How are attackers trying to bypass MFA?
In the latest Cisco Talos Incident Response Quarterly Trends report, instances related to multi-factor authentication (MFA) were involved in nearly half of all security incidents that our team responded to in the first quarter of 2024. In 25% of engagements, the underlying cause was users...
8.1AI Score
Analysis of user password strength
The processing power of computers keeps growing, helping users to solve increasingly complex problems faster. A side effect is that passwords that were impossible to guess just a few years ago can be cracked by hackers within mere seconds in 2024. For example, the RTX 4090 GPU is capable of...
6.9AI Score
XWiki < 4.10.20 - Remote code execution
XWiki is vulnerable to a remote code execution (RCE) attack through its user registration feature. This issue allows an attacker to execute arbitrary code by crafting malicious payloads in the "first name" or "last name" fields during user registration. This impacts all installations that have...
10CVSS
8.2AI Score
0.738EPSS
A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their...
5.7CVSS
5.4AI Score
0.0004EPSS
CrateDB Database - Arbitrary File Read
CrateDB is a distributed SQL database that makes it simple to store and analyze massive amounts of data in real-time. There is a COPY FROM function in the CrateDB database that is used to import file data into database tables. This function has a flaw, and authenticated attackers can use the COPY.....
6.5CVSS
7AI Score
0.052EPSS
An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana...
6.1CVSS
6.2AI Score
0.001EPSS
An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana...
6.1CVSS
6.2AI Score
0.001EPSS
Moderate: container-tools:rhel8 bug fix and enhancement update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): podman: jose-go: improper handling of highly compressed data (CVE-2024-28180) buildah: jose-go: improper handling of highly compressed data (CVE-2024-28180) podman:...
4.9CVSS
4.8AI Score
0.0005EPSS
In the Linux kernel, the following vulnerability has been resolved: Revert "media: v4l2-ctrls: show all owned controls in log_status" This reverts commit 9801b5b28c6929139d6fceeee8d739cc67bb2739. This patch introduced a potential deadlock scenario: [Wed May 8 10:02:06 2024] Possible unsafe...
7AI Score
0.0004EPSS
Oracle Linux 8 : flatpak (ELSA-2024-3961)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3961 advisory. - Update to 1.12.9 (CVE-2024-32462) Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has.....
8.4CVSS
8.3AI Score
0.0004EPSS
[2.17-326.0.6.3] - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi Oracle history: April-28-2023 Cupertino Miranda - 2.17-326.0.6 - OraBug 35338741 Glibc tunable to disable huge pages on pthread_create stacks Reviewed-by: Jose E. Marchesi February-22-2023...
7.7AI Score
0.0005EPSS
This Week in Spring - June 18th, 2024
Hi, Spring fans! Welcome to another installment of This Week in Spring! I've just come from Paris, France, and now I'm in equally beautiful Krakow, Poland, for the amazing Devoxx PL event. We've got a ton of good stuff to dive into, so let's get going! In last week's installment of Spring Tips, I.....
7.3AI Score
RHEL 8 : flatpak (RHSA-2024:3969)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3969 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix(es): * flatpak: sandbox escape via...
8.4CVSS
8.6AI Score
0.0004EPSS
RHEL 8 : container-tools:rhel8 update (Moderate) (RHSA-2024:3968)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3968 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): *...
4.9CVSS
5.3AI Score
0.0005EPSS
RHEL 8 : firefox (RHSA-2024:3972)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3972 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...
8AI Score
0.0004EPSS
7.1AI Score
0.078EPSS
container-tools:ol8 bug fix and enhancement update
aardvark-dns [2:1.10.0-1] - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 [2:1.9.0-1] - update to https://github.com/containers/aardvark-dns/releases/tag/v1.9.0 - Related: Jira:RHEL-2110 [2:1.8.0-1] - update to...
4.9CVSS
7.3AI Score
0.0005EPSS
RHEL 8 : flatpak (RHSA-2024:3979)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3979 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix(es): * flatpak: sandbox escape via...
8.4CVSS
8.6AI Score
0.0004EPSS
Moderate: container-tools:rhel8 bug fix and enhancement update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): podman: jose-go: improper handling of highly compressed data (CVE-2024-28180) buildah: jose-go: improper handling of highly compressed data (CVE-2024-28180) podman:...
4.9CVSS
6.9AI Score
0.0005EPSS
Oracle Linux 8 : glibc (ELSA-2024-12440)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12440 advisory. - CVE-2024-33599: nscd: buffer overflow in netgroup cache (RHEL-34264) - CVE-2024-33600: nscd: null pointer dereferences in netgroup cache (RHEL-34267)....
4.8AI Score
0.0005EPSS
Oracle Linux 8 : firefox (ELSA-2024-3954)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-3954 advisory. [115.12.0-1.0.1] - Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file [115.12.0-1] - Update to 115.12.0 build1 Tenable has...
7.4AI Score
0.0004EPSS
Oracle Linux 7 : glibc (ELSA-2024-12442)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12442 advisory. - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi <[email protected]> Oracle history: April-28-2023...
9.8CVSS
10AI Score
0.009EPSS
9.8CVSS
7AI Score
0.967EPSS
Malvertising Campaign Leads to Execution of Oyster Backdoor
The following analysts contributed to this blog: Thomas Elkins, Daniel Thiede, Josh Lockwood, Tyler McGraw, and Sasha Kovalev. Executive Summary Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome and.....
7.3AI Score
A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such...
6.8AI Score
0.0004EPSS
The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and...
6.8AI Score
0.0004EPSS
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that.....
9.8CVSS
9.6AI Score
0.001EPSS
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gain unauthorized access or elevated privileges within the application....
8.1CVSS
6.9AI Score
0.001EPSS
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both...
8.2CVSS
6.8AI Score
0.001EPSS
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser...
4.8CVSS
5.3AI Score
0.0004EPSS
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to gain unauthorized access or perform actions with the privileges of...
5.3CVSS
7AI Score
0.0005EPSS
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of...
5.3CVSS
6.8AI Score
0.0005EPSS
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, but admin privileges...
9.1CVSS
7.5AI Score
0.001EPSS
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, but admin privileges...
7.2CVSS
7.5AI Score
0.001EPSS
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution. A high-privilege attacker could exploit this vulnerability by uploading a malicious file to the...
7.2CVSS
7.3AI Score
0.001EPSS
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted request to the server, which could then cause.....
6.5CVSS
7.9AI Score
0.0005EPSS
A flaw was discovered in Kibana, allowing view-only users of alerting to use the run_soon API making the alerting rule run continuously, potentially affecting the system availability if the alerting rule is running complex...
4.3CVSS
4.5AI Score
0.0004EPSS
It was identified that if a cross-cluster API key https://www.elastic.co/guide/en/elasticsearch/reference/8.14/security-api-create-cross-cluster-api-key.html#security-api-create-cross-cluster-api-key-request-body restricts search for a given index using the query or the field_security parameter,...
6.5CVSS
6.9AI Score
0.0004EPSS
A flaw was discovered in Kibana, allowing view-only users of alerting to use the run_soon API making the alerting rule run continuously, potentially affecting the system availability if the alerting rule is running complex...
4.3CVSS
4.5AI Score
0.0004EPSS
A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of...
4.9CVSS
5AI Score
0.0004EPSS
CVE-2024-3236 Easy Notify Lite < 1.1.33 - Contributor+ Stored XSS
The Popup Builder WordPress plugin before 1.1.33 does not sanitise and escape some of its Notification fields, which could allow users such as contributor and above to perform Stored Cross-Site Scripting...
0.0004EPSS
CVE-2024-3236 Easy Notify Lite < 1.1.33 - Contributor+ Stored XSS
The Popup Builder WordPress plugin before 1.1.33 does not sanitise and escape some of its Notification fields, which could allow users such as contributor and above to perform Stored Cross-Site Scripting...
5.8AI Score
0.0004EPSS
RHEL 8 : firefox (RHSA-2024:3952)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3952 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...
8AI Score
0.0004EPSS
Important: flatpak security update
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix(es): flatpak: sandbox escape via RequestBackground portal (CVE-2024-32462) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and...
8.4CVSS
8.6AI Score
0.0004EPSS
RHEL 8 : flatpak (RHSA-2024:3961)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3961 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix(es): * flatpak: sandbox escape via...
8.4CVSS
8.6AI Score
0.0004EPSS
[1.12.9-1] - Update to 1.12.9 (CVE-2024-32462) [1.12.8-1] - Rebase to 1.12.8 (RHEL-4220) [1.10.8-3] - Let flatpak own %{_sysconfdir}/flatpak...
8.4CVSS
8.6AI Score
0.0004EPSS
RHEL 8 : firefox (RHSA-2024:3953)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3953 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...
8.2AI Score
0.0004EPSS
[115.12.0-1.0.1] - Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file [115.12.0-1] - Update to 115.12.0...
7AI Score
0.0004EPSS
RHEL 8 : flatpak (RHSA-2024:3962)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3962 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix(es): * flatpak: sandbox escape via...
8.4CVSS
7.4AI Score
0.0004EPSS
RHEL 8 : firefox (RHSA-2024:3950)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3950 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...
7.7AI Score
0.0004EPSS