Lucene search

K

Armoury Crate & Aura Creator Installer (ROG Live Service) Security Vulnerabilities

rapid7blog
rapid7blog

Metasploit Weekly Wrap-Up 06/21/2024

Argument Injection for PHP on Windows This week includes modules that target file traversal and arbitrary file read vulnerabilities for software such as Apache, SolarWinds and Check Point, with the highlight being a module for the recent PHP vulnerability submitted by sfewer-r7. This module...

9.8CVSS

8.9AI Score

0.96EPSS

2024-06-21 06:53 PM
2
hackread
hackread

AdsExhaust Adware Distributed in Fake Oculus Installer via Google Search

New adware "AdsExhaust" disguises itself as an Oculus installer to steal screenshots, generate fake clicks, and drain resources. Learn how to protect yourself from AdsExhaust and similar...

7.3AI Score

2024-06-21 05:05 PM
cve
cve

CVE-2022-44593

Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue affects Solid Security: from n/a through...

3.7CVSS

7AI Score

EPSS

2024-06-21 04:15 PM
nvd
nvd

CVE-2022-44593

Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue affects Solid Security: from n/a through...

3.7CVSS

EPSS

2024-06-21 04:15 PM
malwarebytes
malwarebytes

First million breached Ticketmaster records released for free

The cybercriminal acting under the name "Sp1d3r" gave away the first 1 million records that are part of the data set that they claimed to have stolen from Ticketmaster/Live Nation. The files were released without a price, for free. When Malwarebytes Labs first learned about this data breach, it...

7.2AI Score

2024-06-21 04:01 PM
3
cvelist
cvelist

CVE-2022-44593 WordPress Solid Security plugin <= 9.3.1 - IP Spoofing Leading to Denial of Service vulnerability

Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue affects Solid Security: from n/a through...

3.7CVSS

EPSS

2024-06-21 03:56 PM
ibm
ibm

Security Bulletin: Multiple PostgreSQL Vulnerabilities Affect IBM Storage Scale System

Summary There are vulnerabilities in PostgreSQL versions used by IBM Storage Scale System that could allow a remote authenticated attacker to obtain sensitive information or bypass security restrictions, a denial of service and a buffer overflow. IBM Storage Scale System has addressed the...

8.8CVSS

9.5AI Score

0.015EPSS

2024-06-21 03:45 PM
5
ibm
ibm

Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to Elastic Elasticsearch denial of service vulnerabilitiy.(CVE-2023-31418)

Summary Potential Elastic Elasticsearch denial of service vulnerabilitiy.(CVE-2023-31418) has been identified that may affect IBM Watson CP4D Data Stores. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details ** CVEID: CVE-2023-31418 ...

7.5CVSS

7.1AI Score

0.001EPSS

2024-06-21 03:01 PM
1
ibm
ibm

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to multiple vulnerabilities in Node.js ( CVE-2023-44487, CVE-2023-45143 )

Summary Potential vulnerabilities in Node.js related to the VM component ( CVE-2023-44487, CVE-2023-45143 ) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details.....

7.5CVSS

7.6AI Score

0.732EPSS

2024-06-21 02:39 PM
cve
cve

CVE-2024-6239

A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of...

6.5CVSS

6.4AI Score

EPSS

2024-06-21 02:15 PM
4
nvd
nvd

CVE-2024-6239

A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of...

6.5CVSS

EPSS

2024-06-21 02:15 PM
2
ibm
ibm

Security Bulletin: Security vulnerabilities may affect IBM WebSphere Liberty shipped with with IBM CICS TX Advanced

Summary Security vulnerabilities may affect IBM WebSphere Liberty shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the issue. Vulnerability Details ** CVEID: CVE-2024-25026 DESCRIPTION: **IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty...

7.5CVSS

7.5AI Score

0.0004EPSS

2024-06-21 01:51 PM
1
thn
thn

Chinese Hackers Deploy SpiceRAT and SugarGh0st in Global Espionage Campaign

A previously undocumented Chinese-speaking threat actor codenamed SneakyChef has been linked to an espionage campaign primarily targeting government entities across Asia and EMEA (Europe, Middle East, and Africa) with SugarGh0st malware since at least August 2023. "SneakyChef uses lures that are...

7.3AI Score

2024-06-21 01:42 PM
3
cvelist
cvelist

CVE-2024-6239 Poppler: pdfinfo: crash in broken documents when using -dests parameter

A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of...

6.5CVSS

EPSS

2024-06-21 01:28 PM
2
cve
cve

CVE-2024-35768

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Live Composer Team Page Builder: Live Composer allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through...

5.9CVSS

5.8AI Score

EPSS

2024-06-21 01:15 PM
3
nvd
nvd

CVE-2024-35768

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Live Composer Team Page Builder: Live Composer allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through...

5.9CVSS

EPSS

2024-06-21 01:15 PM
1
ibm
ibm

Security Bulletin: Multiple Linux Kernel vulnerabilities affect IBM Storage Scale System.

Summary There are multiple vulnerabilities in the Linux Kernel, used by IBM Storage Scale System, which could allow a local authenticated attacker to gain elevated privileges on the system. Fixes for these vulnerabilities are available. CVE-2023-51043, CVE-2024-1086, CVE-2024-0646, CVE-2023-6932,.....

7.8CVSS

8.4AI Score

0.011EPSS

2024-06-21 12:54 PM
rapid7blog
rapid7blog

Takeaways From The Take Command Summit: Understanding Modern Cyber Attacks

In today's cybersecurity landscape, staying ahead of evolving threats is crucial. The State of Security Panel from our Take Command summit held May 21st delved into how artificial intelligence (AI) is reshaping cyber attacks and defenses. The discussion highlighted the dual role of AI in...

7.4AI Score

2024-06-21 12:50 PM
1
cvelist
cvelist

CVE-2024-35768 WordPress Page Builder: Live Composer plugin <= 1.5.42 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Live Composer Team Page Builder: Live Composer allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through...

5.9CVSS

EPSS

2024-06-21 12:27 PM
1
vulnrichment
vulnrichment

CVE-2024-35768 WordPress Page Builder: Live Composer plugin <= 1.5.42 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Live Composer Team Page Builder: Live Composer allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through...

5.9CVSS

6.8AI Score

EPSS

2024-06-21 12:27 PM
nvd
nvd

CVE-2024-35779

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Live Composer Team Page Builder: Live Composer allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through...

6.5CVSS

EPSS

2024-06-21 12:15 PM
1
cve
cve

CVE-2024-35779

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Live Composer Team Page Builder: Live Composer allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through...

6.5CVSS

6.5AI Score

EPSS

2024-06-21 12:15 PM
2
talosblog
talosblog

Unveiling SpiceRAT: SneakyChef's latest tool targeting EMEA and Asia

Cisco Talos discovered a new remote access trojan (RAT) dubbed SpiceRAT, used by the threat actor SneakyChef in a recent campaign targeting government agencies in EMEA and Asia. We observed that SneakyChef launched a phishing campaign, sending emails delivering SugarGh0st and SpiceRAT with the...

7.5AI Score

2024-06-21 12:00 PM
2
cvelist
cvelist

CVE-2024-35779 WordPress Page Builder: Live Composer plugin <= 1.5.42 - Contributor+ Shortcode Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Live Composer Team Page Builder: Live Composer allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through...

6.5CVSS

EPSS

2024-06-21 11:40 AM
2
ibm
ibm

Security Bulletin: IBM Security SOAR is using a component with known vulnerabilities (CVE-2023-46589)

Summary IBM Security SOAR uses an older version of ElasticSearch that may be identified and exploited. An update has been released which addresses these issues. It is recommended upgrading to Version 51.0.2.1 or later of IBM Security SOAR. Vulnerability Details ** CVEID: CVE-2024-23450 ...

7.5CVSS

6.9AI Score

0.005EPSS

2024-06-21 11:20 AM
1
schneier
schneier

Ross Anderson’s Memorial Service

The memorial service for Ross Anderson will be held on Saturday, at 2:00 PM BST. People can attend remotely on Zoom. (The passcode is...

7.4AI Score

2024-06-21 11:04 AM
thn
thn

How to Use Tines's SOC Automation Capability Matrix

Created by John Tuckner and the team at automation and AI-powered workflow platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams understand their automation capabilities and respond more effectively to incidents. A...

7AI Score

2024-06-21 11:00 AM
26
thn
thn

Oyster Backdoor Spreading via Trojanized Popular Software Downloads

A malvertising campaign is leveraging trojanized installers for popular software such as Google Chrome and Microsoft Teams to drop a backdoor called Oyster (aka Broomstick and CleanUpLoader). That's according to findings from Rapid7, which identified lookalike websites hosting the malicious...

7.5AI Score

2024-06-21 09:51 AM
5
ibm
ibm

Security Bulletin: Multiple vulnerabilities in IBM Java may affect IBM Storage Protect for Space Management

Summary IBM Storage Protect for Space Management can be affected by security flaws in IBM Java. The flaws can lead to denial of service, confidentiality impact, integrity impact, availability impact, and sensitive information disclosure, as described in the "Vulnerability Details" section....

7.5CVSS

7.7AI Score

0.001EPSS

2024-06-21 07:32 AM
3
redhatcve
redhatcve

CVE-2024-6239

A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of...

6.5CVSS

6.3AI Score

EPSS

2024-06-21 05:05 AM
2
thn
thn

U.S. Bans Kaspersky Software, Citing National Security Risks

The U.S. Department of Commerce's Bureau of Industry and Security (BIS) on Thursday announced a "first of its kind" ban that prohibits Kaspersky Lab's U.S. subsidiary from directly or indirectly offering its security software in the country. The blockade also extends to the cybersecurity company's....

6.9AI Score

2024-06-21 04:25 AM
13
ibm
ibm

Security Bulletin: IBM i is vulnerable to a local privilege escalation due to a flaw in IBM TCP/IP Connectivity Utilities for i [CVE-2024-31890].

Summary IBM i is vulnerable to a local user with command line access gaining elevated privilege due to a flaw in IBM TCP/IP Connectivity Utilities for i as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerability as described in the...

7.8CVSS

6.9AI Score

EPSS

2024-06-21 04:24 AM
2
impervablog
impervablog

PCI DSS 4.0.1: New Clarifications on Client-Side Security – What You Need to Know

As a leading provider of web application and API security solutions, Imperva is committed to helping merchants, payment processors, and anyone seeking to comply with the latest PCI DSS requirements. We previously discussed the changes introduced in PCI DSS 4.0. This blog will cover the...

7.1AI Score

2024-06-21 12:46 AM
3
nessus
nessus

Dell Client BIOS DoS (DSA-2024-168)

Dell Client BIOS contains an Out-of-bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to platform denial of service. Note that Nessus has not tested for this issue but has instead relied only on the...

7AI Score

2024-06-21 12:00 AM
nessus
nessus

RHEL 8 : ovn-2021 (RHSA-2024:4035)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4035 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add ...

6.5CVSS

7.3AI Score

0.0005EPSS

2024-06-21 12:00 AM
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 : Recommended update for google-cloud SDK (SUSE-SU-SUSE-RU-2024:1637-2)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-SUSE-RU-2024:1637-2 advisory. - Add python311 cloud services packages and dependencies (jsc#PED-7987, jsc#PED-6697) - Bellow 5....

7.5CVSS

7.3AI Score

0.001EPSS

2024-06-21 12:00 AM
1
openvas
openvas

Ubuntu: Security Advisory (USN-6842-1)

The remote host is missing an update for...

6.5CVSS

7.5AI Score

0.001EPSS

2024-06-21 12:00 AM
ibm
ibm

Security Bulletin: TSSC/IMC is vulnerable to aritrary code excecution due to curl (CVE-2023-27536, CVE-2023-28321)

Summary TSSC/IMC is vulnerable to aritrary code excecution due to cURL. A patch has been provided that updates the curl library. (CVE-2023-30630, CVE-2023-28321) Vulnerability Details ** CVEID: CVE-2023-27536 DESCRIPTION: **cURL libcurl could allow a remote attacker to bypass security...

7.1CVSS

7.5AI Score

0.002EPSS

2024-06-20 11:50 PM
4
ibm
ibm

Security Bulletin: TSSC/IMC is vulnerable to a denial of service attack due to ncruses (CVE-2023-29491)

Summary TSSC/IMC is vulnerable to a denial of service attack due to ncruses (CVE-2023-29491). A patch has been provided that updates the Dmidecode library. Vulnerability Details ** CVEID: CVE-2023-29491 DESCRIPTION: **ncurses is vulnerable to a denial of service, caused by a memory corruption...

7.8CVSS

6.8AI Score

0.0004EPSS

2024-06-20 11:48 PM
3
ibm
ibm

Security Bulletin: TSSC/IMC is vulnerable to aritrary code excecution due to Java (CVE-2023-22081)

Summary TSSC/IMC is vulnerable to aritrary code excecution due to Dmidecode. A patch has been provided that updates the Java library. (CVE-2023-22081) Vulnerability Details ** CVEID: CVE-2023-22081 DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow a...

5.3CVSS

6.8AI Score

0.001EPSS

2024-06-20 11:41 PM
3
cve
cve

CVE-2024-35246

An attacker may be able to cause a denial-of-service condition by sending many packets...

7.5CVSS

7.4AI Score

0.0004EPSS

2024-06-20 11:15 PM
8
nvd
nvd

CVE-2024-35246

An attacker may be able to cause a denial-of-service condition by sending many packets...

7.5CVSS

0.0004EPSS

2024-06-20 11:15 PM
2
nvd
nvd

CVE-2024-32943

An attacker may be able to cause a denial-of-service condition by sending many SSH packets...

7.5CVSS

0.0004EPSS

2024-06-20 11:15 PM
1
cve
cve

CVE-2024-32943

An attacker may be able to cause a denial-of-service condition by sending many SSH packets...

7.5CVSS

7.4AI Score

0.0004EPSS

2024-06-20 11:15 PM
10
vulnrichment
vulnrichment

CVE-2024-32943 Westermo L210-F2G Lynx Improper Control of Interaction Frequency

An attacker may be able to cause a denial-of-service condition by sending many SSH packets...

7.5CVSS

6.7AI Score

0.0004EPSS

2024-06-20 10:12 PM
cvelist
cvelist

CVE-2024-32943 Westermo L210-F2G Lynx Improper Control of Interaction Frequency

An attacker may be able to cause a denial-of-service condition by sending many SSH packets...

7.5CVSS

0.0004EPSS

2024-06-20 10:12 PM
2
cvelist
cvelist

CVE-2024-35246 Westermo L210-F2G Lynx Improper Control of Interaction Frequency

An attacker may be able to cause a denial-of-service condition by sending many packets...

7.5CVSS

0.0004EPSS

2024-06-20 10:11 PM
4
ibm
ibm

Security Bulletin: AIX is vulnerable to security restrictions bypass due to cURL libcurl (CVE-2024-0853)

Summary Vulnerability in cURL libcurl could allow a remote attacker to bypass security restrictions (CVE-2024-0853). AIX uses cURL libcurl as part of rsyslog, LV/PV encryption integration with HPCS and in Live Update for interacting with HMC. Vulnerability Details ** CVEID: CVE-2024-0853 ...

5.3CVSS

6.2AI Score

0.001EPSS

2024-06-20 10:03 PM
ibm
ibm

Security Bulletin: TSSC/IMC is vulnerable to aritrary code excecution due to Dmidecode (CVE-2023-30630)

Summary TSSC/IMC is vulnerable to aritrary code excecution due to Dmidecode. A patch has been provided that updates the Dmidecode library. (CVE-2023-30630) Vulnerability Details ** CVEID: CVE-2023-30630 DESCRIPTION: **Dmidecode could allow a local authetnicated attacker to bypass security...

7.1CVSS

6.9AI Score

0.0004EPSS

2024-06-20 09:42 PM
nvd
nvd

CVE-2024-30848

Cross-site scripting (XSS) vulnerability in SilverSky E-mail service version 5.0.3126 allows remote attackers to inject arbitrary web script or HTML via the version...

0.0004EPSS

2024-06-20 09:15 PM
1
Total number of security vulnerabilities481953