As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....
8AI Score
0.048EPSS
October 2023’s Cyber Security Awareness Month led to a flurry of blog posts about a new attack called Quishing (QR Code phishing) and how new AI powered email gateways can potentially block these attacks. What’s the attack? To understand the attack you need understand the challenge that the...
7.2AI Score
Palo Alto Networks PAN-OS 10.2.x < 10.2.4 / 11.0.x < 11.0.1 Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is 10.2.x prior to 10.2.4 or 11.0.x prior to 11.0.1. It is, therefore, affected by a vulnerability. An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks PAN-OS software enables a...
7.2AI Score
Oracle Linux 8 : openssh (ELSA-2024-12164)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12164 advisory. The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
6.7AI Score
An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks PAN-OS software enables a malicious user with stolen credentials to establish a VPN connection from an unauthorized IP...
6.3CVSS
7.3AI Score
0.0004EPSS
An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks PAN-OS software enables a malicious user with stolen credentials to establish a VPN connection from an unauthorized IP...
6.3CVSS
7.1AI Score
0.0004EPSS
CVE-2024-0009 PAN-OS: Improper IP Address Verification in GlobalProtect Gateway
An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks PAN-OS software enables a malicious user with stolen credentials to establish a VPN connection from an unauthorized IP...
7AI Score
0.0004EPSS
CVE-2021-44716 affecting package application-gateway-kubernetes-ingress for versions less than 1.4.0-19. A patched version of the package is...
8.1AI Score
0.003EPSS
CVE-2023-44487 affecting package application-gateway-kubernetes-ingress for versions less than 1.4.0-15. A patched version of the package is...
7.6AI Score
0.72EPSS
In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of Collection Rest API. This issue may...
5.4CVSS
7AI Score
0.0004EPSS
In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of Collection Rest API. This issue may...
5.4CVSS
6.8AI Score
0.0004EPSS
Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management
Summary Multiple vulnerabilities were addressed in IBM Application Performance Management 8.1.4.0 IF15 patch Vulnerability Details ** CVEID: CVE-2022-44729 DESCRIPTION: **Apache Batik is vulnerable to server-side request forgery, caused by improper input validation. By persuading a victim to open.....
9.8AI Score
0.973EPSS
In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of Collection Rest API. This issue may...
6.6AI Score
0.0004EPSS
In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of IP Range Rest API. This issue may potentially...
5.4CVSS
7AI Score
0.0004EPSS
In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of IP Range Rest API. This issue may potentially...
5.4CVSS
6.8AI Score
0.0004EPSS
In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of IP Range Rest API. This issue may potentially...
6.6AI Score
0.0004EPSS
Oracle Linux 7 : openssh (ELSA-2024-12157)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12157 advisory. The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity...
7AI Score
RansomHouse am See By Pham Duy Phuc, Max Kersten in collaboration with Noël Keijzer and Michaël Schrijver from Northwave · February 14, 2024 Ransom gangs make big bucks by extorting victims, which sadly isn’t new. Their lucrative business allows them not only to live off the stolen money, but also....
8AI Score
Oracle Linux 7 : openssh (ELSA-2024-12158)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12158 advisory. The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity...
7AI Score
Unbreakable Enterprise kernel security update
[5.15.0-203.146.5.1] - Revert 'selftests/bpf: Test tail call counting with bpf2bpf and data on stack' (Samasth Norway Ananda) [Orabug: 36277693] - Revert 'tcp: fix excessive TLP and RACK timeouts from HZ rounding' (Sherry Yang) [Orabug: 36277684] [5.15.0-203.146.5] - i2c: core: Fix atomic xfer...
7.4AI Score
0.001EPSS
QNAP QTS / QuTS hero Vulnerability in OpenSSH (QSA-24-06)
The version of QNAP QTS / QuTS hero installed on the remote host is affected by a vulnerability as referenced in the QSA-24-06 advisory. The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity...
6.8AI Score
2023’s Critical WordPress Vulnerabilities and How They Work
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! In 2023, the Wordfence Threat Intelligence team's primary...
9.9CVSS
9.4AI Score
0.238EPSS
Rocky Linux 8 : libssh (RLSA-2024:0628)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:0628 advisory. The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity...
6.2AI Score
Rocky Linux 8 : openssh (RLSA-2024:0606)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:0606 advisory. The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
6.8AI Score
Unbreakable Enterprise kernel-container security update
[5.4.17-2136.328.3.el7] - IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD (Mark Zhang) [Orabug: 36143228] - KSPLICE: make sure the stack is zeroed. (Gregory Herrero) [Orabug: 36154654] - sched/fair: Fix tg->load when offlining a CPU (Vincent Guittot) [Orabug: 36185207] - i2c:....
9.6AI Score
0.001EPSS
Unbreakable Enterprise kernel security update
[5.4.17-2136.328.3] - IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD (Mark Zhang) [Orabug: 36143228] - KSPLICE: make sure the stack is zeroed. (Gregory Herrero) [Orabug: 36154654] - sched/fair: Fix tg->load when offlining a CPU (Vincent Guittot) [Orabug: 36185207] - i2c:...
9.5AI Score
0.001EPSS
Unbreakable Enterprise kernel-container security update
[5.4.17-2136.328.3.el8] - IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD (Mark Zhang) [Orabug: 36143228] - KSPLICE: make sure the stack is zeroed. (Gregory Herrero) [Orabug: 36154654] - sched/fair: Fix tg->load when offlining a CPU (Vincent Guittot) [Orabug: 36185207] - i2c:....
9.6AI Score
0.001EPSS
Ransomware in 2023 recap: 5 key takeaways
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, “known attacks” are those where the victim did not pay a ransom. This provides the best overall picture of...
7.3AI Score
Fortinet Warns of Critical FortiOS SSL VPN Flaw Likely Under Active Exploitation
Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the execution of arbitrary code and commands. "A out-of-bounds write vulnerability [CWE-787] in FortiOS may...
9.8CVSS
10AI Score
0.432EPSS
Warning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA Gateways
Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices that could allow attackers to bypass authentication. The issue, tracked as CVE-2024-22024, is rated 8.3 out of 10 on the CVSS scoring system. "An XML external...
9.1CVSS
8.8AI Score
0.973EPSS
3scale's gateway usage of JWT does not properly handle verification of algorithm claims in the token header. An attacker could use this flaw to create a signed token with improper claims and thus to bypass security restrictions for the...
6.5AI Score
Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2024-1178)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cosign (SUSE-SU-2024:0430-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0430-1 advisory. The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other ...
7.6AI Score
Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2024-1198)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1183)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1203)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2024-1177)
The remote host is missing an update for the Huawei...
6.6AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2024-1197)
The remote host is missing an update for the Huawei...
6.6AI Score
0.962EPSS
New Zardoor backdoor used in long-term cyber espionage operation targeting an Islamic organization
By Jungsoo An, Wayne Lee and Vanja Svajcer. Cisco Talos discovered a new, stealthy espionage campaign that has likely persisted since at least March 2021. The observed activity affects an Islamic non-profit organization using backdoors for a previously unreported malware family we have named...
8.2AI Score
EulerOS 2.0 SP9 : libssh (EulerOS-SA-2024-1197)
According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7AI Score
EulerOS 2.0 SP9 : libssh2 (EulerOS-SA-2024-1178)
According to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
6.9AI Score
EulerOS 2.0 SP9 : libssh2 (EulerOS-SA-2024-1198)
According to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
6.9AI Score
EulerOS 2.0 SP9 : libssh (EulerOS-SA-2024-1177)
According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7AI Score
EulerOS 2.0 SP9 : openssh (EulerOS-SA-2024-1183)
According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7.6AI Score
EulerOS 2.0 SP9 : openssh (EulerOS-SA-2024-1203)
According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7.6AI Score
Security Bulletin: IBM DataPower Gateway vulnerable to unauthorized access in Redis
Summary Redis is used in gateway peering, B2B and rate-limiting. IBM has updated Redis to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-45145 DESCRIPTION: **Redis could allow a local authenticated attacker to bypass security restrictions, caused by a race condition when a...
6.4AI Score
0.0004EPSS
Summary Vulnerabilities contained within Open VPN (a 3rd party component) and Open SSL were addressed in the IBM MaaS360 Cloud Extender Agent and VPN Modules. Vulnerabilities contained within Eclipse Jetty and Netty (a 3rd party component) were addressed in the IBM MaaS360 Mobile Enterprise...
9.7AI Score
0.72EPSS
Four Key Benefits of Rapid7’s New Managed Digital Risk Protection Service
Cybercrime has boomed to the third largest economy in the world behind the US and China (Cybernews), with much of the most nefarious behavior on the dark web. Monitoring it effectively can be the_ key _to identifying the earliest signals of an attack – and the difference between a minor event and.....
7AI Score
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bouncycastle, jsch (SUSE-SU-2024:0327-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0327-1 advisory. The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other ...
6.5AI Score
TP-Link ER7206 Omada Gigabit VPN Router uhttpd GRE command injection vulnerability
Talos Vulnerability Report TALOS-2023-1855 TP-Link ER7206 Omada Gigabit VPN Router uhttpd GRE command injection vulnerability February 6, 2024 CVE Number CVE-2023-47167 SUMMARY A post authentication command injection vulnerability exists in the GRE policy functionality of Tp-Link ER7206 Omada...
8.7AI Score
0.001EPSS