Hello fellow readers! Have you ever wondered how the GitHub Security Lab performs security research? In this post, you'll learn how we leverage GitHub products and features such as code scanning, CodeQL, Codespaces, and private vulnerability reporting. By the time we conclude, you'll have mastered....
6.9AI Score
IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: ...
6.3CVSS
6.1AI Score
0.0004EPSS
IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: ...
6.3CVSS
6.1AI Score
0.0004EPSS
CVE-2024-28782 IBM QRadar Suite Software information disclosure
IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: ...
6.3CVSS
6.1AI Score
0.0004EPSS
Fedora: Security Advisory for seamonkey (FEDORA-2024-ad50671f6c)
The remote host is missing an update for...
7.5AI Score
Fedora: Security Advisory for seamonkey (FEDORA-2024-31b196eaf1)
The remote host is missing an update for...
7.5AI Score
Fedora: Security Advisory for seamonkey (FEDORA-2024-8890015ff3)
The remote host is missing an update for...
7.5AI Score
Summary IBM Maximo Application Suite uses ion-java-1.2.0.jar which is vulnerable to CVE-2024-21634. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2024-21634 DESCRIPTION: **Amazon Ion is vulnerable to a denial of service, caused.....
7.5CVSS
7.3AI Score
0.0005EPSS
Key Insights from the NCSC’s Vulnerability Management Guidance
In a world increasingly surrounded by cyber threats, the UK's National Cyber Security Centre (NCSC) offers vital guidance on Vulnerability Management, providing clear and actionable advice for tackling cyber threats. Their recommendations are essential for organizations to understand and mitigate.....
7.9AI Score
Adversaries are leveraging remote access tools now more than ever — here’s how to stop them
Remote system management/desktop access tools such as AnyDesk and TeamViewer have grown in popularity since 2020. While there are many legitimate uses for this software, adversaries are also finding ways to use them for command and control in their campaigns. There is no easy way to effectively...
7.3AI Score
Compromising Bank Customer Trust: The Price of Inadequate Data Protection
Banks hold not just money, but also emotions and aspirations. Countless stories unfold within bank walls, reflecting the intimate connection between money and emotion. Beyond the numbers and transactions, every dollar represents individuals’ hopes, dreams, and livelihoods. As the trusted custodian....
7.5AI Score
Security Bulletin: IBM QRadar Suite software is vulnerable to information exposure
Summary IBM QRadar Suite Software stores user credentials in plain clear text which can be read by an authenticated user. This has been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the...
6.3CVSS
6.7AI Score
0.0004EPSS
7.2CVSS
7.1AI Score
0.001EPSS
K000139152 : Linux kernel vulnerability CVE-2023-2006
Security Advisory Description A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute...
7CVSS
7.6AI Score
0.0005EPSS
7.2CVSS
7AI Score
0.001EPSS
Yonghong Z-Suite is a one-stop big data analytics platform. Yonghong Z-Suite has an arbitrary file download vulnerability that can be exploited by attackers to obtain sensitive...
7AI Score
6.1CVSS
7.2AI Score
0.0005EPSS
6.1CVSS
7.1AI Score
0.0005EPSS
Detecting Windows-based Malware Through Better Visibility
Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren't just an inconvenience that hurt businesses and end users - they damage the economy, endanger lives, destroy businesses and put national...
7AI Score
Summary IBM Maximo Application Suite and IBM Truststore Manager uses Jinja2-3.1.2-py3-none-any.whl and Jinja2-3.0.3-py3-none-any.whl which is vulnerable to CVE-2024-22195. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID:...
6.1CVSS
5.9AI Score
0.001EPSS
Summary IBM Maximo Application Suite uses postgresql-42.3.8.jar which is vulnerable to CVE-2024-1597. This bulletin contains information regarding the vulnerability. Vulnerability Details ** CVEID: CVE-2024-1597 DESCRIPTION: **PostgreSQL JDBC Driver (PgJDBC) is vulnerable to SQL injection. A...
10CVSS
7.3AI Score
0.001EPSS
Summary IBM Maximo Application Suite uses firestore-4.15.1.tgz which is vulnerable to CVE-2023-6460. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2023-6460 DESCRIPTION: **Google APIs nodejs-firestore could allow a local...
5.5CVSS
5.8AI Score
0.0004EPSS
Summary IBM Maximo Application Suite uses cryptography-41.0.4-cp37-abi3-manylinux_2_28_x86_64.whl and cryptography-41.0.7-cp37-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2024-26130. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details....
7.5CVSS
6.6AI Score
0.0004EPSS
Summary IBM Maximo Application Suite uses cryptography-41.0.2-cp37-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2023-49083.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2023-4807 DESCRIPTION: **OpenSSL is...
7.8CVSS
9.9AI Score
0.003EPSS
Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities
The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. "Vultur has also started masquerading more of its...
7.7AI Score
[SECURITY] Fedora 38 Update: seamonkey-2.53.18.2-1.fc38
SeaMonkey is an all-in-one Internet application suite (previously made popular by Netscape and Mozilla). It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application.....
7.1AI Score
[SECURITY] Fedora 39 Update: seamonkey-2.53.18.2-1.fc39
SeaMonkey is an all-in-one Internet application suite (previously made popular by Netscape and Mozilla). It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application.....
7.1AI Score
[SECURITY] Fedora 40 Update: seamonkey-2.53.18.2-1.fc40
SeaMonkey is an all-in-one Internet application suite (previously made popular by Netscape and Mozilla). It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application.....
7.1AI Score
K000139140 : util-linux vulnerability CVE-2024-28085
Security Advisory Description wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not...
7AI Score
0.0005EPSS
K000139141 : liblzma vulnerability CVE-2024-3094
Security Advisory Description Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to....
10CVSS
9.3AI Score
0.133EPSS
Urgent: Secret Backdoor Found in XZ Utils Library, Impacts Major Linux Distros
Red Hat on Friday released an "urgent security alert" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access. The software supply chain compromise, tracked as...
10CVSS
9.5AI Score
0.133EPSS
Tuleap is an Open Source Suite to improve management of software developments and collaboration. A malicious user could exploit this issue on purpose to delete information on the instance or possibly gain access to restricted artifacts. It is however not possible to control exactly which...
7.6CVSS
7.5AI Score
0.0004EPSS
Tuleap is an Open Source Suite to improve management of software developments and collaboration. A malicious user could exploit this issue on purpose to delete information on the instance or possibly gain access to restricted artifacts. It is however not possible to control exactly which...
7.6CVSS
7.6AI Score
0.0004EPSS
Tuleap is an Open Source Suite to improve management of software developments and collaboration. A malicious user could exploit this issue on purpose to delete information on the instance or possibly gain access to restricted artifacts. It is however not possible to control exactly which...
7.6CVSS
6.9AI Score
0.0004EPSS
CVE-2024-30246 Tuleap deleting or moving an artifact can delete values from unrelated artifacts
Tuleap is an Open Source Suite to improve management of software developments and collaboration. A malicious user could exploit this issue on purpose to delete information on the instance or possibly gain access to restricted artifacts. It is however not possible to control exactly which...
7.6CVSS
7.8AI Score
0.0004EPSS
7.8CVSS
7.1AI Score
0.0004EPSS
K000139092 : DNS vulnerability CVE-2023-50387
Security Advisory Description Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a...
7.5CVSS
7.7AI Score
0.05EPSS
Summary Multiple Security Vulnerabilities in the IBM WebSphere Application Server product as shipped with the IBM Directory Server and IBM Directory Suite products have been fixed. Vulnerability Details ** CVEID: CVE-2022-22473 DESCRIPTION: **IBM WebSphere Application Server 7.0, 8.0, 8.5, and...
7.5CVSS
7AI Score
0.001EPSS
nac-town.co.jp Cross Site Scripting vulnerability OBB-3889152
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
7.8CVSS
7.2AI Score
0.0004EPSS
7.8CVSS
7.4AI Score
0.0004EPSS
K000139084 : DNS vulnerability CVE-2023-50868
Security Advisory Description The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3"...
7.6AI Score
0.0005EPSS
Important: libreoffice security fix update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
8.8CVSS
7.3AI Score
0.001EPSS
libreoffice security fix update
An update is available for libreoffice. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibreOffice is an open source, community-developed office productivity...
8.8CVSS
7.5AI Score
0.001EPSS
REST service authentication anomaly with “valid username/no password” credential combination for batch job processing resulting in successful service invocation. The anomaly doesn’t exist with other credential...
5.3CVSS
7.1AI Score
0.0004EPSS
Kirby CMS Cross-Site Scripting Vulnerability
Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. A heap buffer overflow vulnerability exists in Rockwell Automation Arena Simulation Software, which can be exploited by an attacker to...
7.8CVSS
7.4AI Score
0.0004EPSS
Rockwell Automation Arena Simulation Software Arbitrary Code Execution Vulnerability
Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. An arbitrary code execution vulnerability exists in Rockwell Automation Arena Simulation Software, which can be exploited by an attacker to....
7.8CVSS
7.9AI Score
0.0004EPSS
7.4AI Score
OpenNMS Horizon 31.0.7 Remote Command Execution Exploit
This Metasploit module exploits built-in functionality in OpenNMS Horizon in order to execute arbitrary commands as the opennms user. For versions 32.0.2 and higher, this module requires valid credentials for a user with ROLE_FILESYSTEM_EDITOR privileges and either ROLE_ADMIN or ROLE_REST. For...
8.2CVSS
8.3AI Score
0.0004EPSS
K000139064 : Apache vulnerabilities CVE-2009-2299, CVE-2012-3526, CVE-2012-4001, and CVE-2012-4360
Security Advisory Description CVE-2009-2299 The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via...
6.6AI Score
0.038EPSS