Curl 8.6.0 < 8.7.0 QUIC Certificate Check Bypass (CVE-2024-2379)
The version of Curl installed on the remote host is between 8.6.0 and prior to 8.7.0. It is, therefore, affected by a certificate check bypass vulnerability. libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an...
6.4AI Score
0.0004EPSS
Cilium has insecure IPsec transport encryption
Impact Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to the following attacks by a man-in-the-middle attacker: Chosen plaintext attacks Key recovery attacks Replay...
8CVSS
7AI Score
0.0004EPSS
Cilium has insecure IPsec transport encryption
Impact Users of IPsec transparent encryption in Cilium may be vulnerable to cryptographic attacks that render the transparent encryption ineffective. In particular, Cilium is vulnerable to the following attacks by a man-in-the-middle attacker: Chosen plaintext attacks Key recovery attacks Replay...
8CVSS
7AI Score
0.0004EPSS
ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass
Impact ZITADEL users can upload their own avatar image and various image types are allowed. Due to a missing check, an attacker could upload HTML and pretend it is an image to gain access to the victim's account in certain scenarios. A possible victim would need to directly open the supposed image....
8.7CVSS
6.9AI Score
0.0004EPSS
ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass
Impact ZITADEL users can upload their own avatar image and various image types are allowed. Due to a missing check, an attacker could upload HTML and pretend it is an image to gain access to the victim's account in certain scenarios. A possible victim would need to directly open the supposed image....
8.7CVSS
7AI Score
0.0004EPSS
Darcula Phishing Network Leveraging RCS and iMessage to Evade Detection
A sophisticated phishing-as-a-service (PhaaS) platform called Darcula has set its sights on organizations in over 100 countries by leveraging a massive network of more than 20,000 counterfeit domains to help cyber criminals launch attacks at scale. "Using iMessage and RCS rather than SMS to send...
7.2AI Score
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Heateor Fancy Comments WordPress allows Stored XSS.This issue affects Fancy Comments WordPress: from n/a through...
6.5CVSS
6.4AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Heateor Fancy Comments WordPress allows Stored XSS.This issue affects Fancy Comments WordPress: from n/a through...
6.5CVSS
9.1AI Score
0.0004EPSS
Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions
A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users' systems and carry out malicious actions. "This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly...
6.5CVSS
6.7AI Score
0.001EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Heateor Fancy Comments WordPress allows Stored XSS.This issue affects Fancy Comments WordPress: from n/a through...
6.5CVSS
6.6AI Score
0.0004EPSS
A flaw was found in curl. When libcurl is built to use wolfSSL as the TLS backend, it skips certificate verification for a QUIC connection if an unknown/bad cipher or curve is...
7AI Score
0.0004EPSS
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate...
6.3AI Score
0.0004EPSS
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate...
6.6AI Score
0.0004EPSS
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate...
7.4AI Score
0.0004EPSS
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate...
6.3AI Score
0.0004EPSS
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate...
6.6AI Score
0.0004EPSS
QUIC certificate check bypass with wolfSSL
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate...
6AI Score
0.0004EPSS
CVE-2024-2379 QUIC certificate check bypass with wolfSSL
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate...
6.6AI Score
0.0004EPSS
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems. Notes Author| Note...
6.5AI Score
0.0004EPSS
Slackware Linux 15.0 / current curl Multiple Vulnerabilities (SSA:2024-087-01)
The version of curl installed on the remote host is prior to 8.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-087-01 advisory. When a protocol selection parameter option disables all protocols without adding any then the default set of protocols...
5.7AI Score
0.0004EPSS
Andrew Appel shepherded a public comment--signed by twenty election cybersecurity experts, including myself--on best practices for ballot marking devices and vote tabulation. It was written for the Pennsylvania legislature, but it's general in nature. From the executive summary: We believe that...
7.4AI Score
KaTeX's `\includegraphics` does not escape filename
Impact KaTeX users who render untrusted mathematical expressions could encounter malicious input using \includegraphics that runs arbitrary JavaScript, or generate invalid HTML. Patches Upgrade to KaTeX v0.16.10 to remove this vulnerability. Workarounds Avoid use of or turn off the trust option,...
6.3CVSS
6.6AI Score
0.0004EPSS
KaTeX's `\includegraphics` does not escape filename
Impact KaTeX users who render untrusted mathematical expressions could encounter malicious input using \includegraphics that runs arbitrary JavaScript, or generate invalid HTML. Patches Upgrade to KaTeX v0.16.10 to remove this vulnerability. Workarounds Avoid use of or turn off the trust option,...
6.3CVSS
7AI Score
0.0004EPSS
KaTeX's maxExpand bypassed by Unicode sub/superscripts
Impact KaTeX users who render untrusted mathematical expressions could encounter malicious input using \def or \newcommand that causes a near-infinite loop, despite setting maxExpand to avoid such loops. This can be used as an availability attack, where e.g. a client rendering another user's KaTeX....
6.5CVSS
7.3AI Score
0.0004EPSS
KaTeX's maxExpand bypassed by Unicode sub/superscripts
Impact KaTeX users who render untrusted mathematical expressions could encounter malicious input using \def or \newcommand that causes a near-infinite loop, despite setting maxExpand to avoid such loops. This can be used as an availability attack, where e.g. a client rendering another user's KaTeX....
6.5CVSS
6.9AI Score
0.0004EPSS
KaTeX's maxExpand bypassed by `\edef`
Impact KaTeX users who render untrusted mathematical expressions could encounter malicious input using \edef that causes a near-infinite loop, despite setting maxExpand to avoid such loops. This can be used as an availability attack, where e.g. a client rendering another user's KaTeX input will be....
6.5CVSS
7AI Score
0.0004EPSS
KaTeX's maxExpand bypassed by `\edef`
Impact KaTeX users who render untrusted mathematical expressions could encounter malicious input using \edef that causes a near-infinite loop, despite setting maxExpand to avoid such loops. This can be used as an availability attack, where e.g. a client rendering another user's KaTeX input will be....
6.5CVSS
7.4AI Score
0.0004EPSS
Top 4 Industries at Risk of Credential Stuffing and Account Takeover (ATO) attacks
All industries are at risk of credential stuffing and account takeover (ATO) attacks. However, some industries are at a greater risk because of the sensitive information or volume of customer data they possess. While cyber-attacks come in all forms and techniques, credential stuffing involves an...
6.9AI Score
In the Linux kernel, the following vulnerability has been resolved: cxgb4: avoid accessing registers when clearing filters Hardware register having the server TID base can contain invalid values when adapter is in bad state (for example, due to AER fatal error). Reading these invalid values in the....
7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. This isn't a bug in.....
7.5AI Score
0.0004EPSS
Radamsa - A General-Purpose Fuzzer
Radamsa is a test case generator for robustness testing, a.k.a. a fuzzer. It is typically used to test how well a program can withstand malformed and potentially malicious inputs. It works by reading sample files of valid data and generating interestringly different outputs from them. The main...
9.8CVSS
7.5AI Score
EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: fix OOB access in the traffic path the following script: # tc qdisc add dev eth0 handle 0x1 root fq_pie flows 2 # tc qdisc add dev eth0 clsact # tc filter add dev eth0 egress matchall action skbedit priority...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: fix OOB access in the traffic path the following script: # tc qdisc add dev eth0 handle 0x1 root fq_pie flows 2 # tc qdisc add dev eth0 clsact # tc filter add dev eth0 egress matchall action skbedit...
7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: fix OOB access in the traffic path the following script: # tc qdisc add dev eth0 handle 0x1 root fq_pie flows 2 # tc qdisc add dev eth0 clsact # tc filter add dev eth0 egress matchall action skbedit priority...
8.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. This isn't a bug...
7.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. This isn't a bug in.....
7.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. This isn't a bug in.....
6.8AI Score
0.0004EPSS
CVE-2021-47175 net/sched: fq_pie: fix OOB access in the traffic path
In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: fix OOB access in the traffic path the following script: # tc qdisc add dev eth0 handle 0x1 root fq_pie flows 2 # tc qdisc add dev eth0 clsact # tc filter add dev eth0 egress matchall action skbedit priority...
6.9AI Score
0.0004EPSS
CVE-2021-47175 net/sched: fq_pie: fix OOB access in the traffic path
In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: fix OOB access in the traffic path the following script: # tc qdisc add dev eth0 handle 0x1 root fq_pie flows 2 # tc qdisc add dev eth0 clsact # tc filter add dev eth0 egress matchall action skbedit priority...
8.7AI Score
0.0004EPSS
CVE-2021-47170 USB: usbfs: Don't WARN about excessively large memory allocations
In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. This isn't a bug in.....
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: cxgb4: avoid accessing registers when clearing filters Hardware register having the server TID base can contain invalid values when adapter is in bad state (for example, due to AER fatal error). Reading these invalid values in the....
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: cxgb4: avoid accessing registers when clearing filters Hardware register having the server TID base can contain invalid values when adapter is in bad state (for example, due to AER fatal error). Reading these invalid values in...
7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: cxgb4: avoid accessing registers when clearing filters Hardware register having the server TID base can contain invalid values when adapter is in bad state (for example, due to AER fatal error). Reading these invalid values in the....
7.4AI Score
0.0004EPSS
CVE-2021-47138 cxgb4: avoid accessing registers when clearing filters
In the Linux kernel, the following vulnerability has been resolved: cxgb4: avoid accessing registers when clearing filters Hardware register having the server TID base can contain invalid values when adapter is in bad state (for example, due to AER fatal error). Reading these invalid values in the....
6.7AI Score
0.0004EPSS
CVE-2021-47138 cxgb4: avoid accessing registers when clearing filters
In the Linux kernel, the following vulnerability has been resolved: cxgb4: avoid accessing registers when clearing filters Hardware register having the server TID base can contain invalid values when adapter is in bad state (for example, due to AER fatal error). Reading these invalid values in the....
7.5AI Score
0.0004EPSS
Jetpack < 13.2.1 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC When the "Let visitors...
6.1AI Score
In the Linux kernel, the following vulnerability has been resolved: cxgb4: avoid accessing registers when clearing filters Hardware register having the server TID base can contain invalid values when adapter is in bad state (for example, due to AER fatal error). Reading these invalid values in the....
6.6AI Score
0.0004EPSS
Ubuntu 22.04 LTS / 23.10 : Linux kernel (AWS) vulnerabilities (USN-6707-3)
The remote Ubuntu 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6707-3 advisory. A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation....
7.8CVSS
7.7AI Score
0.002EPSS
In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. This isn't a bug in.....
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: fix OOB access in the traffic path the following script: tc qdisc add dev eth0 handle 0x1 root fq_pie flows 2 # tc qdisc add dev eth0 clsact # tc filter add dev eth0 egress matchall action skbedit priority...
6.6AI Score
0.0004EPSS