(RHSA-2024:1644) Important: grafana-pcp security and bug fix update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fix(es): golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA...
7.7AI Score
0.0005EPSS
Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution
The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed. The audacious supply chain compromise, tracked as CVE-2024-3094 (CVSS score: 10.0),...
10CVSS
9.9AI Score
0.133EPSS
Exploit for Embedded Malicious Code in Tukaani Xz
Description Malicious code was discovered in the upstream...
10CVSS
9.5AI Score
0.133EPSS
RHEL 8 : grafana-pcp (RHSA-2024:1644)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:1644 advisory. The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace...
7.5CVSS
7.9AI Score
0.0005EPSS
CentOS 8 : curl (CESA-2024:1601)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:1601 advisory. An information disclosure vulnerability exists in...
6.5CVSS
8.2AI Score
0.001EPSS
Important: grafana-pcp security and bug fix update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fix(es): golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA...
7.5CVSS
7.6AI Score
0.0005EPSS
SuperSize Me By Floser Bacurio Jr., Bernadette Canubas, Michaelo Oliveros · April 02, 2024 Introduction Cyber attackers are always finding new ways to outsmart security systems and distribute malware effectively. We discovered an interesting detection evasion technique of delivering archive files.....
7.2AI Score
Tukaani Project XZ Utils Backdoor (Feb/Mar 2024)
The XZ Utils of the Tukaani Project have been backdoored by an unknown threat actor in February and March...
10CVSS
9.8AI Score
0.133EPSS
Important: grafana-pcp security and bug fix update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fix(es): golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA...
7.5CVSS
7.5AI Score
0.0005EPSS
XZ is vulnerable to Injected Malicious Code. Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which.....
10CVSS
7.1AI Score
0.133EPSS
Exploit for Embedded Malicious Code in Tukaani Xz
CVE-2024-3094 Malicious code was discovered in the upstream...
10CVSS
9.8AI Score
0.133EPSS
Ross Anderson unexpectedly passed away Thursday night in, I believe, his home in Cambridge. I can't remember when I first met Ross. Of course it was before 2008, when we created the Security and Human Behavior workshop. It was well before 2001, when we created the Workshop on Economics and...
7.2AI Score
This vulnerability allows local attackers to escalate privileges on affected installations of Flexera Software FlexNet Publisher. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...
7.5AI Score
EPSS
K000139141 : liblzma vulnerability CVE-2024-3094
Security Advisory Description Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to....
10CVSS
9.3AI Score
0.133EPSS
GLSA-202403-04 : XZ utils: Backdoor in release tarballs
The remote host is affected by the vulnerability described in GLSA-202403-04 (XZ utils: Backdoor in release tarballs) Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a...
10CVSS
9.6AI Score
0.133EPSS
JFrog Artifactory prior to version 7.76.2 is vulnerable to Arbitrary File Write of untrusted data, which may lead to DoS or Remote Code Execution when a specially crafted series of requests is sent by an authenticated user. This is due to insufficient validation of...
7.2CVSS
7.6AI Score
0.0004EPSS
Exploit for Embedded Malicious Code in Tukaani Xz
CVE-2024-3094 Malicious code was discovered in the upstream...
10CVSS
9.8AI Score
0.133EPSS
7.3AI Score
Urgent: Secret Backdoor Found in XZ Utils Library, Impacts Major Linux Distros
Red Hat on Friday released an "urgent security alert" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access. The software supply chain compromise, tracked as...
10CVSS
9.5AI Score
0.133EPSS
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in.....
10CVSS
9.6AI Score
0.133EPSS
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in.....
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in.....
10CVSS
9.3AI Score
0.133EPSS
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in.....
10CVSS
9.5AI Score
0.133EPSS
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions...
10CVSS
9.4AI Score
0.133EPSS
CVE-2024-3094 Xz: malicious code in distributed source
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in.....
10CVSS
9.5AI Score
0.133EPSS
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in.....
10CVSS
9.4AI Score
0.133EPSS
Dormakaba Locks Used in Millions of Hotel Rooms Could Be Cracked in Seconds
Security vulnerabilities discovered in Dormakaba's Saflok electronic RFID locks used in hotels could be weaponized by threat actors to forge keycards and stealthily slip into locked rooms. The shortcomings have been collectively named Unsaflok by researchers Lennert Wouters, Ian Carroll, rqu,...
7.7AI Score
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in.....
10CVSS
9.3AI Score
0.133EPSS
7.4AI Score
[ASA-202403-1] xz: arbitrary code execution
Arch Linux Security Advisory ASA-202403-1 Severity: Critical Date : 2024-03-29 CVE-ID : CVE-2024-3094 Package : xz Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-2851 Summary The package xz before version 5.6.1-2 is vulnerable to arbitrary code...
10CVSS
7.2AI Score
0.133EPSS
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in.....
10CVSS
9.6AI Score
0.133EPSS
Security Bulletin: Vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches.
Summary Public disclosed OpenSSL vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches. The vulnerability has been addressed and can be resolved by applying the NX-OS code level listed below. Vulnerability Details ** CVEID: CVE-2023-0464 DESCRIPTION: **OpenSSL is...
7.5CVSS
7AI Score
0.003EPSS
Security Bulletin: Vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches.
Summary Public disclosed OpenSSL vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches. The vulnerability has been addressed and can be resolved by applying the NX-OS code level listed below. Vulnerability Details ** CVEID: CVE-2023-0466 DESCRIPTION: **OpenSSL could allow...
5.3CVSS
7AI Score
0.001EPSS
Stories from the SOC Part 1: IDAT Loader to BruteRatel
Rapid7’s Managed Detection and Response (MDR) team continuously monitors our customers' environments, identifying emerging threats and developing new detections. In August 2023, Rapid7 identified a new malware loader named the IDAT Loader. Malware loaders are a type of malicious software designed.....
8.1AI Score
Welcome to this week's threat source newsletter with Jon out, you've got me as your substitute teacher. I'm taking you back to those halcyon days of youth and that moment when you found out that you had a sub that day, will I be the teacher that just rolls in the TV cart and delivers the single...
7.7AI Score
From ChatBot To SpyBot: ChatGPT Post Exploitation
In the second installment of our blog post series on ChatGPT, we delve deeper into the security implications that come with the integration of AI into our daily routines. Building on the discoveries shared in our initial post, "XSS Marks the Spot: Digging Up Vulnerabilities in ChatGPT," where we...
6.1AI Score
Hardware Vulnerability in Apple’s M-Series Chips
It's yet another hardware side-channel attack: The threat resides in the chips’ data memory-dependent prefetcher, a hardware optimization that predicts the memory addresses of data that running code is likely to access in the near future. By loading the contents into the CPU cache before it’s...
7AI Score
7.4AI Score
EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaFirefox (SUSE-SU-2024:1002-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1002-1 advisory. NSS was susceptible to a timing side-channel attack when performing RSA decryption. This...
7.5CVSS
8.6AI Score
0.001EPSS
7.4AI Score
7.4AI Score
A vulnerability in Cisco IOS Software for Cisco Catalyst 6000 Series Switches could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly. This vulnerability is due to improper handling of process-switched traffic. An attacker could exploit this...
7.4CVSS
7.3AI Score
0.0004EPSS
A vulnerability in Cisco IOS Software for Cisco Catalyst 6000 Series Switches could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly. This vulnerability is due to improper handling of process-switched traffic. An attacker could exploit this...
7.4CVSS
6.8AI Score
0.0004EPSS
A vulnerability in Cisco IOS Software for Cisco Catalyst 6000 Series Switches could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly. This vulnerability is due to improper handling of process-switched traffic. An attacker could exploit this...
7.4CVSS
7.5AI Score
0.0004EPSS
Cisco IOS Software for Catalyst 6000 Series Switches Denial of Service Vulnerability
A vulnerability in Cisco IOS Software for Cisco Catalyst 6000 Series Switches could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly. This vulnerability is due to improper handling of process-switched traffic. An attacker could exploit this...
6.9AI Score
0.0004EPSS
An issue in MiniZinc before 2.8.0 allows a NULL pointer dereference via ti_expr in a crafted .mzn file. NOTE: this is disputed because there is no common libminizinc use case in which an unattended process is supposed to run forever to process a series of atttacker-controlled .mzn...
6.6AI Score
0.0004EPSS
An issue in MiniZinc before 2.8.0 allows a NULL pointer dereference via ti_expr in a crafted .mzn file. NOTE: this is disputed because there is no common libminizinc use case in which an unattended process is supposed to run forever to process a series of atttacker-controlled .mzn...
7.1AI Score
0.0004EPSS
An issue in MiniZinc before 2.8.0 allows a NULL pointer dereference via ti_expr in a crafted .mzn file. NOTE: this is disputed because there is no common libminizinc use case in which an unattended process is supposed to run forever to process a series of atttacker-controlled .mzn...
6.3AI Score
0.0004EPSS
A vulnerability exists in the stb-language file handling that affects the RTU500 series product versions listed below. A malicious actor could enforce diagnostic texts being displayed as empty strings, if an authorized user uploads a specially crafted stb-language...
6.8CVSS
6.8AI Score
0.0004EPSS
A vulnerability exists in the stb-language file handling that affects the RTU500 series product versions listed below. A malicious actor could enforce diagnostic texts being displayed as empty strings, if an authorized user uploads a specially crafted stb-language...
6.8CVSS
6.6AI Score
0.0004EPSS