Advanced Ads – Ad Manager & AdSense Security Vulnerabilities

CVE-2023-43538 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in TZ Secure OS

Memory corruption in TZ Secure OS while Tunnel Invoke Manager...

IT threat evolution in Q1 2024. Non-mobile statistics

IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics The statistics presented here are based on detection verdicts by Kaspersky products and services received from users who consented to providing statistical data. Quarterly.....

Andariel Hackers Target South Korean Institutes with New Dora RAT Malware

The North Korea-linked threat actor known as Andariel has been observed using a new Golang-based backdoor called Dora RAT in its attacks targeting educational institutes, manufacturing firms, and construction businesses in South Korea. "Keylogger, Infostealer, and proxy tools on top of the...

Beware: Fake Browser Updates Deliver BitRAT and Lumma Stealer Malware

Fake web browser updates are being used to deliver remote access trojans (RATs) and information stealer malware such as BitRAT and Lumma Stealer (aka LummaC2). "Fake browser updates have been responsible for numerous malware infections, including those of the well-known SocGholish malware,"...

RHEL 6 : tcpdump (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. tcpdump: multiple overflow issues in protocol decoding (CVE-2017-5486) Integer underflow in the...

K000139877: Linux kernel vulnerabilities CVE-2021-47076 and CVE-2021-47080

Security Advisory Description CVE-2021-47076 In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Return CQE error if invalid lkey was supplied RXE is missing update of WQE status in LOCAL_WRITE failures. This caused the following kernel panic if someone sent an atomic...

SUSE: Security Advisory (SUSE-SU-2024:1874-1)

The remote host is missing an update for...

RHEL 8 : qemu-kvm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. QEMU: usbredir: free() call on invalid pointer in bufp_alloc() (CVE-2021-3682) The ahci_commit_buf...

CVE-2024-36041

[ksmserver: Unauthorized users can access session...

K000139880: Intel CPU/BIOS vulnerabilities CVE-2023-28402, CVE-2023-27504, and CVE-2023-28383

Security Advisory Description CVE-2023-28402 Improper input validation in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2023-27504 Improper conditions check in some Intel(R) BIOS Guard firmware may allow a...

RHEL 7 : camel (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. hibernate-validator: Privilege escalation when running under the security manager (CVE-2017-7536) Note that Nessus...

RHEL 5 : libldb (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. samba, libldb: remote memory read in the Samba LDAP server (CVE-2015-5330) The ldb_wildcard_compare...

K000139876: Linux kernel vulnerability CVE-2021-46955

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets:...

RHEL 6 : tomcat5 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. tomcat: security manager bypass via IntrospectHelper utility function (CVE-2016-5018) The Realm...

RHEL 5 : subscription-manager (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. subscription-manager: sensitive world readable files in /var/lib/rhsm/ (CVE-2016-4455) Note that Nessus has not...

RHEL 8 : squid (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. squid: lack of UID assignment in child process spawning could lead to privileges escalation ...

RHEL 7 : tcpdump (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. tcpdump: SMB data printing mishandled (CVE-2018-10105) Integer underflow in the olsr_print function in...

RHEL 6 : 389-ds-base (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. 389-ds-base: Password brute-force possible for locked account due to different return codes ...

RHEL 6 : openssh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openssh: loading of untrusted PKCS#11 modules in ssh-agent (CVE-2016-10009) openssh: Bounds check can be...

RHEL 5 : tomcat5 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. tomcat: security manager bypass via IntrospectHelper utility function (CVE-2016-5018) tomcat: Remote...

RHEL 6 : gdm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gdm: lock screen bypass when timed login is enabled (CVE-2019-3825) vicious-extensions/ve-misc.c in...

RHEL 9 : squid (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. squid: exposure of sensitive information in cache manager (CVE-2022-41317) Rejected reason: DO NOT USE...

SUSE: Security Advisory (SUSE-SU-2024:1895-1)

The remote host is missing an update for...

RHEL 7 : ovirt-engine-backend (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ovirt-engine: connection does not validate certificate attributes. (CVE-2014-3706) Red Hat Enterprise...

Admin Notices Manager < 1.5.0 - Missing Authorization to Authenticated (Subscriber+) User Email Retrieval

Description The Admin Notices Manager plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handle_ajax_call() function in all versions up to, and including, 1.4.0. This makes it possible for authenticated attackers, with subscriber-level access....

RHEL 4 : openssh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openssh: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices (CVE-2015-5600) openssh:...

RHEL 7 : nettle (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. nettle: Leaky data conversion exposing a manager oracle (CVE-2018-16869) A flaw was found in the way...

RHEL 7 : libldb (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. samba: NULL pointer de-reference and use-after-free in Samba AD DC LDAP Server with ASQ, VLV and paged_results...

ORing IAP-420 2.01e Cross Site Scripting / Command Injection Vulnerabilities

...

BWL Advanced FAQ Manager 2.0.3 SQL Injection Vulnerability

...

Ticketmaster confirms customer data breach

Live Nation Entertainment has confirmed what everyone has been speculating on for the last week: Ticketmaster has suffered a data breach. In a filing with the SEC, Live Nation said on May 20th it identified "unauthorized activity within a third-party cloud database environment containing Company...

CVE-2024-36041

ksmserver: Unauthorized users can access session...

CVE-2024-2295

The Contact Form Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [xyz-cfm-form] shortcode in all versions up to, and including, 1.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-2295

The Contact Form Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [xyz-cfm-form] shortcode in all versions up to, and including, 1.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-2295 Contact Form Manager <= 1.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Contact Form Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [xyz-cfm-form] shortcode in all versions up to, and including, 1.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-2295 Contact Form Manager <= 1.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Contact Form Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [xyz-cfm-form] shortcode in all versions up to, and including, 1.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

AI Company Hugging Face Detects Unauthorized Access to Its Spaces Platform

Artificial Intelligence (AI) company Hugging Face on Friday disclosed that it detected unauthorized access to its Spaces platform earlier this week. "We have suspicions that a subset of Spaces' secrets could have been accessed without authorization," it said in an advisory. Spaces offers a way for....

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : Java (SUSE-SU-2024:1874-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1874-1 advisory. This update for Java fixes thefollowing issues: apiguardian was updated to vesion 1.1.2: - Added...

Oracle Linux 8 : idm:DL1 / and / idm:client (ELSA-2024-3267)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3267 advisory. bind-dyndb-ldap custodia ipa [4.9.13-9.0.1] - Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674] [9.4.13-9] - dcerpc:...

CVE-2024-22058

A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated permissions in Ivanti EPM 2021.1 and...

CVE-2024-22058

A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated permissions in Ivanti EPM 2021.1 and...

CVE-2024-22058

A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated permissions in Ivanti EPM 2021.1 and...

CVE-2024-22058

A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated permissions in Ivanti EPM 2021.1 and...

Mysterious Cyber Attack Took Down 600,000+ Routers in the U.S.

More than 600,000 small office/home office (SOHO) routers are estimated to have been bricked and taken offline following a destructive cyber attack staged by unidentified cyber actors, disrupting users' access to the internet. The mysterious event, which took place between October 25 and 27, 2023,....

How to tell if a VPN app added your Windows device to a botnet

On May 29, 2024, the US Department of Justice (DOJ) announced it had dismantled what was likely the world’s largest botnet ever. This botnet, called “911 S5,” infected systems at over 19 million IP addresses across more than 190 countries. The main sources of income for the operators, who stole a.....

Security Bulletin: Maximo Asset Management: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2024 - Includes Oracle April 2024 CPU plus CVE-2023-38264

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions (including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities).....

Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices

Microsoft has emphasized the need for securing internet-exposed operational technology (OT) devices following a spate of cyber attacks targeting such environments since late 2023. "These repeated attacks against OT devices emphasize the crucial need to improve the security posture of OT devices...

How AI Will Change Democracy

I don't think it's an exaggeration to predict that artificial intelligence will affect every aspect of our society. Not by doing new things. But mostly by doing things that are already being done by humans, perfectly competently. Replacing humans with AIs isn't necessarily interesting. But when an....

CVE-2024-4160

The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpdm-all-packages' shortcode in all versions up to, and including, 3.2.90 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-4160

The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpdm-all-packages' shortcode in all versions up to, and including, 3.2.90 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...