K000139217 : BIG-IP TMM tenants on VELOS and rSeries vulnerability CVE-2024-32761
Security Advisory Description Under certain conditions, a potential data leak may occur in the Traffic Management Microkernels (TMMs) of BIG-IP tenants running on VELOS and rSeries platforms. However, this issue cannot be exploited by an attacker because it is not consistently reproducible and is.....
6.5CVSS
6.8AI Score
0.0004EPSS
K000139037: TMM vulnerability CVE-2024-25560
Security Advisory Description When BIG-IP AFM is licensed and provisioned, and a DNS profile is applied to a virtual server, undisclosed DNS traffic can cause the Traffic Management Microkernel (TMM) to terminate. (CVE-2024-25560) Impact Traffic is disrupted while the TMM process restarts. This...
7.5AI Score
0.0004EPSS
K000139553: VPN TunnelVision vulnerability CVE-2024-3661
Security Advisory Description By design, the DHCP protocol does not authenticate messages, including for example the classless static route option (121). An attacker with the ability to send DHCP messages can manipulate routes to redirect VPN traffic, allowing the attacker to read, disrupt, or...
7.6CVSS
7.5AI Score
0.0005EPSS
Summary There are vulnerabilities in multiple Open Source Software (OSS) components consumed by IBM Planning Analytics Local - Planning Analytics Workspace. These issues have been addressed in IBM Planning Analytics Local - Planning Analytics Workspace 2.1.2 and IBM Planning Analytics Local -...
9.8CVSS
10AI Score
EPSS
This attack has been feasible for over two decades: Researchers have devised an attack against nearly all virtual private network applications that forces them to send and receive some or all traffic outside of the encrypted tunnel designed to protect it from snooping or tampering. TunnelVision,...
7.2AI Score
Summary: Octal Type Handling of Errors in IPv4 Mapped IPv6 Addresses in curl allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many programs that rely on curl. RFC 4291 defines ways to embed an IPv4 address into IPv6 addresses. One of the methods...
8.1CVSS
8.4AI Score
0.001EPSS
An improper authorization level has been detected in the login panel. It may lead to unauthenticated Server Side Request Forgery and allows to perform open services enumeration. Server makes query to provided server (Server IP/DNS field) and is triggering connection to arbitrary...
5.8CVSS
7AI Score
0.0004EPSS
An improper authorization level has been detected in the login panel. It may lead to unauthenticated Server Side Request Forgery and allows to perform open services enumeration. Server makes query to provided server (Server IP/DNS field) and is triggering connection to arbitrary...
5.8CVSS
5.8AI Score
0.0004EPSS
CVE-2023-7240 Broken Access Control leading to SSRF in NetIQ Identity Console
An improper authorization level has been detected in the login panel. It may lead to unauthenticated Server Side Request Forgery and allows to perform open services enumeration. Server makes query to provided server (Server IP/DNS field) and is triggering connection to arbitrary...
5.8CVSS
6AI Score
0.0004EPSS
(RHSA-2024:2721) Important: bind and dhcp security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. The...
7.8AI Score
0.05EPSS
(RHSA-2024:2720) Important: bind and dhcp security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. The...
9AI Score
0.05EPSS
K000139532 : Node.js vulnerability CVE-2024-27983
Security Advisory Description An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are...
8.2CVSS
7.9AI Score
0.0004EPSS
RHEL 8 : bind and dhcp (RHSA-2024:2720)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2720 advisory. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named);.....
7.5CVSS
7.9AI Score
0.05EPSS
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6765-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6765-1 advisory. In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed...
7.8CVSS
7.5AI Score
EPSS
F5 Networks BIG-IP : Node.js vulnerability (K000139532)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000139532 advisory. An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames...
8.2CVSS
6.7AI Score
0.0004EPSS
K000139533 : MySQL vulnerability CVE-2024-21090
Security Advisory Description Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to...
7.5CVSS
6.9AI Score
0.0005EPSS
RHEL 8 : bind and dhcp (RHSA-2024:2721)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2721 advisory. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named);.....
7.5CVSS
8.5AI Score
0.05EPSS
3.7CVSS
4.4AI Score
0.001EPSS
WTI Like Post <= 1.4.6 - IP Spoofing
Description The WTI Like Post plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 1.4.6 due to insufficient IP address validation and/or use of user-supplied HTTP headers as a primary method for IP retrieval. This makes it possible for unauthenticated...
5.3CVSS
6.6AI Score
0.0004EPSS
Why Your VPN May Not Be As Secure As It Claims
Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target's....
6.7AI Score
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices
The recently uncovered cyber espionage campaign targeting perimeter network devices from several vendors, including Cisco, may have been the work of China-linked actors, according to new findings from attack surface management firm Censys. Dubbed ArcaneDoor, the activity is said to have commenced.....
8.6CVSS
7.2AI Score
0.002EPSS
Important: unbound security update
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix(es): A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. The default...
8CVSS
6.5AI Score
0.0004EPSS
An update is available for unbound. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The unbound packages provide a validating, recursive, and caching DNS or...
8CVSS
7AI Score
0.0004EPSS
An update is available for dhcp, bind. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Berkeley Internet Name Domain (BIND) is an implementation of the...
7.5CVSS
7.2AI Score
0.05EPSS
Important: bind and dhcp security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. The...
7.5CVSS
7.8AI Score
0.05EPSS
New 'Cuckoo' Persistent macOS Spyware Targeting Intel and Arm Macs
Cybersecurity researchers have discovered a new information stealer targeting Apple macOS systems that's designed to set up persistence on the infected hosts and act as a spyware. Dubbed Cuckoo by Kandji, the malware is a universal Mach-O binary that's capable of running on both Intel- and...
7.2AI Score
Bouncy Castle Java Cryptography APIs are vulnerable to improper SSL/TLS hostname verification. The vulnerability is due to hostname verification potentially being performed against a DNS-resolved IP address when no explicit hostname is provided, which could lead to DNS poisoning...
6.7AI Score
0.0004EPSS
(RHSA-2024:2696) Important: unbound security update
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix(es): bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator (CVE-2023-50387) bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources (CVE-2023-50868) A...
7.7AI Score
0.05EPSS
Debian dsa-5680 : affs-modules-6.1.0-21-4kc-malta-di - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5680 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a...
7.8CVSS
6.5AI Score
0.0004EPSS
RHEL 8 : unbound (RHSA-2024:2696)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2696 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fix(es): * bind9: KeyTrap - Extreme CPU...
8CVSS
8.4AI Score
0.05EPSS
Oracle Linux 9 : kernel (ELSA-2024-2394)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2394 advisory. An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results...
9.8CVSS
8.2AI Score
0.003EPSS
Debian dsa-5681 : affs-modules-5.10.0-29-4kc-malta-di - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5681 advisory. Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an...
8CVSS
8.2AI Score
0.0005EPSS
Jasmin Ransomware Web Server Unauthenticated SQL Injection
The Jasmin Ransomware web server contains an unauthenticated SQL injection vulnerability within the login functionality. As of April 15, 2024 this was still unpatched, so all versions are vulnerable. The last patch was in 2021, so it will likely not ever be patched. Retrieving the victim's data...
8.3AI Score
0.005EPSS
Exploit for PHP External Variable Modification in Juniper Junos
Automation for Juniper CVE:2023-36845 Overview is a bash...
9.8CVSS
7.3AI Score
0.966EPSS
JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom JavaScript payloads in clients. Changelogs Major changes are documented in the project Announcements:...
5.9AI Score
CVE-2024-26304-RCE-exploits Critical RCE Vulnerabilities in...
9.8CVSS
7.5AI Score
0.0004EPSS
7.4AI Score
7.4AI Score
7.4AI Score
7.4AI Score
7.4AI Score
7.4AI Score
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1490-1)
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1490-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of...
7.8CVSS
7.6AI Score
EPSS
Bouncy Castle Java Cryptography API vulnerable to DNS poisoning
An issue was discovered in Bouncy Castle Java Cryptography APIs before BC 1.78. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-resolved IP...
6.8AI Score
0.0004EPSS
Bouncy Castle Java Cryptography API vulnerable to DNS poisoning
An issue was discovered in Bouncy Castle Java Cryptography APIs before BC 1.78. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-resolved IP...
7AI Score
0.0004EPSS
An issue was discovered in Bouncy Castle Java Cryptography APIs before BC 1.78. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-resolved IP...
6.3AI Score
0.0004EPSS
An issue was discovered in Bouncy Castle Java Cryptography APIs before BC 1.78. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-resolved IP...
6.4AI Score
0.0004EPSS
An issue was discovered in Bouncy Castle Java Cryptography APIs before BC 1.78. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-resolved IP...
7AI Score
0.0004EPSS
MasterParser - Powerful DFIR Tool Designed For Analyzing And Parsing Linux Logs
What is MasterParser ? MasterParser stands as a robust Digital Forensics and Incident Response tool meticulously crafted for the analysis of Linux logs within the var/log directory. Specifically designed to expedite the investigative process for security incidents on Linux systems, MasterParser...
7.5AI Score
Security Bulletin: Vulnerability in node.js package affects IBM Storage Scale GUI (CVE-2023-42282)
Summary There is a vulnerability in node.js package, used by IBM Storage Scale GUI. Fix for this issue is available in all versions. Vulnerability Details ** CVEID: CVE-2023-42282 DESCRIPTION: **Node.js IP package could allow a remote attacker to execute arbitrary code on the system, caused by a...
9.8CVSS
9.8AI Score
0.001EPSS