Talos Vulnerability Report TALOS-2024-1941 AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Read-What-Where vulnerability May 28, 2024 CVE Number CVE-2024-23315 SUMMARY A read-what-where vulnerability exists in the Programming Software Connection IMM 01A1 Memory...
7.5CVSS
7AI Score
0.001EPSS
Talos Vulnerability Report TALOS-2024-1940 AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Write-What-Where vulnerability May 28, 2024 CVE Number CVE-2024-22187 SUMMARY A write-what-where vulnerability exists in the Programming Software Connection Remote Memory...
9.1CVSS
7.6AI Score
0.001EPSS
Foxit Reader Updater improper certificate validation privilege escalation vulnerability
Talos Vulnerability Report TALOS-2024-1989 Foxit Reader Updater improper certificate validation privilege escalation vulnerability May 28, 2024 CVE Number CVE-2024-29072 SUMMARY A privilege escalation vulnerability exists in the Foxit Reader 2024.2.0.25138. The vulnerability occurs due to improper....
8.2CVSS
7.6AI Score
0.0004EPSS
Talos Vulnerability Report TALOS-2024-1939 AutomationDirect P3-550E Programming Software Connection FileSelect stack-based buffer overflow vulnerability May 28, 2024 CVE Number CVE-2024-24963,CVE-2024-24962 SUMMARY A stack-based buffer overflow vulnerability exists in the Programming Software...
9.8CVSS
8AI Score
0.001EPSS
openSUSE 15 Security Update : opera (openSUSE-SU-2024:0142-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0142-1 advisory. - Update to 110.0.5130.39 * DNA-115603 [Rich Hints] Pass trigger source to the Rich Hint * DNA-116680 Import 0-day fix for CVE-2024-5274 -...
9.6CVSS
7AI Score
0.003EPSS
7.4AI Score
openSUSE: Security Advisory for opera (openSUSE-SU-2024:0142-1)
The remote host is missing an update for...
9.6CVSS
9.2AI Score
0.003EPSS
Linux kernel (Intel IoTG) vulnerabilities
Releases Ubuntu 22.04 LTS Packages linux-intel-iotg - Linux kernel for Intel IoT platforms Details Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically...
7.8CVSS
7.5AI Score
EPSS
In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To fix....
6.6AI Score
0.0004EPSS
New Tricks in the Phishing Playbook: Cloudflare Workers, HTML Smuggling, GenAI
Cybersecurity researchers are alerting of phishing campaigns that abuse Cloudflare Workers to serve phishing sites that are used to harvest users' credentials associated with Microsoft, Gmail, Yahoo!, and cPanel Webmail. The attack method, called transparent phishing or adversary-in-the-middle...
7.2AI Score
Fedora: Security Advisory for freerdp (FEDORA-2024-050266dc33)
The remote host is missing an update for...
9.8CVSS
8.8AI Score
0.0004EPSS
Fedora: Security Advisory for flatpak (FEDORA-2024-43ea98691e)
The remote host is missing an update for...
8.4CVSS
8.4AI Score
0.0004EPSS
Fedora: Security Advisory for freerdp (FEDORA-2024-c702ea0fb1)
The remote host is missing an update for...
9.8CVSS
8.8AI Score
0.0004EPSS
Fedora: Security Advisory for libreoffice (FEDORA-2024-7989718224)
The remote host is missing an update for...
8.8AI Score
0.0004EPSS
Fedora: Security Advisory for gnome-shell (FEDORA-2024-635a54eb7e)
The remote host is missing an update for...
7.5AI Score
0.0004EPSS
Fedora: Security Advisory for gnome-shell (FEDORA-2024-fd2569c4e9)
The remote host is missing an update for...
7.5AI Score
0.0004EPSS
Fedora: Security Advisory for R (FEDORA-2024-07b7b83a4f)
The remote host is missing an update for...
8.8CVSS
8.8AI Score
0.0004EPSS
Fedora: Security Advisory for flatpak (FEDORA-2024-c8d21fe399)
The remote host is missing an update for...
8.4CVSS
8.4AI Score
0.0004EPSS
Fedora: Security Advisory for R (FEDORA-2024-bc590cb3f1)
The remote host is missing an update for...
8.8CVSS
8.8AI Score
0.0004EPSS
Fedora: Security Advisory for freerdp (FEDORA-2024-1b11432d52)
The remote host is missing an update for...
9.8CVSS
8.8AI Score
0.0004EPSS
Fedora: Security Advisory for freerdp2 (FEDORA-2024-982a7184e0)
The remote host is missing an update for...
9.8CVSS
8.8AI Score
0.0004EPSS
Domainim - A Fast And Comprehensive Tool For Organizational Network Scanning
Domainim is a fast domain reconnaissance tool for organizational network scanning. The tool aims to provide a brief overview of an organization's structure using techniques like OSINT, bruteforcing, DNS resolving etc. Features Current features (v1.0.1)- - Subdomain enumeration (2 engines +...
7.8AI Score
7.8CVSS
6.4AI Score
0.001EPSS
7.8CVSS
6.4AI Score
0.001EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ucode-intel (SUSE-SU-2024:1771-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1771-1 advisory. Intel CPU Microcode was updated to the 20240514 release (bsc#1224277) - CVE-2023-45733: Fixed...
7.9CVSS
7.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To fix....
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To fix....
6.7AI Score
0.0004EPSS
CVE-2021-47514 devlink: fix netns refcount leak in devlink_nl_cmd_reload()
In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To fix....
6.5AI Score
0.0004EPSS
CVE-2021-47514 devlink: fix netns refcount leak in devlink_nl_cmd_reload()
In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To fix....
6.8AI Score
0.0004EPSS
[SECURITY] Fedora 39 Update: libreoffice-7.6.7.2-1.fc39
LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. ...
6.8AI Score
0.0004EPSS
7.1AI Score
0.0004EPSS
Security Advisory 0097 PDF Date: May 24, 2024 Revision | Date | Changes ---|---|--- 1.0 | May 24, 2024 | Initial release The CVE-ID tracking this issue: CVE-2023-52424 CVSSv3.1 Base Score: Not indicated by NVD as of 5/23/2024 Description Arista Networks is providing this security update in...
6AI Score
EPSS
7.9CVSS
7.5AI Score
0.0004EPSS
7.2AI Score
EPSS
In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To fix....
6.6AI Score
0.0004EPSS
KLA68204 DoS vulnerability in Opera
Type confusion vulnerability was found in Opera. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Opera 110.0.5130.39 Stable update Stable Channel Update for Desktop Exploitation Public exploits exist for this vulnerability. Related products Opera CVE.....
8.8CVSS
6.4AI Score
0.003EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaFirefox (SUSE-SU-2024:1770-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1770-1 advisory. Update to version 115.11.0 ESR (bsc#1224056): - CVE-2024-4367: Arbitrary JavaScript execution...
8.3AI Score
0.0004EPSS
Stark Industries Solutions: An Iron Hammer in the Cloud
The homepage of Stark Industries Solutions. Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government.....
6.8AI Score
gnome-remote-desktop vulnerability
Matthias Gerstner discovered that GNOME Remote Desktop incorrectly performed certain user validation checks. A local attacker could possibly use this issue to obtain sensitive information, or take control of remote desktop...
6.8AI Score
EPSS
Tauri is a framework for building binaries for all major desktop platforms. Remote origin iFrames in Tauri applications can access the Tauri IPC endpoints without being explicitly allowed in the dangerousRemoteDomainIpcAccess in v1 and in the capabilities in v2. Valid commands with potentially...
5.9CVSS
7AI Score
0.0004EPSS
Tauri is a framework for building binaries for all major desktop platforms. Remote origin iFrames in Tauri applications can access the Tauri IPC endpoints without being explicitly allowed in the dangerousRemoteDomainIpcAccess in v1 and in the capabilities in v2. Valid commands with potentially...
5.9CVSS
5.9AI Score
0.0004EPSS
CVE-2024-35222 iFrames Bypass Origin Checks for Tauri API Access Control
Tauri is a framework for building binaries for all major desktop platforms. Remote origin iFrames in Tauri applications can access the Tauri IPC endpoints without being explicitly allowed in the dangerousRemoteDomainIpcAccess in v1 and in the capabilities in v2. Valid commands with potentially...
5.9CVSS
5.8AI Score
0.0004EPSS
Go-Secdump - Tool To Remotely Dump Secrets From The Windows Registry
Package go-secdump is a tool built to remotely extract hashes from the SAM registry hive as well as LSA secrets and cached hashes from the SECURITY hive without any remote agent and without touching disk. The tool is built on top of the library go-smb and use it to communicate with the Windows...
7.3AI Score
AutomationDirect Productivity PLCs
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: AutomationDirect Equipment: Productivity PLCs Vulnerabilities: Buffer Access with Incorrect Length Value, Out-of-bounds Write, Stack-based Buffer Overflow, Improper Access Control, Active...
9.8CVSS
10AI Score
0.001EPSS
(RHSA-2024:3304) Important: libreoffice security fix update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
7.1AI Score
0.001EPSS
9.8CVSS
7.5AI Score
0.017EPSS
GNOME Remote Desktop vulnerability
Releases Ubuntu 24.04 LTS Packages gnome-remote-desktop - Remote desktop daemon for GNOME Details Matthias Gerstner discovered that GNOME Remote Desktop incorrectly performed certain user validation checks. A local attacker could possibly use this issue to obtain sensitive information, or take...
7.2AI Score
EPSS
KLA68203 DoS vulnerability in Google Chrome
Type confusion vulnerability was found in Google Chrome. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Stable Channel Update for Desktop Exploitation Public exploits exist for this vulnerability. Related products Google-Chrome CVE list CVE-2024-5274....
8.8CVSS
6.2AI Score
0.003EPSS
Stable Channel Update for Desktop
The Stable channel has been updated to 125.0.6422.112/.113 for Windows, Mac and 125.0.6422.112 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept...
8.8CVSS
7.3AI Score
0.003EPSS