Episode 2: Behind the Scenes of a Tailor-Made Massive Phishing Campaign Part 2
Executive Summary Last summer, we investigated a massive, global phishing campaign impersonating almost 350 legitimate companies. Our continued investigation into this expansive phishing campaign revealed leaked backend source code, shedding light on the infrastructure behind the operation. This...
7AI Score
Summary IBM Operator for Apache Flink is vulnerable to a denial of service attack due to the Apache Commons Compress component. Apache Flink uses Commons Compress for handling compressed files and formats, enabling efficient data processing and storage. Vulnerability Details ** CVEID:...
8.1CVSS
6.9AI Score
0.001EPSS
Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.6.0 Vulnerability Details ** CVEID: CVE-2022-25857 DESCRIPTION: **Java package org.yaml:snakeyam is vulnerable to a denial of service, caused by missing to nested depth limitation for collections. By sending a...
9.8CVSS
10AI Score
EPSS
Multiple vulnerabilities in TP-Link Omada system could lead to root access
The TP-Link Omada system is a software-defined networking solution for small to medium-sized businesses. It touts cloud-managed devices and local management for all Omada devices. The supported devices in this ecosystem vary greatly but include wireless access points, routers, switches, VPN...
8.1CVSS
9.4AI Score
0.001EPSS
CVE-2023-3817 affecting package rust for versions less than 1.68.2-5
CVE-2023-3817 affecting package rust for versions less than 1.68.2-5. A patched version of the package is...
5.3CVSS
6.3AI Score
0.002EPSS
CVE-2021-23192 affecting package samba 4.12.5-6
CVE-2021-23192 affecting package samba 4.12.5-6. No patch is available...
7.5CVSS
7.6AI Score
0.001EPSS
CVE-2020-14383 affecting package samba 4.12.5-6
CVE-2020-14383 affecting package samba 4.12.5-6. No patch is available...
6.5CVSS
6.7AI Score
0.004EPSS
CVE-2020-14323 affecting package samba 4.12.5-6
CVE-2020-14323 affecting package samba 4.12.5-6. No patch is available...
5.5CVSS
6AI Score
0.001EPSS
CVE-2020-14318 affecting package samba 4.12.5-6
CVE-2020-14318 affecting package samba 4.12.5-6. No patch is available...
4.3CVSS
5.4AI Score
0.001EPSS
CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5
CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...
7.5CVSS
7AI Score
0.001EPSS
CVE-2023-25761 affecting package junit 4.13-5
CVE-2023-25761 affecting package junit 4.13-5. No patch is available...
5.4CVSS
7.5AI Score
0.001EPSS
CVE-2018-14628 affecting package samba 4.12.5-6
CVE-2018-14628 affecting package samba 4.12.5-6. No patch is available...
4.3CVSS
5.1AI Score
0.001EPSS
CVE-2022-1615 affecting package samba 4.12.5-6
CVE-2022-1615 affecting package samba 4.12.5-6. No patch is available...
5.5CVSS
5.9AI Score
0.001EPSS
CVE-2021-3670 affecting package samba 4.12.5-6
CVE-2021-3670 affecting package samba 4.12.5-6. No patch is available...
6.5CVSS
6.8AI Score
0.003EPSS
CVE-2020-17049 affecting package samba 4.12.5-6
CVE-2020-17049 affecting package samba 4.12.5-6. No patch is available...
6.6CVSS
7.9AI Score
0.027EPSS
CVE-2021-3738 affecting package samba 4.12.5-6
CVE-2021-3738 affecting package samba 4.12.5-6. No patch is available...
8.8CVSS
7.9AI Score
0.002EPSS
CVE-2024-27304 affecting package telegraf for versions less than 1.28.5-5
CVE-2024-27304 affecting package telegraf for versions less than 1.28.5-5. A patched version of the package is...
9.8CVSS
9.6AI Score
0.0004EPSS
CVE-2023-22466 affecting package netavark 1.0.3-5
CVE-2023-22466 affecting package netavark 1.0.3-5. This CVE either no longer is or was never...
5.4CVSS
5.9AI Score
0.001EPSS
CVE-2020-12825 affecting package libcroco 0.6.13-6
CVE-2020-12825 affecting package libcroco 0.6.13-6. No patch is available...
7.1CVSS
7.5AI Score
0.002EPSS
CVE-2022-32743 affecting package samba 4.12.5-6
CVE-2022-32743 affecting package samba 4.12.5-6. No patch is available...
7.5CVSS
6AI Score
0.002EPSS
CVE-2022-0336 affecting package samba 4.12.5-6
CVE-2022-0336 affecting package samba 4.12.5-6. No patch is available...
8.8CVSS
8.8AI Score
0.004EPSS
CVE-2022-32744 affecting package samba 4.12.5-6
CVE-2022-32744 affecting package samba 4.12.5-6. No patch is available...
8.8CVSS
8.5AI Score
0.001EPSS
CVE-2021-20316 affecting package samba 4.12.5-6
CVE-2021-20316 affecting package samba 4.12.5-6. No patch is available...
6.8CVSS
7AI Score
0.002EPSS
CVE-2022-28506 affecting package giflib 5.2.1-6
CVE-2022-28506 affecting package giflib 5.2.1-6. No patch is available...
5.5CVSS
5.5AI Score
0.001EPSS
CVE-2022-34176 affecting package junit 4.13-5
CVE-2022-34176 affecting package junit 4.13-5. No patch is available...
5.4CVSS
5.9AI Score
0.001EPSS
CVE-2022-28506 affecting package giflib 5.2.1-5
CVE-2022-28506 affecting package giflib 5.2.1-5. This CVE either no longer is or was never...
5.5CVSS
7.5AI Score
0.001EPSS
CVE-2020-25719 affecting package samba 4.12.5-6
CVE-2020-25719 affecting package samba 4.12.5-6. No patch is available...
7.2CVSS
7.2AI Score
0.001EPSS
CVE-2016-2124 affecting package samba 4.12.5-6
CVE-2016-2124 affecting package samba 4.12.5-6. No patch is available...
5.9CVSS
6.8AI Score
0.002EPSS
CVE-2021-43566 affecting package samba 4.12.5-6
CVE-2021-43566 affecting package samba 4.12.5-6. No patch is available...
2.5CVSS
4.2AI Score
0.001EPSS
CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5
CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5. No patch is available...
7.5CVSS
7.8AI Score
0.003EPSS
CVE-2021-3671 affecting package samba 4.12.5-6
CVE-2021-3671 affecting package samba 4.12.5-6. No patch is available...
6.5CVSS
7.7AI Score
0.005EPSS
CVE-2021-20277 affecting package samba 4.12.5-6
CVE-2021-20277 affecting package samba 4.12.5-6. No patch is available...
7.5CVSS
7.8AI Score
0.006EPSS
CVE-2021-20254 affecting package samba 4.12.5-6
CVE-2021-20254 affecting package samba 4.12.5-6. No patch is available...
6.8CVSS
6.4AI Score
0.004EPSS
CVE-2020-8908 affecting package guava 25.0-5
CVE-2020-8908 affecting package guava 25.0-5. This CVE either no longer is or was never...
3.3CVSS
6.7AI Score
0.001EPSS
CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5
CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5. No patch is available...
7.5CVSS
7.8AI Score
0.003EPSS
CVE-1999-0817 affecting package lynx 2.9.0~dev.9-5
CVE-1999-0817 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...
7.2AI Score
0.007EPSS
CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5
CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...
7.5CVSS
7.8AI Score
0.732EPSS
CVE-2021-44141 affecting package samba 4.12.5-6
CVE-2021-44141 affecting package samba 4.12.5-6. No patch is available...
4.3CVSS
5.9AI Score
0.001EPSS
CVE-2023-0215 affecting package shim-unsigned-aarch64 15-5
CVE-2023-0215 affecting package shim-unsigned-aarch64 15-5. This CVE either no longer is or was never...
7.5CVSS
8.2AI Score
0.004EPSS
CVE-2022-45380 affecting package junit 4.13-5
CVE-2022-45380 affecting package junit 4.13-5. No patch is available...
5.4CVSS
5.9AI Score
0.001EPSS
CVE-2022-2031 affecting package samba 4.12.5-6
CVE-2022-2031 affecting package samba 4.12.5-6. No patch is available...
8.8CVSS
8.5AI Score
0.001EPSS
CVE-2022-32746 affecting package samba 4.12.5-6
CVE-2022-32746 affecting package samba 4.12.5-6. No patch is available...
5.4CVSS
6AI Score
0.001EPSS
CVE-2021-3716 affecting package nbdkit 1.20.7-5
CVE-2021-3716 affecting package nbdkit 1.20.7-5. This CVE either no longer is or was never...
3.1CVSS
7.5AI Score
0.001EPSS
CVE-2020-25722 affecting package samba 4.12.5-6
CVE-2020-25722 affecting package samba 4.12.5-6. No patch is available...
8.8CVSS
7.9AI Score
0.002EPSS
CVE-2010-4226 affecting package cpio 2.13-5
CVE-2010-4226 affecting package cpio 2.13-5. This CVE either no longer is or was never...
6.8AI Score
0.003EPSS
CVE-2022-3857 affecting package libpng for versions less than 1.6.39-1
CVE-2022-3857 affecting package libpng for versions less than 1.6.39-1. No patch is available...
5.5CVSS
5.5AI Score
0.001EPSS
CVE-2023-0286 affecting package reaper 3.1.1-6
CVE-2023-0286 affecting package reaper 3.1.1-6. This CVE either no longer is or was never...
7.4CVSS
8AI Score
0.003EPSS
CVE-2022-3437 affecting package samba 4.12.5-6
CVE-2022-3437 affecting package samba 4.12.5-6. No patch is available...
6.5CVSS
7.3AI Score
0.01EPSS
CVE-2023-22466 affecting package rpm-ostree 2022.1-6
CVE-2023-22466 affecting package rpm-ostree 2022.1-6. This CVE either no longer is or was never...
5.4CVSS
5.9AI Score
0.001EPSS
CVE-2022-42898 affecting package samba 4.12.5-6
CVE-2022-42898 affecting package samba 4.12.5-6. No patch is available...
8.8CVSS
8.1AI Score
0.005EPSS