Lucene search

K

BIG-IP (Advanced WAF, APM, ASM) Security Vulnerabilities

krebs
krebs

‘Operation Endgame’ Hits Malware Delivery Platforms

Law enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware. Dubbed "the largest ever operation against botnets," the international effort.....

7.1AI Score

2024-05-30 03:19 PM
2
thn
thn

RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability

The threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal. The addition of the PAN-OS vulnerability to its toolkit has been complemented by updates to the malware, which now...

10CVSS

10AI Score

0.976EPSS

2024-05-30 02:24 PM
5
thn
thn

Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities

Cybersecurity researchers have warned that multiple high-severity security vulnerabilities in WordPress plugins are being actively exploited by threat actors to create rogue administrator accounts for follow-on exploitation. "These vulnerabilities are found in various WordPress plugins and are...

8.3CVSS

6.1AI Score

0.0005EPSS

2024-05-30 01:49 PM
4
osv
osv

Symfony2 improper IP based access control

Damien Tournoud, from the Drupal security team, contacted us two days ago about a security issue in the Request::getClientIp() method when the trust proxy mode is enabled (Request::trustProxyData()). An application is vulnerable if it uses the client IP address as returned by the...

7.1AI Score

2024-05-30 12:35 PM
4
github
github

Symfony2 improper IP based access control

Damien Tournoud, from the Drupal security team, contacted us two days ago about a security issue in the Request::getClientIp() method when the trust proxy mode is enabled (Request::trustProxyData()). An application is vulnerable if it uses the client IP address as returned by the...

7.1AI Score

2024-05-30 12:35 PM
5
talosblog
talosblog

LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader

By Anna Bennett, Nicole Hoffman, Asheer Malhotra, Sean Taylor and Brandon White. Cisco Talos is disclosing a new suspected data theft campaign, active since at least 2021, we attribute to an advanced persistent threat actor (APT) we're calling "LilacSquid." LilacSquid's victimology includes a...

7.8AI Score

2024-05-30 12:01 PM
8
ics
ics

Mitsubishi Electric MELSEC iQ-R, iQ-L Series and MELIPC Series (Update C)

EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R, iQ-L Series and MELIPC Series Vulnerability: Improper Resource Shutdown or Release 2. RISK EVALUATION Successful exploitation of this vulnerability could...

7.5CVSS

7.7AI Score

0.002EPSS

2024-05-30 12:00 PM
22
thn
thn

How to Build Your Autonomous SOC Strategy

Security leaders are in a tricky position trying to discern how much new AI-driven cybersecurity tools could actually benefit a security operations center (SOC). The hype about generative AI is still everywhere, but security teams have to live in reality. They face constantly incoming alerts from.....

7.2AI Score

2024-05-30 11:44 AM
1
thn
thn

U.S. Dismantles World's Largest 911 S5 Botnet with 19 Million Infected Devices

The U.S. Department of Justice (DoJ) on Wednesday said it dismantled what it described as "likely the world's largest botnet ever," which consisted of an army of 19 million infected devices that was leased to other threat actors to commit a wide array of offenses. The botnet, which has a global...

7.5AI Score

2024-05-30 08:55 AM
1
redhatcve
redhatcve

CVE-2024-36016

In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following: - side A configures the n_gsm in basic option mode - side B sends the header of a basic option mode frame with data length 1 - side A switches to...

7.5AI Score

0.0004EPSS

2024-05-30 07:33 AM
5
nvd
nvd

CVE-2024-5207

The POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications plugin for WordPress is vulnerable to time-based SQL Injection via the selected parameter in all versions up to, and including, 2.9.3 due to insufficient escaping on the user supplied...

7.2CVSS

7.2AI Score

0.001EPSS

2024-05-30 06:15 AM
cve
cve

CVE-2024-5207

The POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications plugin for WordPress is vulnerable to time-based SQL Injection via the selected parameter in all versions up to, and including, 2.9.3 due to insufficient escaping on the user supplied...

7.2CVSS

7.1AI Score

0.001EPSS

2024-05-30 06:15 AM
28
cvelist
cvelist

CVE-2024-5207 POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress <= 2.9.3 - Authenticated (Administrator+) SQL Injection

The POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications plugin for WordPress is vulnerable to time-based SQL Injection via the selected parameter in all versions up to, and including, 2.9.3 due to insufficient escaping on the user supplied...

7.2CVSS

7.2AI Score

0.001EPSS

2024-05-30 05:33 AM
1
vulnrichment
vulnrichment

CVE-2024-5207 POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress <= 2.9.3 - Authenticated (Administrator+) SQL Injection

The POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications plugin for WordPress is vulnerable to time-based SQL Injection via the selected parameter in all versions up to, and including, 2.9.3 due to insufficient escaping on the user supplied...

7.2CVSS

7.3AI Score

0.001EPSS

2024-05-30 05:33 AM
nvd
nvd

CVE-2024-5514

MinMax CMS from MinMax Digital Technology contains a hidden administrator account with a fixed password that cannot be removed or disabled from the management interface. Remote attackers who obtain this account can bypass IP access control restrictions and log in to the backend system without...

9.8CVSS

9.7AI Score

0.001EPSS

2024-05-30 03:15 AM
2
cve
cve

CVE-2024-5514

MinMax CMS from MinMax Digital Technology contains a hidden administrator account with a fixed password that cannot be removed or disabled from the management interface. Remote attackers who obtain this account can bypass IP access control restrictions and log in to the backend system without...

9.8CVSS

7.1AI Score

0.001EPSS

2024-05-30 03:15 AM
28
vulnrichment
vulnrichment

CVE-2024-5514 MinMax CMS - Hidden Functionality

MinMax CMS from MinMax Digital Technology contains a hidden administrator account with a fixed password that cannot be removed or disabled from the management interface. Remote attackers who obtain this account can bypass IP access control restrictions and log in to the backend system without...

9.8CVSS

7.2AI Score

0.001EPSS

2024-05-30 02:14 AM
2
cvelist
cvelist

CVE-2024-5514 MinMax CMS - Hidden Functionality

MinMax CMS from MinMax Digital Technology contains a hidden administrator account with a fixed password that cannot be removed or disabled from the management interface. Remote attackers who obtain this account can bypass IP access control restrictions and log in to the backend system without...

9.8CVSS

9.7AI Score

0.001EPSS

2024-05-30 02:14 AM
2
osv
osv

Symfony2 security issue when the trust proxy mode is enabled

An application is vulnerable if it uses the client IP address as returned by the Request::getClientIp() method for sensitive decisions like IP based access control. To fix this security issue, the following changes have been made to all versions of Symfony2: A new Request::setTrustedProxies()...

7.1AI Score

2024-05-30 12:34 AM
3
github
github

Symfony2 security issue when the trust proxy mode is enabled

An application is vulnerable if it uses the client IP address as returned by the Request::getClientIp() method for sensitive decisions like IP based access control. To fix this security issue, the following changes have been made to all versions of Symfony2: A new Request::setTrustedProxies()...

7.1AI Score

2024-05-30 12:34 AM
2
openvas
openvas

Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1766)

The remote host is missing an update for the Huawei...

7.3CVSS

6.7AI Score

0.001EPSS

2024-05-30 12:00 AM
2
openvas
openvas

Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1743)

The remote host is missing an update for the Huawei...

7.3CVSS

6.7AI Score

0.001EPSS

2024-05-30 12:00 AM
3
wpvulndb
wpvulndb

Advanced Custom Fields < 6.3 - Contributor+ Custom Field Access

Description The plugin allows you to display custom field values for any post via shortcode without checking for the correct access PoC 1. ADMIN: Install Advanced Custom Fields (or ACF Pro) 2. ADMIN: Create a new field group for posts and add a field to that 3. ADMIN: Fill in content for posts...

9.3AI Score

0.0004EPSS

2024-05-30 12:00 AM
3
ubuntucve
ubuntucve

CVE-2024-36928

In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try to execute a napi...

7AI Score

0.0004EPSS

2024-05-30 12:00 AM
2
packetstorm

7.4AI Score

2024-05-30 12:00 AM
38
nessus
nessus

Cisco IOS XE Software Internet Key Exchange Version 1 Fragmentation DoS (cisco-sa-ikev1-NO2ccFWz)

According to its self-reported version, Cisco IOS-XE Software is affected by multiple vulnerabilities. A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap overflow, resulting in an...

8.6CVSS

7.4AI Score

0.0004EPSS

2024-05-30 12:00 AM
2
openvas
openvas

Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1717)

The remote host is missing an update for the Huawei...

7.3CVSS

6.7AI Score

0.001EPSS

2024-05-30 12:00 AM
3
nessus
nessus

EulerOS 2.0 SP12 : libuv (EulerOS-SA-2024-1743)

According to the versions of the libuv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uv_getaddrinfo function in src/unix/getaddrinfo.c (and its...

7.3CVSS

6.5AI Score

0.001EPSS

2024-05-30 12:00 AM
1
nessus
nessus

Cisco IOS Software Internet Key Exchange Version 1 Fragmentation DoS (cisco-sa-ikev1-NO2ccFWz)

According to its self-reported version, Cisco IOS is affected by multiple vulnerabilities. A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap overflow, resulting in an affected...

8.6CVSS

7.5AI Score

0.0004EPSS

2024-05-30 12:00 AM
2
openvas
openvas

Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1728)

The remote host is missing an update for the Huawei...

7.3CVSS

6.7AI Score

0.001EPSS

2024-05-30 12:00 AM
zeroscience
zeroscience

Aquatronica Control System 5.1.6 Passwords Leak Vulnerability

Title: Aquatronica Control System 5.1.6 Passwords Leak Vulnerability Advisory ID: ZSL-2024-5824 Type: Local/Remote Impact: Security Bypass, Privilege Escalation, System Access, DoS, Exposure of System Information, Exposure of Sensitive Information, Manipulation of Data Risk: (5/5) Release Date:...

7.5AI Score

2024-05-30 12:00 AM
46
nessus
nessus

EulerOS 2.0 SP12 : libuv (EulerOS-SA-2024-1766)

According to the versions of the libuv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uv_getaddrinfo function in src/unix/getaddrinfo.c (and its...

7.3CVSS

6.5AI Score

0.001EPSS

2024-05-30 12:00 AM
2
wpexploit
wpexploit

Advanced Custom Fields < 6.3 - Contributor+ Custom Field Access

Description The plugin allows you to display custom field values for any post via shortcode without checking for the correct...

9.5AI Score

0.0004EPSS

2024-05-30 12:00 AM
15
githubexploit
githubexploit

Exploit for CVE-2024-0039

CVE-2024-0039-Exploit Описание Python-скрипт для...

7.1AI Score

0.0004EPSS

2024-05-29 10:13 PM
63
krebs
krebs

Is Your Computer Part of ‘The Largest Botnet Ever?’

The U.S. Department of Justice (DOJ) today said they arrested the alleged operator of 911 S5, a ten-year-old online anonymity service that was powered by what the director of the FBI called "likely the world's largest botnet ever." The arrest coincided with the seizure of the 911 S5 website and...

7.4AI Score

2024-05-29 07:21 PM
6
cve
cve

CVE-2024-36016

In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following: - side A configures the n_gsm in basic option mode - side B sends the header of a basic option mode frame with data length 1 - side A switches to...

6.9AI Score

0.0004EPSS

2024-05-29 07:15 PM
49
debiancve
debiancve

CVE-2024-36016

In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following: - side A configures the n_gsm in basic option mode - side B sends the header of a basic option mode frame with data length 1 - side A switches to...

6.9AI Score

0.0004EPSS

2024-05-29 07:15 PM
9
nvd
nvd

CVE-2024-36016

In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following: - side A configures the n_gsm in basic option mode - side B sends the header of a basic option mode frame with data length 1 - side A switches to...

6.7AI Score

0.0004EPSS

2024-05-29 07:15 PM
cvelist
cvelist

CVE-2024-36016 tty: n_gsm: fix possible out-of-bounds in gsm0_receive()

In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following: - side A configures the n_gsm in basic option mode - side B sends the header of a basic option mode frame with data length 1 - side A switches to...

6.7AI Score

0.0004EPSS

2024-05-29 06:46 PM
5
vulnrichment
vulnrichment

CVE-2024-36016 tty: n_gsm: fix possible out-of-bounds in gsm0_receive()

In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following: - side A configures the n_gsm in basic option mode - side B sends the header of a basic option mode frame with data length 1 - side A switches to...

7.1AI Score

0.0004EPSS

2024-05-29 06:46 PM
qualysblog
qualysblog

2024 Cybersecurity Trends: What’s Observable Already?

2024 has already witnessed a staggering number of cyber incidents, with over 29.5 billion records breached across 4,645 publicly disclosed incidents in January alone, according to the IT Governance Security Spotlight. Moreover, CVEs are growing significantly year over year, with 13% growth from...

7.4AI Score

2024-05-29 03:41 PM
6
githubexploit
githubexploit

Exploit for Deserialization of Untrusted Data in Apache Activemq

honeypot.rs Honeypot that scopes [CVE-2023-46604 (Apache...

7.3AI Score

2024-05-29 02:56 PM
61
kitploit
kitploit

LDAPWordlistHarvester - A Tool To Generate A Wordlist From The Information Present In LDAP, In Order To Crack Passwords Of Domain Accounts

A tool to generate a wordlist from the information present in LDAP, in order to crack non-random passwords of domain accounts. Features The bigger the domain is, the better the wordlist will be. [x] Creates a wordlist based on the following information found in the LDAP: [x] User: name and...

7.3AI Score

2024-05-29 12:30 PM
16
thn
thn

New Research Warns About Weak Offboarding Management and Insider Risks

A recent study by Wing Security found that 63% of businesses may have former employees with access to organizational data, and that automating SaaS Security can help mitigate offboarding risks. Employee offboarding is typically seen as a routine administrative task, but it can pose substantial...

6.9AI Score

2024-05-29 11:31 AM
5
thn
thn

Microsoft Uncovers 'Moonstone Sleet' — New North Korean Hacker Group

A never-before-seen North Korean threat actor codenamed Moonstone Sleet has been attributed as behind cyber attacks targeting individuals and organizations in the software and information technology, education, and defense industrial base sectors with ransomware and bespoke malware previously...

7.4AI Score

2024-05-29 10:35 AM
4
veracode
veracode

Binding To An Unrestricted IP Address

dbt-core is vulnerable to Binding to an Unrestricted IP Address. The vulnerability is due to the binding of INADDR_ANY or IN6ADDR_ANY to any network interface on the local system (not just localhost), which exposes the application on all network interfaces. An attacker can gain unauthorized access....

5.3CVSS

6.7AI Score

0.0004EPSS

2024-05-29 06:54 AM
4
cve
cve

CVE-2024-3050

The Site Reviews WordPress plugin before 7.0.0 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based...

6.6AI Score

0.0004EPSS

2024-05-29 06:18 AM
28
nvd
nvd

CVE-2024-3050

The Site Reviews WordPress plugin before 7.0.0 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based...

9.4AI Score

0.0004EPSS

2024-05-29 06:18 AM
vulnrichment
vulnrichment

CVE-2024-3050 Site Reviews < 7.0.0 - IP Spoofing

The Site Reviews WordPress plugin before 7.0.0 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based...

6.7AI Score

0.0004EPSS

2024-05-29 06:00 AM
cvelist
cvelist

CVE-2024-3050 Site Reviews < 7.0.0 - IP Spoofing

The Site Reviews WordPress plugin before 7.0.0 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based...

9.4AI Score

0.0004EPSS

2024-05-29 06:00 AM
1
Total number of security vulnerabilities99959