HPE Superdome Flex Servers; HPE Superdome Flex 280 Servers Security Vulnerabilities

Exploit for CVE-2024-24919

Mass Auto Scanner for CVE-2024-24919 This script is designed to...

New banking trojan “CarnavalHeist” targets Brazil with overlay attacks

Since February 2024, Cisco Talos has been observing an active campaign targeting Brazilian users with a new banking trojan called "CarnavalHeist." Many of the observed tactics, techniques and procedures (TTPs) are common among other banking trojans coming out of Brazil. This family has also been...

nginx 1.1.x < 1.1.19 / 1.0.x < 1.0.15 A Buffer Overflow Vulnerability

According to its Sever response header, the installed version of nginx is 1.0.x prior to 1.0.15 or 1.1.x prior to 1.1.19. It is, therefore, affected by the following issue : Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3...

TeamCity Server < 2023.5.6 XSS Vulnerability

According to its its self-reported version number, the version of JetBrains TeamCity running on the remote host is a version prior to 2023.5.6 It is, therefore, affected by a reflected XSS on the subscriptions page is possible Note that Nessus did not actually test for these issues, but instead...

CVE-2024-36020

In the Linux kernel, the following vulnerability has been resolved: i40e: fix vf may be used uninitialized in this function warning To fix the regression introduced by commit 52424f974bc5, which causes servers hang in very hard to reproduce conditions with resets races. Using two sources for the...

Amazon Linux 2 : java-11-openjdk (ALASJAVA-OPENJDK11-2024-009)

The version of java-11-openjdk installed on the remote host is prior to 11.0.13.0.8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2JAVA-OPENJDK11-2024-009 advisory. Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE...

TeamCity Server Multiple Vulnerabilities (CVE-2024-36362 / CVE-2024-36365)

According to its its self-reported version number, the version of JetBrains TeamCity running on the remote host is a version prior to 2024.3.2, prior to 2023.11.5, prior to 2023.5.6, prior to 2022.10.6, prior to 2022.04.7. It is, therefore, affected by multiple vulnerabilities: Path traversal...

Nginx 1.25.0 - 1.26.0 Multiple HTTP/3 Vulnerabilities

Nginx is prone to multiple HTTP/3...

Amazon Linux 2 : golang (ALAS-2024-2554)

The version of golang installed on the remote host is prior to 1.22.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2554 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of...

TeamCity Server < 2024.3.2 Multiple Vulnerabilities

According to its its self-reported version number, the version of JetBrains TeamCity running on the remote host is a version prior to 2024.3.2 It is, therefore, affected by multiple vulnerabilities: Users can perform actions that should not be available to them based on their permissions...

CVE-2024-35228

Wagtail is an open source content management system built on Django. Due to an improperly applied permission check in the wagtail.contrib.settings module, a user with access to the Wagtail admin and knowledge of the URL of the edit view for a settings model can access and update that setting, even....

CVE-2024-36020

In the Linux kernel, the following vulnerability has been resolved: i40e: fix vf may be used uninitialized in this function warning To fix the regression introduced by commit 52424f974bc5, which causes servers hang in very hard to reproduce conditions with resets races. Using two sources for the...

CVE-2024-35228 Improper Handling of Insufficient Permissions in Wagtail

Wagtail is an open source content management system built on Django. Due to an improperly applied permission check in the wagtail.contrib.settings module, a user with access to the Wagtail admin and knowledge of the URL of the edit view for a settings model can access and update that setting, even....

Attackers are impersonating a road toll payment processor across the U.S. in phishing attacks

My wife (no stranger to weird types of scams) recently received a fake text message from someone claiming to be New Jersey's E-ZPass program saying that she had an outstanding balance from highway tolls that she owed, prompting her to visit a site so she could pay and avoid additional fines. There....

CVE-2024-24919: Check Point Security Gateway Information Disclosure

On May 28, 2024, Check Point published an advisory for CVE-2024-24919, a high-severity information disclosure vulnerability affecting Check Point Security Gateway devices configured with either the “IPSec VPN” or “Mobile Access” software blade. On May 29, 2024, security firm mnemonic published...

‘Operation Endgame’ Hits Malware Delivery Platforms

Law enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware. Dubbed "the largest ever operation against botnets," the international effort.....

CVE-2024-36020 i40e: fix vf may be used uninitialized in this function warning

In the Linux kernel, the following vulnerability has been resolved: i40e: fix vf may be used uninitialized in this function warning To fix the regression introduced by commit 52424f974bc5, which causes servers hang in very hard to reproduce conditions with resets races. Using two sources for the...

Symfony Cross-Site Request Forgery vulnerability in the Web Profiler

All 2.0.X, 2.1.X, 2.2.X, 2.3.X, 2.4.X, and 2.5.X versions of the Symfony WebProfiler bundle are affected by this security issue. This issue has been fixed in Symfony 2.3.19, 2.4.9, and 2.5.4. Note that no fixes are provided for Symfony 2.0, 2.1, and 2.2 as they are not maintained anymore....

Symfony Cross-Site Request Forgery vulnerability in the Web Profiler

All 2.0.X, 2.1.X, 2.2.X, 2.3.X, 2.4.X, and 2.5.X versions of the Symfony WebProfiler bundle are affected by this security issue. This issue has been fixed in Symfony 2.3.19, 2.4.9, and 2.5.4. Note that no fixes are provided for Symfony 2.0, 2.1, and 2.2 as they are not maintained anymore....

Headerpwn - A Fuzzer For Finding Anomalies And Analyzing How Servers Respond To Different HTTP Headers

Install To install headerpwn, run the following command: go install github.com/devanshbatham/[email protected] Usage headerpwn allows you to test various headers on a target URL and analyze the responses. Here's how to use the tool: Provide the target URL using the -url flag. Create a file...

(RHSA-2024:3497) Important: edk2 security update

EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es): edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message (CVE-2023-45234) edk2: Buffer...

LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader

By Anna Bennett, Nicole Hoffman, Asheer Malhotra, Sean Taylor and Brandon White. Cisco Talos is disclosing a new suspected data theft campaign, active since at least 2021, we attribute to an advanced persistent threat actor (APT) we're calling "LilacSquid." LilacSquid's victimology includes a...

Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2024-1722)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2024-1733)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1712)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1723)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP12 : docker-engine (EulerOS-SA-2024-1738)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1761)

The remote host is missing an update for the Huawei...

RHEL 8 : edk2 (RHSA-2024:3497)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3497 advisory. EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1738)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP12 : docker-engine (EulerOS-SA-2024-1761)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service...

Nautobot dynamic-group-members doesn't enforce permission restrictions on member objects

Impact What kind of vulnerability is it? Who is impacted? A user with permissions to view Dynamic Group records (extras.view_dynamicgroup permission) can use the Dynamic Group detail UI view (/extras/dynamic-groups/&lt;uuid&gt;/) and/or the members REST API view...

2024 Cybersecurity Trends: What’s Observable Already?

2024 has already witnessed a staggering number of cyber incidents, with over 29.5 billion records breached across 4,645 publicly disclosed incidents in January alone, according to the IT Governance Security Spotlight. Moreover, CVEs are growing significantly year over year, with 13% growth from...

Security Bulletin: IBM Truststore Manager uses cryptography-41.0.4-cp37-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2023-50782

Summary IBM Truststore Manager uses cryptography-41.0.4-cp37-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2023-50782. This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details ** CVEID: CVE-2023-50782 DESCRIPTION: **Python Cryptographic.....

BIT-argo-cd-2024-31989

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS...

Security Bulletin: IBM Maximo Application Suite uses cryptography-41.0.2-cp37-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2023-50782

Summary IBM Maximo Application Suite uses cryptography-41.0.2-cp37-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2023-50782. This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details ** CVEID: CVE-2023-50782 DESCRIPTION: **Python...

EulerOS Virtualization 2.11.1 : bind (EulerOS-SA-2024-1712)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It...

TeamCity Server < 2023.11.0 Restore From Backup XSS

According to its its self-reported version number, the version of JetBrains TeamCity running on the remote host is a version prior to 2023.11.0. It is, therefore, affected by Cross Side Scripting Vulnerability during a Restore from Backup. Note that Nessus did not actually test for these issues,...

EulerOS Virtualization 2.11.1 : edk2 (EulerOS-SA-2024-1722)

According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via...

EulerOS Virtualization 2.11.0 : bind (EulerOS-SA-2024-1723)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It...

EulerOS Virtualization 2.11.0 : edk2 (EulerOS-SA-2024-1733)

According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via...

CVE-2024-36112 Nautobot dynamic-group-members doesn't enforce permission restrictions on member objects

Nautobot is a Network Source of Truth and Network Automation Platform. A user with permissions to view Dynamic Group records (extras.view_dynamicgroup permission) can use the Dynamic Group detail UI view (/extras/dynamic-groups/&lt;uuid&gt;/) and/or the members REST API view...

Exploit for CVE-2024-4956

Servers vulnerable to...

Treasury Sanctions Creators of 911 S5 Proxy Botnet

The U.S. Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5, an online anonymity service that for many years was the easiest and cheapest way to route one's Web traffic through malware-infected computers around the globe....

Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data

Summary IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID:...

(RHSA-2024:3426) Important: varnish:6 security update

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fix(es): varnish:6: HTTP/2 Broken Window Attack may result in denial of service...

(RHSA-2024:3417) Moderate: mod_http2 security update

The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. Security Fix(es): httpd: CONTINUATION frames DoS (CVE-2024-27316,VU#421644.4) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and...

(RHSA-2024:3402) Moderate: mod_http2 security update

The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. Security Fix(es): httpd: CONTINUATION frames DoS (CVE-2024-27316,VU#421644.4) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and...

Trusted relationship attacks: trust, but verify

IT outsourcing market continues to demonstrate strong growth globally – such services are becoming increasingly popular. But along with the advantages, such as saved time and resources, delegating non-core tasks creates new challenges in terms of information security. By providing third-party...

Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2024-629)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-629 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and...