Countdown, Coming Soon, Maintenance – Countdown & Clock Security Vulnerabilities

RHEL 7 / 8 : Satellite 6.11.4 Async Security Update (Important) (RHSA-2022:7242)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7242 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the...

RHEL 7 / 8 : Satellite 6.11 Release (Moderate) (RHSA-2022:5498)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5498 advisory. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and ...

CVE-2022-48647

In the Linux kernel, the following vulnerability has been resolved: sfc: fix TX channel offset when using legacy interrupts In legacy interrupt mode the tx_channel_offset was hardcoded to 1, but that's not correct if efx_sepparate_tx_channels is false. In that case, the offset is 0 because the tx.....

CVE-2024-3309

The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Widget's attributes in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-3309

The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Widget's attributes in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-3309

The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Widget's attributes in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

RHEL 7 : opendaylight (RHSA-2018:2598)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2018:2598 advisory. OpenDaylight (ODL) is a modular open platform for customizing and automating networks of any size and scale. The OpenDaylight Project arose out of...

CVE-2024-33638

Cross-Site Request Forgery (CSRF) vulnerability in Brijesh Kothari Smart Maintenance Mode.This issue affects Smart Maintenance Mode: from n/a through...

CVE-2024-33638

Cross-Site Request Forgery (CSRF) vulnerability in Brijesh Kothari Smart Maintenance Mode.This issue affects Smart Maintenance Mode: from n/a through...

CVE-2024-33638 WordPress Smart Maintenance Mode plugin <= 1.4.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Brijesh Kothari Smart Maintenance Mode.This issue affects Smart Maintenance Mode: from n/a through...

Getwid – Gutenberg Blocks < 2.0.8 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'Countdown'

Description The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown block in all versions up to, and including, 2.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

The private sector probably isn’t coming to save the NVD

I wrote last week about the problems arising from the massive backlog of vulnerabilities at the U.S. National Vulnerability Database. Thousands of CVEs are still without analysis data, and the once-reliable database of every single vulnerability that's disclosed and/or patched is now so far...

CVE-2024-25624

Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Due to an improper setup of Jinja2 environment, reports generation in iris-web is prone to a Server Side Template Injection (SSTI). Successful exploitation of the vulnerability.....

CVE-2024-25624

Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Due to an improper setup of Jinja2 environment, reports generation in iris-web is prone to a Server Side Template Injection (SSTI). Successful exploitation of the vulnerability.....

CVE-2024-25624 iris-web vulnerable to Server Side Template Injection in reports

Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Due to an improper setup of Jinja2 environment, reports generation in iris-web is prone to a Server Side Template Injection (SSTI). Successful exploitation of the vulnerability.....

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 15, 2024 to April 21, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 209 vulnerabilities disclosed in 169...

The Rise of Large-Language-Model Optimization

The web has become so interwoven with everyday life that it is easy to forget what an extraordinary accomplishment and treasure it is. In just a few decades, much of human knowledge has been collectively written up and made available to anyone with an internet connection. But all of this is coming....

CVE-2024-26923

In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM_RIGHTS, two...

CVE-2024-26923

In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM_RIGHTS, two...

CVE-2024-26923

In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM_RIGHTS, two...

The Plus Addons for Elementor < 5.5.0 - Contributor+ Stored Cross-Site Scripting via Countdown Widget

Description The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the countdown widget in all versions up to, and including, 5.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with.....

CVE-2024-26923

In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM_RIGHTS, two...

Grassroot DICOM RAWCodec::DecodeBytes out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1944 Grassroot DICOM RAWCodec::DecodeBytes out-of-bounds read vulnerability April 25, 2024 CVE Number CVE-2024-25569 SUMMARY An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A...

HurryTimer – An Scarcity and Urgency Countdown Timer for WordPress & WooCommerce < 2.10.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The HurryTimer – An Scarcity and Urgency Countdown Timer for WordPress & WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.9.2 due to insufficient input sanitization and output escaping on user supplied attributes....

CVE-2024-26923 af_unix: Fix garbage collector racing against connect()

In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM_RIGHTS, two...

CVE-2024-26923 af_unix: Fix garbage collector racing against connect()

In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM_RIGHTS, two...

Securing millions of developers through 2FA

Though technology has advanced significantly to combat the proliferation of sophisticated security threats, the reality is that preventing the next cyberattack depends on getting the security basics right, and efforts to secure the software ecosystem must protect the developers who design, build,.....

Security Bulletin: Multiple Vulnerabilities in IBM® SDK, Java™ Technology Java affect IBM Cloud Pak System

Summary Vulnerabilities in IBM Java SDK affect IBM Cloud Pak System. Vulnerability Details ** CVEID: CVE-2023-21930 DESCRIPTION: **An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an unauthenticated attacker to cause high...

Staying Five Steps Ahead of Cyber Risk

Organizations are continuously seeking effective strategies to protect their digital environments. With over 26,000 vulnerabilities discovered last year, Qualys Vulnerability Management, Detection, and Response (VMDR) offers a comprehensive solution designed to meet the needs of both security and.....

TikTok comes one step closer to a US ban

The US Senate has approved a bill that would effectively ban TikTok from the US unless Chinese owner ByteDance gives up its share of the immensely popular app. Social video platform TikTok has experienced explosive growth since it first appeared in 2017, and is now said to have well over 1.5...

Assessing the Y, and How, of the XZ Utils incident

High-end APT groups perform highly interesting social engineering campaigns in order to penetrate well-protected targets. For example, carefully constructed forum responses on precision targeted accounts and follow-up "out-of-band" interactions regarding underground rail system simulator software.....

This Week in Spring - Tuesday, April 23rd, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring! We've had a really busy, wonderful week, as always, so let's dive right into it! We want you! ...to submit a talk to SpringOne 2024, in sunny Las Vegas! Hurry, the CFP closes May 3rd! Spring Shell 3.1.11, 3.2.4, and 3.3.0-m1...

Stable Channel Update for Desktop

The Stable channel has been updated to 124.0.6367.78/.79 for Windows and Mac and 124.0.6367.78 to Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. The Extended Stable channel has been updated to 124.0.6367.78/.79 for Windows and...

Security Bulletin: Multiple vulnerabilities found in Batik Jars which are shipped with IBM® Intelligent Operations Center(CVE-2022-44730, CVE-2022-44729)

Summary Multiple vulnerabilities have been identified in Batik jars which are shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details ** CVEID:....

Security Bulletin: Multiple vulnerabilities found in IBM Java which is shipped with IBM® Intelligent Operations Center(CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850)

Summary Multiple vulnerabilities have been identified in IBM Java which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details ** CVEID:...

$493 Bounty Awarded for Arbitrary Options Update Vulnerability Patched in WP Datepicker WordPress Plugin

🎉 Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On April 14th, 2024, during our Bug Extravaganza, we received a.....

Debian dla-3792 : ctdb - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3792 advisory. A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and...

java-21-openjdk security update

[1:21.0.3.0.9-1.0.1] - Add Oracle vendor bug URL [Orabug: 34340155] [1:21.0.3.0.9-1] - Update to jdk-21.0.3+9 (GA) - Update release notes to 21.0.3+9 - Switch to GA mode. - Sync the copy of the portable specfile with the latest update - ** This tarball is embargoed until 2024-04-16 @ 1pm PT. ** -.....

Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme

The head of counterintelligence for a division of the Russian Federal Security Service (FSB) was sentenced last week to nine years in a penal colony for accepting a USD $1.7 million bribe to ignore the activities of a prolific Russian cybercrime group that hacked thousands of e-commerce websites......

Moby (Docker Engine) started with non-empty inheritable Linux process capabilities

Impact A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during.....

Moby (Docker Engine) started with non-empty inheritable Linux process capabilities

Impact A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during.....

@hoppscotch/cli affected by Sandbox Escape in @hoppscotch/js-sandbox leads to RCE

Observations The Hoppscotch desktop app takes multiple precautions to be secure against arbitrary JavaScript and system command execution. It does not render user-controlled HTML or Markdown, uses Tauri instead of Electron, and sandboxes pre-request scripts with a simple yet secure implementation.....

@hoppscotch/cli affected by Sandbox Escape in @hoppscotch/js-sandbox leads to RCE

Observations The Hoppscotch desktop app takes multiple precautions to be secure against arbitrary JavaScript and system command execution. It does not render user-controlled HTML or Markdown, uses Tauri instead of Electron, and sandboxes pre-request scripts with a simple yet secure implementation.....

LibreNMS vulnerable to SQL injection time-based leads to database extraction

Summary SQL injection vulnerability in POST /search/search=packages in LibreNMS 24.3.0 allows a user with global read privileges to execute SQL commands via the package parameter. Details There is a lack of hygiene of data coming from the user in line 83 of the file...

LibreNMS vulnerable to SQL injection time-based leads to database extraction

Summary SQL injection vulnerability in POST /search/search=packages in LibreNMS 24.3.0 allows a user with global read privileges to execute SQL commands via the package parameter. Details There is a lack of hygiene of data coming from the user in line 83 of the file...

Pentera's 2024 Report Reveals Hundreds of Security Events per Week, Highlighting the Criticality of Continuous Validation

Over the past two years, a shocking 51% of organizations surveyed in a leading industry report have been compromised by a cyberattack. Yes, over half. And this, in a world where enterprises deploy an average of 53 different security solutions to safeguard their digital domain. Alarming?...

Security Bulletin: Multiple vulnerabilities found in IBM Java which is shipped with IBM® Intelligent Operations Center(CVE-2023-22045, CVE-2023-22049)

Summary Multiple vulnerabilities have been identified in IBM Java which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details ** CVEID:...

Security Bulletin: Multiple vulnerabilities found in IBM Java which is shipped with IBM® Intelligent Operations Center(CVE-2023-22081, CVE-2023-22067, CVE-2023-5676)

Summary Multiple vulnerabilities have been identified in IBM Java which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details ** CVEID:...

Security Bulletin: Multiple vulnerabilities found in IBM Java which is shipped with IBM® Intelligent Operations Center(CVE-2023-22081, CVE-2023-22067, CVE-2023-5676)

Summary Multiple vulnerabilities have been identified in IBM Java which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details ** CVEID:...

Security Bulletin: Multiple vulnerabilities found in IBM Java which is shipped with IBM® Intelligent Operations Center(CVE-2023-22081, CVE-2023-5676)

Summary Multiple vulnerabilities have been identified in IBM Java which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details ** CVEID:...