Lucene search

K

HPE Integrated Lights-out 5 (iLO 5), HPE Integrated Lights-out 6 (iLO 6), Security Vulnerabilities

rapid7blog
rapid7blog

Malvertising Campaign Leads to Execution of Oyster Backdoor

The following analysts contributed to this blog: Thomas Elkins, Daniel Thiede, Josh Lockwood, Tyler McGraw, and Sasha Kovalev. Executive Summary Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome and.....

7.1AI Score

2024-06-17 08:28 PM
3
debiancve
debiancve

CVE-2024-6062

A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this issue is the function swf_svg_add_iso_sample of the file src/filters/load_text.c of the component MP4Box. The manipulation leads to null pointer dereference. The attack needs to be...

3.3CVSS

7AI Score

0.0004EPSS

2024-06-17 08:15 PM
1
debiancve
debiancve

CVE-2024-6061

A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this vulnerability is the function isoffin_process of the file src/filters/isoffin_read.c of the component MP4Box. The manipulation leads to infinite loop. It is possible to launch...

3.3CVSS

6.8AI Score

0.0004EPSS

2024-06-17 08:15 PM
nvd
nvd

CVE-2024-37891

urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to...

4.4CVSS

0.0004EPSS

2024-06-17 08:15 PM
1
cve
cve

CVE-2024-37891

urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to...

4.4CVSS

4.8AI Score

0.0004EPSS

2024-06-17 08:15 PM
5
debiancve
debiancve

CVE-2024-37891

urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to...

4.4CVSS

4.8AI Score

0.0004EPSS

2024-06-17 08:15 PM
2
debiancve
debiancve

CVE-2024-37890

ws is an open source WebSocket client and server for Node.js. A request with a number of headers exceeding theserver.maxHeadersCount threshold could be used to crash a ws server. The vulnerability was fixed in [email protected] (e55e510) and backported to [email protected] (22c2876), [email protected] (eeb76d3), and...

7.5CVSS

7.5AI Score

0.0004EPSS

2024-06-17 08:15 PM
8
redhatcve
redhatcve

CVE-2021-47460

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 ("fs: Don't invalidate page buffers in block_write_full_page()") uncovered a latent bug in ocfs2 conversion from inline inode format to a normal...

7.5AI Score

0.0004EPSS

2024-06-17 07:21 PM
cvelist
cvelist

CVE-2024-37891 Proxy-Authorization request header isn't stripped during cross-origin redirects in urllib3

urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to...

4.4CVSS

0.0004EPSS

2024-06-17 07:18 PM
11
nvd
nvd

CVE-2024-37661

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect...

0.0004EPSS

2024-06-17 06:15 PM
4
nvd
nvd

CVE-2024-37662

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the...

0.0004EPSS

2024-06-17 06:15 PM
4
cve
cve

CVE-2024-37663

Redmi router RB03 v1.0.57 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect...

6.6AI Score

0.0004EPSS

2024-06-17 06:15 PM
5
nvd
nvd

CVE-2024-37664

Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the...

0.0004EPSS

2024-06-17 06:15 PM
3
cve
cve

CVE-2024-37661

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect...

6.6AI Score

0.0004EPSS

2024-06-17 06:15 PM
6
cve
cve

CVE-2024-37662

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the...

7AI Score

0.0004EPSS

2024-06-17 06:15 PM
6
cve
cve

CVE-2024-37664

Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the...

6.7AI Score

0.0004EPSS

2024-06-17 06:15 PM
5
nvd
nvd

CVE-2024-37663

Redmi router RB03 v1.0.57 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect...

0.0004EPSS

2024-06-17 06:15 PM
3
debiancve
debiancve

CVE-2024-4032

The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and...

6.8AI Score

0.0004EPSS

2024-06-17 03:15 PM
osv
osv

PSF-2024-5

The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and...

6.7AI Score

0.0004EPSS

2024-06-17 03:05 PM
thn
thn

ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models

ASUS has shipped software updates to address a critical security flaw impacting its routers that could be exploited by malicious actors to bypass authentication. Tracked as CVE-2024-3080, the vulnerability carries a CVSS score of 9.8 out of a maximum of 10.0. "Certain ASUS router models have...

9.8CVSS

9.3AI Score

0.001EPSS

2024-06-17 02:39 PM
14
nvd
nvd

CVE-2024-37623

Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the /kaoqin/tpl_kaoqin_locationchange.html...

0.0004EPSS

2024-06-17 02:15 PM
2
cve
cve

CVE-2024-37624

Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the /chajian/inputChajian.php....

6.2AI Score

0.0004EPSS

2024-06-17 02:15 PM
5
cve
cve

CVE-2024-37623

Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the /kaoqin/tpl_kaoqin_locationchange.html...

6.2AI Score

0.0004EPSS

2024-06-17 02:15 PM
4
nvd
nvd

CVE-2024-37624

Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the /chajian/inputChajian.php....

0.0004EPSS

2024-06-17 02:15 PM
1
malwarebytes
malwarebytes

Microsoft Recall delayed after privacy and security concerns

Microsoft has announced it will postpone the broadly available preview of the heavily discussed Recall feature for Copilot+ PCs. Copilot+ PCs are personal computers that come equipped with several artificial intelligence (AI) features. The Recall feature tracks anything from web browsing to voice.....

6.7AI Score

2024-06-17 01:55 PM
2
ibm
ibm

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to libssh, Linux-pam ,Kerberos 5, systemd and idna packages/liberaries.

Summary IBM MQ Operator and Queue manager container images are vulnerable to libssh, Linux-pam ,Kerberos 5, systemd and idna. This bulletin identifies the steps required to address these vulnerabilities Vulnerability Details ** CVEID: CVE-2023-6004 DESCRIPTION: **libssh could allow a local...

5.9CVSS

8.6AI Score

EPSS

2024-06-17 11:59 AM
1
thn
thn

China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices

A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal...

7.9AI Score

2024-06-17 11:59 AM
14
githubexploit
githubexploit

Exploit for CVE-2024-4367

PDF.js Vulnerability Demo Project This project is intended to...

7.2AI Score

2024-06-17 11:39 AM
34
thn
thn

What is DevSecOps and Why is it Essential for Secure Software Delivery?

Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or after a service is deployed), the ensuing process of compiling and fixing vulnerabilities creates massive.....

7.4AI Score

2024-06-17 11:26 AM
4
ibm
ibm

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to issues due to ThreeTen Backport, Apache Commons Configuration, JJWT and Fasterxml jackson-databind

Summary There are vulnerabilities in ThreeTen Backport, Apache Commons Configuration, JJWT and Fasterxml jackson-databind used by Install Agent, Integrated File Agent and Integrated Web Services in IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows....

4.7CVSS

9.1AI Score

0.0004EPSS

2024-06-17 09:29 AM
1
rosalinux
rosalinux

Advisory ROSA-SA-2024-2433

software: emacs 28.1 WASP: ROSA-CHROME package_evr_string: emacs-28.1-5 CVE-ID: CVE-2022-48339 BDU-ID: None CVE-Crit: N/A CVE-DESC.: A problem was discovered in GNU Emacs. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and srcdir...

9.8CVSS

7.9AI Score

0.002EPSS

2024-06-17 09:05 AM
veracode
veracode

User ID Enumeration

silverstripe/framework is vulnerable to user ID Enumeration. The vulnerability is due to differing error messages: non-existent users do not receive a locked out message, which allows an attacker to infer or confirm user details that exist in the member...

6.9AI Score

2024-06-17 07:47 AM
githubexploit
githubexploit

Exploit for CVE-2024-0757

CVE-2024-0757 (Exploit) Description The Insert or Embed...

8.3AI Score

0.0004EPSS

2024-06-17 07:46 AM
35
githubexploit
githubexploit

Exploit for CVE-2023-38831

💥 WinRAR 漏洞说明(CVE-2023-38831) ...

7.8CVSS

7.2AI Score

0.346EPSS

2024-06-17 07:30 AM
37
malwarebytes
malwarebytes

A week in security (June 10 – June 16)

Last week on Malwarebytes Labs: Truist bank confirms data breach Update now! Google Pixel vulnerability is under active exploitation Adobe clarifies Terms of Service change, says it doesn’t train AI on customer content 23andMe data breach under joint investigation in two countries When things go...

7AI Score

2024-06-17 07:03 AM
7
nessus
nessus

RHEL 8 : flatpak (RHSA-2024:3961)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3961 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix(es): * flatpak: sandbox escape via...

8.4CVSS

8.6AI Score

0.0004EPSS

2024-06-17 12:00 AM
openvas
openvas

Ubuntu: Security Advisory (USN-6818-3)

The remote host is missing an update for...

7.8CVSS

8.8AI Score

0.001EPSS

2024-06-17 12:00 AM
2
nessus
nessus

RHEL 8 : firefox (RHSA-2024:3952)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3952 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...

8AI Score

0.0004EPSS

2024-06-17 12:00 AM
nessus
nessus

Debian dla-3835 : roundcube - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3835 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3835-1 [email protected] ...

6.6AI Score

0.0004EPSS

2024-06-17 12:00 AM
1
vulnrichment
vulnrichment

CVE-2024-37661

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect...

6.9AI Score

0.0004EPSS

2024-06-17 12:00 AM
cvelist
cvelist

CVE-2024-37662

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the...

0.0004EPSS

2024-06-17 12:00 AM
cvelist
cvelist

CVE-2024-37664

Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the...

0.0004EPSS

2024-06-17 12:00 AM
packetstorm

7.4AI Score

2024-06-17 12:00 AM
26
nessus
nessus

Ubuntu 23.10 / 24.04 LTS : Rack vulnerabilities (USN-6837-1)

The remote Ubuntu 23.10 / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6837-1 advisory. It was discovered that Rack incorrectly handled Multipart MIME parsing. A remote attacker could possibly use this issue to cause Rack to...

7.5CVSS

7.7AI Score

0.001EPSS

2024-06-17 12:00 AM
nessus
nessus

RHEL 9 : firefox (RHSA-2024:3958)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3958 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...

7.7AI Score

0.0004EPSS

2024-06-17 12:00 AM
nessus
nessus

RHEL 8 : flatpak (RHSA-2024:3962)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3962 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix(es): * flatpak: sandbox escape via...

8.4CVSS

7.4AI Score

0.0004EPSS

2024-06-17 12:00 AM
nessus
nessus

RHEL 9 : firefox (RHSA-2024:3955)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3955 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...

7.7AI Score

0.0004EPSS

2024-06-17 12:00 AM
nessus
nessus

RHEL 8 : firefox (RHSA-2024:3953)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3953 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...

8.2AI Score

0.0004EPSS

2024-06-17 12:00 AM
nessus
nessus

RHEL 7 : linux-firmware (RHSA-2024:3939)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3939 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): * hw:...

8.2CVSS

7.4AI Score

0.0005EPSS

2024-06-17 12:00 AM
vulnrichment
vulnrichment

CVE-2024-37623

Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the /kaoqin/tpl_kaoqin_locationchange.html...

6.2AI Score

0.0004EPSS

2024-06-17 12:00 AM
Total number of security vulnerabilities622243