7.4AI Score
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:1870-1)
The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1870-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following...
7.8CVSS
8.9AI Score
EPSS
10CVSS
7.1AI Score
0.001EPSS
7.1AI Score
0.001EPSS
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-069)
The version of kernel installed on the remote host is prior to 5.4.276-189.376. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-069 advisory. 2024-06-19: CVE-2024-36905 was added to this advisory. 2024-06-19: CVE-2024-36959 was added to this...
6.7AI Score
0.0005EPSS
K000139859: Envoy vulnerability CVE-2024-30255
Security Advisory Description Envoy is a cloud-native, open source edge and service proxy. The HTTP/2 protocol stack in Envoy versions prior to 1.29.3, 1.28.2, 1.27.4, and 1.26.8 are vulnerable to CPU exhaustion due to flood of CONTINUATION frames. Envoy's HTTP/2 codec allows the client to send an....
5.3CVSS
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try to execute a napi...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try to execute a napi...
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try to execute a napi...
6.6AI Score
0.0004EPSS
CVE-2024-36928 s390/qeth: Fix kernel panic after setting hsuid
In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try to execute a napi...
6.8AI Score
0.0004EPSS
CVE-2024-36928 s390/qeth: Fix kernel panic after setting hsuid
In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try to execute a napi...
6.4AI Score
0.0004EPSS
Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities
Cybersecurity researchers have warned that multiple high-severity security vulnerabilities in WordPress plugins are being actively exploited by threat actors to create rogue administrator accounts for follow-on exploitation. "These vulnerabilities are found in various WordPress plugins and are...
8.3CVSS
6.1AI Score
0.0005EPSS
Symfony2 improper IP based access control
Damien Tournoud, from the Drupal security team, contacted us two days ago about a security issue in the Request::getClientIp() method when the trust proxy mode is enabled (Request::trustProxyData()). An application is vulnerable if it uses the client IP address as returned by the...
7.1AI Score
Symfony2 improper IP based access control
Damien Tournoud, from the Drupal security team, contacted us two days ago about a security issue in the Request::getClientIp() method when the trust proxy mode is enabled (Request::trustProxyData()). An application is vulnerable if it uses the client IP address as returned by the...
7.1AI Score
LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader
By Anna Bennett, Nicole Hoffman, Asheer Malhotra, Sean Taylor and Brandon White. Cisco Talos is disclosing a new suspected data theft campaign, active since at least 2021, we attribute to an advanced persistent threat actor (APT) we're calling "LilacSquid." LilacSquid's victimology includes a...
7.8AI Score
Mitsubishi Electric MELSEC iQ-R, iQ-L Series and MELIPC Series (Update C)
EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R, iQ-L Series and MELIPC Series Vulnerability: Improper Resource Shutdown or Release 2. RISK EVALUATION Successful exploitation of this vulnerability could...
7.5CVSS
7.7AI Score
0.002EPSS
U.S. Dismantles World's Largest 911 S5 Botnet with 19 Million Infected Devices
The U.S. Department of Justice (DoJ) on Wednesday said it dismantled what it described as "likely the world's largest botnet ever," which consisted of an army of 19 million infected devices that was leased to other threat actors to commit a wide array of offenses. The botnet, which has a global...
7.5AI Score
MinMax CMS from MinMax Digital Technology contains a hidden administrator account with a fixed password that cannot be removed or disabled from the management interface. Remote attackers who obtain this account can bypass IP access control restrictions and log in to the backend system without...
9.8CVSS
9.7AI Score
0.001EPSS
MinMax CMS from MinMax Digital Technology contains a hidden administrator account with a fixed password that cannot be removed or disabled from the management interface. Remote attackers who obtain this account can bypass IP access control restrictions and log in to the backend system without...
9.8CVSS
7.1AI Score
0.001EPSS
CVE-2024-5514 MinMax CMS - Hidden Functionality
MinMax CMS from MinMax Digital Technology contains a hidden administrator account with a fixed password that cannot be removed or disabled from the management interface. Remote attackers who obtain this account can bypass IP access control restrictions and log in to the backend system without...
9.8CVSS
7.2AI Score
0.001EPSS
CVE-2024-5514 MinMax CMS - Hidden Functionality
MinMax CMS from MinMax Digital Technology contains a hidden administrator account with a fixed password that cannot be removed or disabled from the management interface. Remote attackers who obtain this account can bypass IP access control restrictions and log in to the backend system without...
9.8CVSS
9.7AI Score
0.001EPSS
Symfony2 security issue when the trust proxy mode is enabled
An application is vulnerable if it uses the client IP address as returned by the Request::getClientIp() method for sensitive decisions like IP based access control. To fix this security issue, the following changes have been made to all versions of Symfony2: A new Request::setTrustedProxies()...
7.1AI Score
Symfony2 security issue when the trust proxy mode is enabled
An application is vulnerable if it uses the client IP address as returned by the Request::getClientIp() method for sensitive decisions like IP based access control. To fix this security issue, the following changes have been made to all versions of Symfony2: A new Request::setTrustedProxies()...
7.1AI Score
Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1766)
The remote host is missing an update for the Huawei...
7.3CVSS
6.7AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1743)
The remote host is missing an update for the Huawei...
7.3CVSS
6.7AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try to execute a napi...
7AI Score
0.0004EPSS
7.4AI Score
Cisco IOS XE Software Internet Key Exchange Version 1 Fragmentation DoS (cisco-sa-ikev1-NO2ccFWz)
According to its self-reported version, Cisco IOS-XE Software is affected by multiple vulnerabilities. A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap overflow, resulting in an...
8.6CVSS
7.4AI Score
0.0004EPSS
Cisco IOS Software Internet Key Exchange Version 1 Fragmentation DoS (cisco-sa-ikev1-NO2ccFWz)
According to its self-reported version, Cisco IOS is affected by multiple vulnerabilities. A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap overflow, resulting in an affected...
8.6CVSS
7.5AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1717)
The remote host is missing an update for the Huawei...
7.3CVSS
6.7AI Score
0.001EPSS
EulerOS 2.0 SP12 : libuv (EulerOS-SA-2024-1743)
According to the versions of the libuv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uv_getaddrinfo function in src/unix/getaddrinfo.c (and its...
7.3CVSS
6.5AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1728)
The remote host is missing an update for the Huawei...
7.3CVSS
6.7AI Score
0.001EPSS
Aquatronica Control System 5.1.6 Passwords Leak Vulnerability
Title: Aquatronica Control System 5.1.6 Passwords Leak Vulnerability Advisory ID: ZSL-2024-5824 Type: Local/Remote Impact: Security Bypass, Privilege Escalation, System Access, DoS, Exposure of System Information, Exposure of Sensitive Information, Manipulation of Data Risk: (5/5) Release Date:...
7.5AI Score
EulerOS 2.0 SP12 : libuv (EulerOS-SA-2024-1766)
According to the versions of the libuv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uv_getaddrinfo function in src/unix/getaddrinfo.c (and its...
7.3CVSS
6.5AI Score
0.001EPSS
7.1AI Score
0.0004EPSS
Is Your Computer Part of ‘The Largest Botnet Ever?’
The U.S. Department of Justice (DOJ) today said they arrested the alleged operator of 911 S5, a ten-year-old online anonymity service that was powered by what the director of the FBI called "likely the world's largest botnet ever." The arrest coincided with the seizure of the 911 S5 website and...
7.4AI Score
Exploit for Deserialization of Untrusted Data in Apache Activemq
honeypot.rs Honeypot that scopes [CVE-2023-46604 (Apache...
7.3AI Score
A tool to generate a wordlist from the information present in LDAP, in order to crack non-random passwords of domain accounts. Features The bigger the domain is, the better the wordlist will be. [x] Creates a wordlist based on the following information found in the LDAP: [x] User: name and...
7.3AI Score
New Research Warns About Weak Offboarding Management and Insider Risks
A recent study by Wing Security found that 63% of businesses may have former employees with access to organizational data, and that automating SaaS Security can help mitigate offboarding risks. Employee offboarding is typically seen as a routine administrative task, but it can pose substantial...
6.9AI Score
Microsoft Uncovers 'Moonstone Sleet' — New North Korean Hacker Group
A never-before-seen North Korean threat actor codenamed Moonstone Sleet has been attributed as behind cyber attacks targeting individuals and organizations in the software and information technology, education, and defense industrial base sectors with ransomware and bespoke malware previously...
7.4AI Score
Binding To An Unrestricted IP Address
dbt-core is vulnerable to Binding to an Unrestricted IP Address. The vulnerability is due to the binding of INADDR_ANY or IN6ADDR_ANY to any network interface on the local system (not just localhost), which exposes the application on all network interfaces. An attacker can gain unauthorized access....
5.3CVSS
6.7AI Score
0.0004EPSS
The Site Reviews WordPress plugin before 7.0.0 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based...
6.6AI Score
0.0004EPSS
The Site Reviews WordPress plugin before 7.0.0 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based...
9.4AI Score
0.0004EPSS
CVE-2024-3050 Site Reviews < 7.0.0 - IP Spoofing
The Site Reviews WordPress plugin before 7.0.0 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based...
6.7AI Score
0.0004EPSS
CVE-2024-3050 Site Reviews < 7.0.0 - IP Spoofing
The Site Reviews WordPress plugin before 7.0.0 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based...
9.4AI Score
0.0004EPSS
EulerOS Virtualization 2.11.0 : libuv (EulerOS-SA-2024-1728)
According to the versions of the libuv package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uv_getaddrinfo function in...
7.3CVSS
6.5AI Score
0.001EPSS
EulerOS Virtualization 2.11.1 : libuv (EulerOS-SA-2024-1717)
According to the versions of the libuv package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uv_getaddrinfo function in...
7.3CVSS
6.9AI Score
0.001EPSS
K000139627: NGINX HTTP/3 QUIC vulnerability CVE-2024-34161
Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit (MTU) of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously...
5.3CVSS
7.1AI Score
0.0004EPSS
K000139612: NGINX HTTP/3 QUIC vulnerability CVE-2024-35200
Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate. (CVE-2024-35200) Note: This issue affects NGINX systems compiled with the ngx_http_v3_module module, where the...
5.3CVSS
7.2AI Score
0.0004EPSS
K000139609: NGINX HTTP/3 QUIC vulnerability CVE-2024-32760
Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause other potential impact. (CVE-2024-32760) Note: This issue affects NGINX systems compiled with the.....
6.5CVSS
7.3AI Score
0.0004EPSS