XZ backdoor story – Initial analysis
On March 29, 2024, a single message on the Openwall OSS-security mailing list marked an important discovery for the information security, open source and Linux communities: the discovery of a malicious backdoor in XZ. XZ is a compression utility integrated into many popular distributions of Linux.....
10CVSS
9.3AI Score
0.133EPSS
Photo: David Adams, MV Dali and the Francis Scott Key Bridge collapse - 240326-A-SE916-6662, A layer has been added showing a character and a speech bubble, CC0 1.0 TL;DR Ships can be hacked Was the MV Dali hacked? Practically impossible Polarised views from uninformed commentators do not help...
7.5AI Score
Sneaky Credit Card Skimmer Disguised as Harmless Facebook Tracker
Cybersecurity researchers have discovered a credit card skimmer that's concealed within a fake Meta Pixel tracker script in an attempt to evade detection. Sucuri said that the malware is injected into websites through tools that allow for custom code, such as WordPress plugins like Simple Custom...
7.3AI Score
AlmaLinux 9 : bind (ALSA-2024:1789)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1789 advisory. The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS...
7.5CVSS
7.3AI Score
0.05EPSS
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the.....
10CVSS
10AI Score
0.957EPSS
Oracle Linux 9 : bind (ELSA-2024-1789)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1789 advisory. A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect <domain>; is configured, and....
7.5CVSS
7.9AI Score
0.05EPSS
Oracle Linux 8 : bind9.16 (ELSA-2024-1781)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1781 advisory. The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of...
7.5CVSS
8.2AI Score
0.05EPSS
AlmaLinux 8 : bind9.16 (ALSA-2024:1781)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1781 advisory. The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS...
7.5CVSS
7.7AI Score
0.05EPSS
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CPU....
7.2AI Score
0.0004EPSS
Mautic vulnerable to stored cross-site scripting in description field
Impact Prior to the patched version, there is an XSS vulnerability in the description fields within the Mautic application which could be exploited by a logged in user of Mautic with the appropriate permissions. This could lead to the user having elevated access to the system. Patches Update to...
5.9AI Score
EPSS
Mautic vulnerable to stored cross-site scripting in description field
Impact Prior to the patched version, there is an XSS vulnerability in the description fields within the Mautic application which could be exploited by a logged in user of Mautic with the appropriate permissions. This could lead to the user having elevated access to the system. Patches Update to...
6AI Score
EPSS
Why CISA is Warning CISOs About a Breach at Sisense
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense....
7.5AI Score
Matrix IRC Bridge truncated content of messages can be leaked
Impact The matrix-appservice-irc before version 2.0.0 can be exploited to leak the truncated body of a message if a malicious user sends a Matrix reply to an event ID they don't have access to. As a precondition to the attack, the malicious user needs to know the event ID of the message they want.....
4.3CVSS
6.6AI Score
0.0004EPSS
Matrix IRC Bridge truncated content of messages can be leaked
Impact The matrix-appservice-irc before version 2.0.0 can be exploited to leak the truncated body of a message if a malicious user sends a Matrix reply to an event ID they don't have access to. As a precondition to the attack, the malicious user needs to know the event ID of the message they want.....
4.3CVSS
6.4AI Score
0.0004EPSS
The internet is already scary enough without April Fool’s jokes
I feel like over the past several years, the "holiday" that is April Fool's Day has really died down. At this point, there are few headlines you can write that would be more ridiculous than something you'd find on a news site any day of the week. And there are so many more serious issues that are.....
7.3AI Score
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 1, 2024 to April 7, 2024)
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 193 vulnerabilities disclosed in 154...
9.9CVSS
9.8AI Score
0.082EPSS
TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer
A threat actor tracked as TA547 has targeted dozens of German organizations with an information stealer called Rhadamanthys as part of an invoice-themed phishing campaign. "This is the first time researchers observed TA547 use Rhadamanthys, an information stealer that is used by multiple...
7.2AI Score
Microsoft’s April 2024 Patch Tuesday includes two actively exploited zero-day vulnerabilities
The April 2024 Patch Tuesday update includes patches for 149 Microsoft vulnerabilities and republishes 6 non-Microsoft CVEs. Three of those 149 vulnerabilities are listed as critical, and one is listed as actively exploited by Microsoft. Another vulnerability is claimed to be a zero-day by...
8.8CVSS
8.2AI Score
0.004EPSS
Subscribe To Comments Reloaded < 240119 - Unauthenticated Sensitive Information Exposure
Description The Subscribe To Comments Reloaded plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 220725 via log files. This makes it possible for unauthenticated attackers to extract sensitive data from log...
5.3CVSS
6.7AI Score
0.0004EPSS
WordPress Comments Import & Export < 2.3.6 - Cross-Site Request Forgery
Description The WordPress Comments Import & Export plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.5. This is due to missing or incorrect nonce validation on the do_export() function. This makes it possible for unauthenticated attackers to....
4.3CVSS
6.1AI Score
0.0004EPSS
7.5CVSS
6.8AI Score
0.0005EPSS
Xpdf is vulnerable to a Divide-by-Zero. The vulnerability is due to a bad color space object in the input PDF...
5.5CVSS
6.5AI Score
0.0004EPSS
Context stateObject: represents the state of an account and is used to store its updates during a state transition. This is accomplished using two in memory Storage variables: originStorage and dirtyStorage StateDB: it is the general interface to retrieve accounts and holds a map of...
9.1CVSS
7.2AI Score
0.0004EPSS
Context stateObject: represents the state of an account and is used to store its updates during a state transition. This is accomplished using two in memory Storage variables: originStorage and dirtyStorage StateDB: it is the general interface to retrieve accounts and holds a map of...
9.1CVSS
7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CPU....
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CPU....
7.4AI Score
0.0004EPSS
CVE-2021-47187 arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CPU....
6.7AI Score
0.0004EPSS
XWiki Platform: Password hash might be leaked by diff once the xobject holding them is deleted
Impact It is possible to access the hash of a password by using the diff feature of the history whenever the object storing the password is deleted. Using that vulnerability it's possible for an attacker to have access to the hash password of a user if they have rights to edit the users' page. ...
6.8CVSS
6.5AI Score
0.0004EPSS
XWiki Platform: Password hash might be leaked by diff once the xobject holding them is deleted
Impact It is possible to access the hash of a password by using the diff feature of the history whenever the object storing the password is deleted. Using that vulnerability it's possible for an attacker to have access to the hash password of a user if they have rights to edit the users' page. ...
6.8CVSS
6.7AI Score
0.0004EPSS
Insertion of Sensitive Information into Log File vulnerability in WPKube Subscribe To Comments Reloaded.This issue affects Subscribe To Comments Reloaded: from n/a through...
5.3CVSS
5.3AI Score
0.0004EPSS
Insertion of Sensitive Information into Log File vulnerability in WPKube Subscribe To Comments Reloaded.This issue affects Subscribe To Comments Reloaded: from n/a through...
5.3CVSS
9.3AI Score
0.0004EPSS
Insertion of Sensitive Information into Log File vulnerability in WPKube Subscribe To Comments Reloaded.This issue affects Subscribe To Comments Reloaded: from n/a through...
5.3CVSS
5.6AI Score
0.0004EPSS
Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers
On April 9, Twitter/X began automatically modifying links that mention "twitter.com" to read "x.com" instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links -- such as fedetwitter[.]com,.....
6.9AI Score
contao/comments-bundle is vulnerable to CSS Injection. The vulnerability is due to insufficient input validation and sanitization within the BBCode parsing mechanism in Comments.php, allowing attackers to inject CSS styles via...
4.3CVSS
7AI Score
0.0004EPSS
Updated gstreamer1.0 packages fix vulnerability
Heap-based buffer overflow in the AV1 codec parser when handling certain malformed streams before GStreamer 1.22.9 It is possible for a malicious third party to trigger a crash in the application, and possibly also effect code execution through heap...
7.5CVSS
8.4AI Score
0.0005EPSS
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 were ..bad: first of all, for all of them the timings were written for CPU....
6.7AI Score
0.0004EPSS
April’s Patch Tuesday Brings Record Number of Fixes
If only Patch Tuesdays came around infrequently -- like total solar eclipse rare -- instead of just creeping up on us each month like The Man in the Moon. Although to be fair, it would be tough for Microsoft to eclipse the number of vulnerabilities fixed in this month's patch batch -- a record 147....
8.8CVSS
8AI Score
0.004EPSS
Contao: Insufficient BBCode sanitizer
Impact If BBCode is enabled for comments, users can inject CSS styles. Patches Update to Contao 4.13.40 or 5.3.4. Workarounds Disable BBCode for comments. References https://contao.org/en/security-advisories/insufficient-bbcode-sanitization For more information If you have any questions or...
4.3CVSS
4.6AI Score
0.0004EPSS
Contao: Insufficient BBCode sanitizer
Impact If BBCode is enabled for comments, users can inject CSS styles. Patches Update to Contao 4.13.40 or 5.3.4. Workarounds Disable BBCode for comments. References https://contao.org/en/security-advisories/insufficient-bbcode-sanitization For more information If you have any questions or...
4.3CVSS
7AI Score
0.0004EPSS
Contao: Unencoded insert tags in the frontend
Impact It is possible to inject insert tags via the form generator if the submitted form data is output on the page in a specific way. Patches Update to Contao 4.13.40 or 5.3.4. Workarounds Do not output the submitted form data on the website. References...
3.1CVSS
6.8AI Score
0.0004EPSS
Contao: Unencoded insert tags in the frontend
Impact It is possible to inject insert tags via the form generator if the submitted form data is output on the page in a specific way. Patches Update to Contao 4.13.40 or 5.3.4. Workarounds Do not output the submitted form data on the website. References...
3.1CVSS
3.8AI Score
0.0004EPSS
Contao: Cross site scripting in the file manager
Impact Users can insert malicious code into file names when uploading files, which is then executed in tooltips and popups in the backend. Patches Update to Contao 4.13.40 or Contao 5.3.4. Workarounds Disable uploads for untrusted users. References...
5.4CVSS
5.5AI Score
0.0004EPSS
Contao: Cross site scripting in the file manager
Impact Users can insert malicious code into file names when uploading files, which is then executed in tooltips and popups in the backend. Patches Update to Contao 4.13.40 or Contao 5.3.4. Workarounds Disable uploads for untrusted users. References...
5.4CVSS
7.1AI Score
0.0004EPSS
Contao: Remember-me tokens will not be cleared after a password change
Impact When a front end member changes their password, the corresponding remember-me tokens are not removed. Patches Update to Contao 4.13.40. Workarounds Disable "Allow auto login" in the login module. References...
5.9CVSS
6.9AI Score
0.0004EPSS
Contao: Remember-me tokens will not be cleared after a password change
Impact When a front end member changes their password, the corresponding remember-me tokens are not removed. Patches Update to Contao 4.13.40. Workarounds Disable "Allow auto login" in the login module. References...
5.9CVSS
5.7AI Score
0.0004EPSS
Impact If the crawler is set to crawl protected pages, it sends the cookie header to externals URLs. Patches Update to Contao 4.13.40 or 5.3.4. Workarounds Disable crawling protected pages. References https://contao.org/en/security-advisories/session-cookie-disclosure-in-the-crawler For more...
8.3CVSS
8.3AI Score
0.0004EPSS
Impact If the crawler is set to crawl protected pages, it sends the cookie header to externals URLs. Patches Update to Contao 4.13.40 or 5.3.4. Workarounds Disable crawling protected pages. References https://contao.org/en/security-advisories/session-cookie-disclosure-in-the-crawler For more...
8.3CVSS
6.9AI Score
0.0004EPSS
google-oauth-java-client improperly verifies cryptographic signature
Summary The vulnerability impacts only users of the IdTokenVerifier class. The verify method in IdTokenVerifier does not validate the signature before verifying the claims (e.g., iss, aud, etc.). Signature verification makes sure that the token's payload comes from valid provider, not from someone....
8.7CVSS
6.6AI Score
0.001EPSS
google-oauth-java-client improperly verifies cryptographic signature
Summary The vulnerability impacts only users of the IdTokenVerifier class. The verify method in IdTokenVerifier does not validate the signature before verifying the claims (e.g., iss, aud, etc.). Signature verification makes sure that the token's payload comes from valid provider, not from someone....
8.7CVSS
7AI Score
0.001EPSS