Job Manager & Career Security Vulnerabilities

How Did Authorities Identify the Alleged Lockbit Boss?

Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit's leader "LockBitSupp" claims the feds named the wrong guy, saying the charges don't explain how...

CVE-2024-35166 WordPress FileBird – WordPress Media Library Folders & File Manager plugin <= 5.6.3 - Sensitive Data Exposure vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team Filebird.This issue affects Filebird: from n/a through...

CVE-2024-34416 WordPress Pk Favicon Manager plugin <= 2.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Pk Favicon Manager.This issue affects Pk Favicon Manager: from n/a through...

Security Bulletin: WebSphere Application Server is shipped with IBM Tivoli System Automation Application Manager is vulnerable to a denial of service. (CVE-2024-25026)

Summary WebSphere Application Server is shipped with IBM Tivoli System Automation Application Manager is vulnerable to a denial of service. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to...

K000139592: libxml2 vulnerability CVE-2023-29469

Security Advisory Description An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs...

Apache mod_proxy_cluster - Stored XSS

...

Apache mod_proxy_cluster - Stored XSS Exploit

...

SUSE: Security Advisory (SUSE-SU-2024:1598-1)

The remote host is missing an update for...

K000139590: MySQL Server vulnerabilities CVE-2024-20994, CVE-2024-21015, CVE-2024-21050, and CVE-2024-21057

Security Advisory Description CVE-2024-20994 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with...

RHEL 8 : nettle (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. nettle: Leaky data conversion exposing a manager oracle (CVE-2018-16869) Note that Nessus has not tested for this...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : less (SUSE-SU-2024:1598-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:1598-1 advisory. less through 653 allows OS command execution via a newline character in the name of a file, because ...

RHEL 7 : squid (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. squid: Information disclosure in Collapsed forwarding (CVE-2016-10003) This vulnerability allows remote...

RHEL 7 : docker (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. docker: IPv6 router advertisements allow for MitM attacks (CVE-2020-13401) docker: cli leaks private...

RHEL 6 : squid (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. squid: Heap overflow issue in URN processing (CVE-2019-12526) squid: Buffer overflow in reverse-proxy...

RHEL 5 : openssh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openssh: possible fallback from untrusted to trusted X11 forwarding (CVE-2016-1908) Untrusted search...

RHEL 5 : imagemagick (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ImageMagick: Insufficient shell characters filtering (CVE-2016-3714) ImageMagick: use-after-free in...

RHEL 5 : mozilla (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Mozilla: Sandbox escape with improperly separated process types (CVE-2020-12389) Mozilla: Memory safety...

RHEL 4 : openssh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openssh: loading of untrusted PKCS#11 modules in ssh-agent (CVE-2016-10009) openssh: Bounds check can be...

RHEL 7 : node-fetch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235) Note that Nessus has not...

RHEL 7 : 389-ds-base (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. 389-ds-base: access control bypass by query (filter in LDAP terms) optimiser (CVE-2022-1949) 389-ds-base...

RHEL 8 : squid (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. squid: exposure of sensitive information in cache manager (CVE-2022-41317) Note that Nessus has not tested for this...

RHEL 9 : squid (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. squid: exposure of sensitive information in cache manager (CVE-2022-41317) Note that Nessus has not tested for this...

RHEL 6 : 389-ds-base (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. 389-ds-base: Password brute-force possible for locked account due to different return codes ...

RHEL 6 : cups (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. cups: stack-buffer-overflow in libcups's asn1_get_packed function (CVE-2019-8696) A...

RHEL 6 : mozilla (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Mozilla: Stack overflow due to incorrect parsing of SMTP server response codes (CVE-2020-26970) Mozilla:...

RHEL 8 : node-fetch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235) Note that Nessus has not...

RHEL 6 : imagemagick (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ImageMagick: use-after-free in MngInfoDiscardObject in coders/png.c (CVE-2019-19952) Heap-based buffer...

RHEL 5 : subscription-manager (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. subscription-manager: sensitive world readable files in /var/lib/rhsm/ (CVE-2016-4455) Note that Nessus has not...

RHEL 6 : openssh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openssh: loading of untrusted PKCS#11 modules in ssh-agent (CVE-2016-10009) openssh: scp allows command...

RHEL 5 : kernel (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c ...

RHEL 6 : samba (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. samba: Active Directory (AD) domain user could become root on domain members (CVE-2020-25717) samba:...

RHEL 6 : kernel (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: Buffer overflow due to unbounded strcpy in ISDN I4L driver (CVE-2017-12762) kernel: lack of port...

RHEL 7 : jetty (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jetty: Timing channel attack in util/security/Password.java (CVE-2017-9735) jetty: crafted URIs allow...

RHEL 7 : samba (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. samba: Symlink race error can allow directory creation outside of the exported share (CVE-2021-43566) ...

RHEL 7 : nettle (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. nettle: Leaky data conversion exposing a manager oracle (CVE-2018-16869) A flaw was found in the way...

RHEL 5 : squid (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code ...

Security Bulletin: User Behavior Analytics application add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. IBM has addressed these vulnerabilities with an update. Vulnerability Details ** CVEID: CVE-2023-41419 DESCRIPTION: **Gevent could allow a remote attacker to...

Important: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

libreoffice security update

An update is available for libreoffice. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibreOffice is an open source, community-developed office productivity...

sushi bug fix update

An update is available for sushi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Sushi is a quick file previewer for Nautilus, the GNOME desktop file manager......

gnome-shell, gnome-menus, and gnome-shell-extensions bug fix update

An update is available for gnome-menus, gnome-shell, gnome-shell-extensions. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GNOME Shell acts as a compositing...

systemd security update

An update is available for systemd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The systemd packages contain systemd, a system and service manager for...

Moderate: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

BIG-IP Next Central Manager Flaws Lead To Administrative Control

...

Dell notifies customers about data breach

Dell is warning its customers about a data breach after a cybercriminal offered a 49 million-record database of information about Dell customers on a cybercrime forum. A cybercriminal called Menelik posted the following message on the “Breach Forums” site: “The data includes 49 million customer...

CVE-2024-4129 Authentication bypass in Snow License Manager

Improper Authentication vulnerability in Snow Software AB Snow License Manager on Windows allows a networked attacker to perform an Authentication Bypass if Active Directory Authentication is enabled.This issue affects Snow License Manager: from 9.33.2 through...

K000139579: Node.js vulneraility CVE-2024-21891

Security Advisory Description Node.js depends on multiple built-in utility functions to normalize paths provided to node:fs functions, which can be overwitten with user-defined implementations leading to filesystem permission model bypass through path traversal attack. This vulnerability affects...

K000139570: UNIX CPIO vulnerability CVE-2023-7216

Security Advisory Description A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended...

K000139573: node.js vulnerability CVE-2024-22017

Security Advisory Description setuid() does not affect libuv's internal io_uring operations if initialized before the call to setuid(). This allows the process to perform privileged operations despite presumably having dropped such privileges through a call to setuid(). This vulnerability affects.....

K000139577: Node.js vulnerability CVE-2024-21890

Security Advisory Description The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: --allow-fs-read=/home/node/.ssh/*.pub will ignore pub and give access to everything after .ssh/. This misleading...