Moderate: sssd security and bug fix update
The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end...
7.2AI Score
0.0004EPSS
Stable Channel Update for Desktop
The Stable channel has been updated to 124.0.6367.118/.119 for Windows, Mac and 124.0.6367.118 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. The Extended Stable channel has been updated to 124.0.6367.118 for Mac and Windows.....
7.7AI Score
0.0004EPSS
Moderate: sssd security and bug fix update
The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end...
7.4AI Score
0.0004EPSS
Amazon Linux 2 : firefox (ALASFIREFOX-2024-024)
The version of firefox installed on the remote host is prior to 115.10.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2024-024 advisory. An attacker was able to inject an event handler into a privileged object that would allow arbitrary ...
8.1AI Score
The Grandstream UCM Series IP PBX before firmware version 1.0.20.52 is affected by a parameter injection vulnerability in the HTTP interface. A remote and authenticated attacker can execute arbitrary code by sending a crafted HTTP request. Authentication may be possible using a default user and...
8.8CVSS
8.5AI Score
0.0004EPSS
CVE-2024-0840 Grandstream UCM Series IP PBX HTTP Parameter Injection
The Grandstream UCM Series IP PBX before firmware version 1.0.20.52 is affected by a parameter injection vulnerability in the HTTP interface. A remote and authenticated attacker can execute arbitrary code by sending a crafted HTTP request. Authentication may be possible using a default user and...
8.2AI Score
0.0004EPSS
CodeQL zero to hero part 3: Security research with CodeQL
I've written a bit in the past about static analysis (CodeQL zero to hero part 1: Fundamentals of static analysis) and basics of writing CodeQL queries (CodeQL zero to hero part 2: Getting started with CodeQL). Today, I want to dig deeper about CodeQL and talk about variant analysis, writing a...
8.3AI Score
Fedora 40 : yyjson (2024-8c48a81cb9)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-8c48a81cb9 advisory. yyjson through 0.8.0 has a double free, leading to remote code execution in some cases, because the pool_free function lacks loop checks. (pool_free is...
7.7AI Score
7.5AI Score
0.0004EPSS
7.5AI Score
0.0004EPSS
CentOS 8 : firefox (CESA-2024:1912)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:1912 advisory. The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites....
7.3AI Score
Fedora 40 : firefox (2024-c6a1d4e0ec)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-c6a1d4e0ec advisory. There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory...
7.9AI Score
The Bug Report - April 2024 Edition
The Bug Report - April 2024 Edition By Jonathan Omakun and Tobi Olawale· April 29, 2024 Why am I here? Just when you thought it was safe to go back into the digital waters, out pops another series of rogue waves in the form of CVEs! It's like that beach vacation you planned to get away from it...
8.9AI Score
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks
Identity and access management (IAM) services provider Okta has warned of a spike in the "frequency and scale" of credential stuffing attacks aimed at online services. These unprecedented attacks, observed over the last month, are said to be facilitated by "the broad availability of residential...
6.8AI Score
RHEL 6 / 7 : rh-ruby24-ruby (RHSA-2019:1150)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1150 advisory. rubygems: Delete directory using symlink when decompressing tar (CVE-2019-8320) rubygems: Escape sequence injection vulnerability in...
7.9AI Score
Updated firefox packages fix security vulnerabilities
CVE-2024-3852: GetBoundName in the JIT returned the wrong object CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement CVE-2024-3857: Incorrect JITting of arguments led to use-after-free during garbage collection CVE-2024-2609: Permission prompt input delay could expire when not...
7.6AI Score
0.0004EPSS
Updated thunderbird packages fix security vulnerabilities
CVE-2024-3852: GetBoundName in the JIT returned the wrong object CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement CVE-2024-3857: Incorrect JITting of arguments led to use-after-free during garbage collection CVE-2024-2609: Permission prompt input delay could expire when not...
7.4AI Score
0.0004EPSS
RHEL 7 : rh-ruby25-ruby (RHSA-2019:1148)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1148 advisory. rubygems: Delete directory using symlink when decompressing tar (CVE-2019-8320) rubygems: Escape sequence injection vulnerability in...
8.3AI Score
RHEL 5 : kernel (RHSA-2019:1932)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1932 advisory. kernel: Exploitable memory corruption due to UFO to non-UFO path switch (CVE-2017-1000112) Note that Nessus has not tested for this issue but has...
7AI Score
RHEL 5 : kernel (RHSA-2019:1931)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1931 advisory. kernel: Exploitable memory corruption due to UFO to non-UFO path switch (CVE-2017-1000112) Note that Nessus has not tested for this issue but has...
7AI Score
openSUSE: Security Advisory for MozillaThunderbird (SUSE-SU-2024:1437-1)
The remote host is missing an update for...
6.8AI Score
0.0004EPSS
CentOS 7 : thunderbird (RHSA-2024:1935)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1935 advisory. The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites....
7.3AI Score
Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series (Update A)
EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R Series/iQ-F Series EtherNet/IP Modules and EtherNet/IP Configuration Tool Vulnerabilities: Weak Password Requirements, Use of Hard-coded Credentials, Missing...
7.8AI Score
0.001EPSS
Mitsubishi Electric MELSEC Series CPU Module (Update D)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: MELSEC Series CPU module Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a...
8.2AI Score
0.004EPSS
Multiple Vulnerabilities in Hitachi Energy RTU500 Series
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 Series Vulnerabilities: Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow the...
7.3AI Score
0.0004EPSS
Grassroot DICOM JPEG2000Codec::DecodeByStreamsCommon out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2024-1935 Grassroot DICOM JPEG2000Codec::DecodeByStreamsCommon out-of-bounds write vulnerability April 25, 2024 CVE Number CVE-2024-22373 SUMMARY An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu...
7.9AI Score
0.001EPSS
Juniper Junos OS Vulnerability (JSA79105)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79105 advisory. An Incorrect Calculation of Buffer Size vulnerability in Juniper Networks Junos OS SRX 5000 Series devices using SPC2 line cards while ALGs are enabled allows an...
7.1AI Score
RHEL 9 : thunderbird (RHSA-2024:1938)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1938 advisory. Mozilla: Permission prompt input delay could expire when not in focus (CVE-2024-2609) Mozilla: Denial of Service using HTTP/2...
7.7AI Score
RHEL 8 : thunderbird (RHSA-2024:1939)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1939 advisory. Mozilla: Permission prompt input delay could expire when not in focus (CVE-2024-2609) Mozilla: Denial of Service using HTTP/2...
7.4AI Score
RHEL 9 : thunderbird (RHSA-2024:1940)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1940 advisory. Mozilla: Permission prompt input delay could expire when not in focus (CVE-2024-2609) Mozilla: Denial of Service using HTTP/2...
7.4AI Score
RHEL 8 : thunderbird (RHSA-2024:1936)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1936 advisory. Mozilla: Permission prompt input delay could expire when not in focus (CVE-2024-2609) Mozilla: Denial of Service using HTTP/2...
7.4AI Score
RHEL 7 : thunderbird (RHSA-2024:1935)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1935 advisory. Mozilla: Permission prompt input delay could expire when not in focus (CVE-2024-2609) Mozilla: Denial of Service using HTTP/2...
7.4AI Score
RHEL 8 : thunderbird (RHSA-2024:1937)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1937 advisory. Mozilla: Permission prompt input delay could expire when not in focus (CVE-2024-2609) Mozilla: Denial of Service using HTTP/2...
7.4AI Score
Unveiling the Hidden Power of the CMDB in Cybersecurity
In the ever-evolving landscape of cybersecurity, where attacks grow increasingly sophisticated, organizations must leverage every tool at their disposal to stay one step ahead. While CISOs and SecOps teams often focus on disciplines such as vulnerability detection, attack surface management, and...
6.9AI Score
A vulnerability in the CLI of the Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have read-only or...
8.8CVSS
7.3AI Score
0.0004EPSS
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with Administrator-level privileges to perform command injection attacks on an affected system and elevate their privileges to root. This...
8.7CVSS
7.9AI Score
0.0004EPSS
A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with...
7.4AI Score
0.0004EPSS
A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.....
7.4AI Score
0.002EPSS
A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary...
7.5AI Score
0.001EPSS
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices
*Updated 2024-04-25 16:57 GMT with minor wording corrections regarding the targeting of other vendors. ArcaneDoor is a campaign that is the latest example of state-sponsored actors targeting perimeter network devices from multiple vendors. Coveted by these actors, perimeter network devices are...
8.3AI Score
0.942EPSS
Dan Solove on Privacy Regulation
Law professor Dan Solove has a new article on privacy regulation. In his email to me, he writes: "I’ve been pondering privacy consent for more than a decade, and I think I finally made a breakthrough with this article." His mini-abstract: In this Article I argue that most of the time, privacy...
7.2AI Score
Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users
Security vulnerabilities uncovered in cloud-based pinyin keyboard apps could be exploited to reveal users' keystrokes to nefarious actors. The findings come from the Citizen Lab, which discovered weaknesses in eight of nine apps from vendors like Baidu, Honor, iFlytek, OPPO, Samsung, Tencent,...
7.2AI Score
HTML attributes vs DOM properties
Attributes and properties are fundamentally different things. You can have an attribute and property of the same name set to different values. For example: <div>…</div> <script> const div = document.querySelector('div[foo=bar]'); console.log(div.getAttribute('foo')); // 'bar' ...
6.5AI Score
RHEL 8 : thunderbird (RHSA-2024:1982)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1982 advisory. Mozilla: Permission prompt input delay could expire when not in focus (CVE-2024-2609) Mozilla: Denial of Service using HTTP/2...
6.9AI Score
Stable Channel Update for Desktop
The Stable channel has been updated to 124.0.6367.78/.79 for Windows and Mac and 124.0.6367.78 to Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. The Extended Stable channel has been updated to 124.0.6367.78/.79 for Windows and...
7.7AI Score
0.0004EPSS
libreswan security and bug fix update
[4.12-1.0.1.1] - Add libreswan-oracle.patch to detect Oracle Linux distro [4.12-1.1] - Fix CVE-2024-2357 (RHEL-29734) - x509: unpack IPv6 general names based on length (RHEL-32719) [4.12-1] - Update to 4.12 to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712 - Resolves: rhbz#2215956 [4.9-5] -...
7.5AI Score
0.0004EPSS
Software: xz 5.2.2 OS: rosa-server79 package_evr_string: xz-5.2.2.2-2 CVE-ID: CVE-2024-3094 BDU-ID: 2024-02406 CVE-Crit: CRITICAL. CVE-DESC.: Malicious code was discovered in xz source archives starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process...
9.6AI Score
0.133EPSS
Software: xz 5.2.4 OS: ROSA Virtualization 2.1 package_evr_string: xz-5.2.4-1 CVE-ID: CVE-2024-3094 BDU-ID: 2024-02406 CVE-Crit: CRITICAL. CVE-DESC.: Malicious code was discovered in xz source archives starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process....
9.6AI Score
0.133EPSS
software: xz 5.2.9 AXIS: ROSA-CHROME package_evr_string: xz-5.2.9-1 CVE-ID: CVE-2024-3094 BDU-ID: 2024-02406 CVE-Crit: CRITICAL. CVE-DESC.: Malicious code was discovered in the xz source archives starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process...
9.6AI Score
0.133EPSS
Mitsubishi Electric Electrical Discharge Machines (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: Electrical discharge machines Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...
9.5AI Score
0.959EPSS