware (9634fe3bee06c80f43ca27ad558c4834386dc1bb31779583c7911b679f550bff) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
7AI Score
Ease the Burden with AI-Driven Threat Intelligence Reporting
_Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill's threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk. _ Cybersecurity.....
6.8AI Score
Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft
CVE-2024-30088 Bug: Bug is inside function...
7CVSS
7.4AI Score
0.0004EPSS
drupal/drupal is vulnerable to Cross-Site Scripting (XSS). The vulnerability is due to the issues in the CKEditor library when configured for WYSIWYG editing, allowing attackers to target users with access to CKEditor, including privileged site...
6.3AI Score
Rory McNamara discovered that when starting the cupsd server with a Listen configuration item, the cupsd process fails to validate if bind call passed. An attacker could possibly trick cupsd to perform an arbitrary chmod of the provided argument, providing world-writable access to the...
4.4CVSS
7.2AI Score
0.0004EPSS
libhibernate3-java vulnerability
It was discovered that Hibernate incorrectly handled certain inputs with unsanitized literals. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive...
7.4CVSS
7.3AI Score
0.004EPSS
Part 1: XZ backdoor story – Initial analysis Part 2: Assessing the Y, and How, of the XZ Utils incident (social engineering) In our first article on the XZ backdoor, we analyzed its code from initial infection to the function hooking it performs. As we mentioned then, its initial goal was to...
8.6AI Score
Improper line feed handling in zenml
A denial of service (DoS) vulnerability exists in zenml-io/zenml version 0.56.3 due to improper handling of line feed (\n) characters in component names. When a low-privileged user adds a component through the API endpoint api/v1/workspaces/default/components with a name containing a \n character,....
4.3CVSS
6.6AI Score
0.0004EPSS
Improper line feed handling in zenml
A denial of service (DoS) vulnerability exists in zenml-io/zenml version 0.56.3 due to improper handling of line feed (\n) characters in component names. When a low-privileged user adds a component through the API endpoint api/v1/workspaces/default/components with a name containing a \n character,....
4.3CVSS
6.8AI Score
0.0004EPSS
The configuration file is encrypted with a static key derived from a static five-character password which allows an attacker to decrypt this file. The application hashes this five-character password with the outdated and broken MD5 algorithm (no salt) and uses the first five bytes as the key...
0.0004EPSS
The configuration file is encrypted with a static key derived from a static five-character password which allows an attacker to decrypt this file. The application hashes this five-character password with the outdated and broken MD5 algorithm (no salt) and uses the first five bytes as the key...
6.7AI Score
0.0004EPSS
CVE-2024-36496 Hardcoded Credentials
The configuration file is encrypted with a static key derived from a static five-character password which allows an attacker to decrypt this file. The application hashes this five-character password with the outdated and broken MD5 algorithm (no salt) and uses the first five bytes as the key...
7AI Score
0.0004EPSS
CVE-2024-36496 Hardcoded Credentials
The configuration file is encrypted with a static key derived from a static five-character password which allows an attacker to decrypt this file. The application hashes this five-character password with the outdated and broken MD5 algorithm (no salt) and uses the first five bytes as the key...
0.0004EPSS
Red Tape Is Making Hospital Ransomware Attacks Worse
With cyberattacks increasingly targeting health care providers, an arduous bureaucratic process meant to address legal risk is keeping hospitals offline longer, potentially risking...
7.3AI Score
Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit...
0.0004EPSS
Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit...
6.4AI Score
0.0004EPSS
RedJuliett Cyber Espionage Campaign Hits 75 Taiwanese Organizations
A likely China-linked state-sponsored threat actor has been linked to a cyber espionage campaign targeting government, academic, technology, and diplomatic organizations in Taiwan between November 2023 and April 2024. Recorded Future's Insikt Group is tracking the activity under the name...
7.8CVSS
8.6AI Score
0.879EPSS
A denial of service (DoS) vulnerability exists in zenml-io/zenml version 0.56.3 due to improper handling of line feed (\n) characters in component names. When a low-privileged user adds a component through the API endpoint api/v1/workspaces/default/components with a name containing a \n character,....
4.3CVSS
0.0004EPSS
Bludit uses the SHA-1 hashing algorithm to compute password hashes. Thus, attackers could determine cleartext passwords with brute-force attacks due to the inherent speed of SHA-1. In addition, the salt that is computed by Bludit is generated with a non-cryptographically secure...
0.0004EPSS
Bludit uses the SHA-1 hashing algorithm to compute password hashes. Thus, attackers could determine cleartext passwords with brute-force attacks due to the inherent speed of SHA-1. In addition, the salt that is computed by Bludit is generated with a non-cryptographically secure...
6.7AI Score
0.0004EPSS
A denial of service (DoS) vulnerability exists in zenml-io/zenml version 0.56.3 due to improper handling of line feed (\n) characters in component names. When a low-privileged user adds a component through the API endpoint api/v1/workspaces/default/components with a name containing a \n character,....
4.3CVSS
6.8AI Score
0.0004EPSS
A denial of service (DoS) vulnerability exists in zenml-io/zenml version 0.56.3 due to improper handling of line feed (\n) characters in component names. When a low-privileged user adds a component through the API endpoint api/v1/workspaces/default/components with a name containing a \n character,....
4.3CVSS
4.5AI Score
0.0004EPSS
A security vulnerability has been identified in Bludit, allowing attackers with knowledge of the API token to upload arbitrary files through the File API which leads to arbitrary code execution on the server. This vulnerability arises from improper handling of file uploads, enabling malicious...
0.0004EPSS
A security vulnerability has been identified in Bludit, allowing attackers with knowledge of the API token to upload arbitrary files through the File API which leads to arbitrary code execution on the server. This vulnerability arises from improper handling of file uploads, enabling malicious...
7.7AI Score
0.0004EPSS
Summary IBM HTTP Server (IHS) is shipped as a component of IBM DevOps Code ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. [CVE-2023-52425] Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section....
7.5CVSS
6.9AI Score
0.001EPSS
CVE-2024-24554 Bludit - Insecure Token Generation
Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit...
6.7AI Score
0.0004EPSS
CVE-2024-24554 Bludit - Insecure Token Generation
Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit...
0.0004EPSS
CVE-2024-24553 Bludit uses SHA1 as Password Hashing Algorithm
Bludit uses the SHA-1 hashing algorithm to compute password hashes. Thus, attackers could determine cleartext passwords with brute-force attacks due to the inherent speed of SHA-1. In addition, the salt that is computed by Bludit is generated with a non-cryptographically secure...
7AI Score
0.0004EPSS
CVE-2024-24553 Bludit uses SHA1 as Password Hashing Algorithm
Bludit uses the SHA-1 hashing algorithm to compute password hashes. Thus, attackers could determine cleartext passwords with brute-force attacks due to the inherent speed of SHA-1. In addition, the salt that is computed by Bludit is generated with a non-cryptographically secure...
0.0004EPSS
A week in security (June 17 – June 23)
Last week on Malwarebytes Labs: Microsoft Recall delayed after privacy and security concerns (Almost) everything you always wanted to know about cybersecurity, but were too afraid to ask, with Tjitske de Vries: Lock and Code S05E13 43% of couples experience pressure to share logins and locations,.....
7.6AI Score
CVE-2024-24550 Bludit - Remote Code Execution (RCE) through File API
A security vulnerability has been identified in Bludit, allowing attackers with knowledge of the API token to upload arbitrary files through the File API which leads to arbitrary code execution on the server. This vulnerability arises from improper handling of file uploads, enabling malicious...
0.0004EPSS
CVE-2024-24550 Bludit - Remote Code Execution (RCE) through File API
A security vulnerability has been identified in Bludit, allowing attackers with knowledge of the API token to upload arbitrary files through the File API which leads to arbitrary code execution on the server. This vulnerability arises from improper handling of file uploads, enabling malicious...
8AI Score
0.0004EPSS
CVE-2024-4460 DoS Vulnerability in zenml-io/zenml
A denial of service (DoS) vulnerability exists in zenml-io/zenml version 0.56.3 due to improper handling of line feed (\n) characters in component names. When a low-privileged user adds a component through the API endpoint api/v1/workspaces/default/components with a name containing a \n character,....
4.3CVSS
0.0004EPSS
CVE-2024-4460 DoS Vulnerability in zenml-io/zenml
A denial of service (DoS) vulnerability exists in zenml-io/zenml version 0.56.3 due to improper handling of line feed (\n) characters in component names. When a low-privileged user adds a component through the API endpoint api/v1/workspaces/default/components with a name containing a \n character,....
4.3CVSS
6.5AI Score
0.0004EPSS
opencart/opencart is vulnerable to Arbitrary File Creation. The vulnerability is due to insufficient validation in the database restoration functionality, allowing an attacker with admin privileges to inject PHP code and create a backup file with an arbitrary filename and extension within...
7.2CVSS
7AI Score
0.0005EPSS
Multiple Threat Actors Deploying Open-Source Rafel RAT to Target Android Devices
Multiple threat actors, including cyber espionage groups, are employing an open-source Android remote administration tool called Rafel RAT to meet their operational objectives by masquerading it as Instagram, WhatsApp, and various e-commerce and antivirus apps. "It provides malicious actors with a....
7.5AI Score
moodle/moodle is vulnerable to Cross-site Scripting (XSS). The vulnerability is caused due to improper validation of user input in the "Field Name" parameter associated with a new activity, which allows an attacker to perform XSS...
5.8AI Score
0.0004EPSS
A Cross-Site Request Forgery (CSRF) vulnerability exists in the XTTS server of parisneo/lollms version 9.6 due to a lax CORS policy. The vulnerability allows attackers to perform unauthorized actions by tricking a user into visiting a malicious webpage, which can then trigger arbitrary LoLLMS-XTTS....
7.6CVSS
0.0004EPSS
A Cross-Site Request Forgery (CSRF) vulnerability exists in the XTTS server of parisneo/lollms version 9.6 due to a lax CORS policy. The vulnerability allows attackers to perform unauthorized actions by tricking a user into visiting a malicious webpage, which can then trigger arbitrary LoLLMS-XTTS....
7.6CVSS
7.6AI Score
0.0004EPSS
CVE-2024-4499 CSRF Vulnerability in parisneo/lollms XTTS Server
A Cross-Site Request Forgery (CSRF) vulnerability exists in the XTTS server of parisneo/lollms version 9.6 due to a lax CORS policy. The vulnerability allows attackers to perform unauthorized actions by tricking a user into visiting a malicious webpage, which can then trigger arbitrary LoLLMS-XTTS....
7.6CVSS
0.0004EPSS
Releases Ubuntu 20.04 LTS Ubuntu 18.04 ESM Ubuntu 16.04 ESM Packages libhibernate3-java - Relational Persistence for Idiomatic Java Details It was discovered that Hibernate incorrectly handled certain inputs with unsanitized literals. If a user or an automated system were tricked into opening...
7.5AI Score
Amazon Linux 2 : webkitgtk4 (ALAS-2024-2577)
The version of webkitgtk4 installed on the remote host is prior to 2.42.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2577 advisory. An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4,...
6.9AI Score
0.0005EPSS
Amazon Linux 2 : golang (ALAS-2024-2576)
The version of golang installed on the remote host is prior to 1.22.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2576 advisory. The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip...
9.8CVSS
8AI Score
0.001EPSS
CentOS 9 : kernel-5.14.0-467.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-467.el9 build changelog. In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not...
5.5CVSS
7.4AI Score
EPSS
Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2024-646)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-646 advisory. The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file...
9.8CVSS
8AI Score
0.001EPSS
Buffer Overflow vulnerability in ASUS router RT-AX88U with firmware versions v3.0.0.4.388_24198 allows a remote attacker to execute arbitrary code via the connection_state_machine due to improper length validation for the cookie...
8AI Score
0.0004EPSS
Stable Channel Update for Desktop
The Stable channel has been updated to 126.0.6478.126/127 for Windows, Mac and 126.0.6478.126 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept...
7.4AI Score
0.0004EPSS