Lucene search

K

MAX PRESENCE,TP3106,TP3206 Security Vulnerabilities

cisco
cisco

Cisco Emergency Responder Static Credentials Vulnerability

A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. This vulnerability is due to the presence of static user credentials for the....

7.6AI Score

0.001EPSS

2023-10-04 04:00 PM
18
rapid7blog
rapid7blog

CVE-2023-22515: Zero-Day Privilege Escalation in Confluence Server and Data Center

On October 4, 2023, Atlassian published a security advisory on CVE-2023-22515, a critical vulnerability affecting on-premises instances of Confluence Server and Confluence Data Center. CVE-2023-22515 was originally announced as a privilege escalation vulnerability, but was later changed to a...

9.8CVSS

7.8AI Score

0.973EPSS

2023-10-04 03:28 PM
49
thn
thn

Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via SQL Server Instance

Microsoft has detailed a new campaign in which attackers unsuccessfully attempted to move laterally to a cloud environment through an SQL Server instance. "The attackers initially exploited a SQL injection vulnerability in an application within the target's environment," security researchers...

8.2AI Score

2023-10-04 10:18 AM
32
thn
thn

Looney Tunables: New Linux Flaw Enables Privilege Escalation on Major Distributions

A new Linux security vulnerability dubbed Looney Tunables has been discovered in the GNU C library's ld.so dynamic loader that, if successfully exploited, could lead to a local privilege escalation and allow a threat actor to gain root privileges. Tracked as CVE-2023-4911 (CVSS score: 7.8), the...

7.8CVSS

7.9AI Score

0.97EPSS

2023-10-04 07:21 AM
196
qualysblog
qualysblog

CVE-2023-4911: Looney Tunables – Local Privilege Escalation in the glibc’s ld.so

The Qualys Threat Research Unit (TRU) has discovered a buffer overflow vulnerability in GNU C Library's dynamic loader's processing of the GLIBC_TUNABLES environment variable. We have successfully identified and exploited this vulnerability (a local privilege escalation that grants full root...

7.8CVSS

7.8AI Score

0.014EPSS

2023-10-03 05:21 PM
121
malwarebytes
malwarebytes

Meta is using your public Facebook and Instagram posts to train its AI

Post anything publicly on Facebook and Instagram? Meta has likely been using those posts to train its AI, according to the company's top policy executive. In an interview with Reuters, Meta President of Global Affairs Nick Clegg said the company used the public posts to train the LLM (large...

6.7AI Score

2023-10-03 01:00 AM
4
wordfence
wordfence

Know your Malware – A Beginner’s Guide to Encoding Techniques Used to Obfuscate Malware

With the launch of Wordfence CLI, our high performance security scanner that can detect the vast majority of PHP malware targeting WordPress, Wordfence continues to emphasize the importance of malware detection and remediation. Malware targeting WordPress uses a variety of obfuscation techniques...

7.4AI Score

2023-10-02 03:38 PM
19
thn
thn

LUCR-3: Scattered Spider Getting SaaS-y in the Cloud

LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages the Identity Provider (IDP) as initial access into an environment with the goal of stealing Intellectual Property (IP) for extortion. LUCR-3 targets Fortune....

7.7AI Score

2023-10-02 11:21 AM
32
nuclei
nuclei

Milesight Routers - Information Disclosure

A critical security vulnerability has been identified in Milesight Industrial Cellular Routers, compromising the security of sensitive credentials and permitting unauthorized access. This vulnerability stems from a misconfiguration that results in directory listing being enabled on the router...

7.5CVSS

7.8AI Score

0.007EPSS

2023-10-02 08:21 AM
12
githubexploit
githubexploit

Exploit for PHP External Variable Modification in Juniper Junos

CVE-2023-36845 Vulnerability Detector ![CVE...

9.8CVSS

9.2AI Score

0.966EPSS

2023-10-01 06:05 PM
222
githubexploit
githubexploit

Exploit for Insertion of Sensitive Information into Log File in Milesight Ur5X Firmware

CVE-2023-43261 - PoC Critical Vulnerability Exposes...

7.5CVSS

7.9AI Score

0.007EPSS

2023-09-28 08:45 AM
122
nvd
nvd

CVE-2023-20034

Vulnerability in the Elasticsearch database used in the of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to access the Elasticsearch configuration database of an affected device with the privileges of the elasticsearch user. These vulnerability is due to the...

7.5CVSS

7.6AI Score

0.001EPSS

2023-09-27 06:15 PM
cve
cve

CVE-2023-20034

Vulnerability in the Elasticsearch database used in the of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to access the Elasticsearch configuration database of an affected device with the privileges of the elasticsearch user. These vulnerability is due to the...

7.5CVSS

7.5AI Score

0.001EPSS

2023-09-27 06:15 PM
30
prion
prion

Design/Logic Flaw

Vulnerability in the Elasticsearch database used in the of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to access the Elasticsearch configuration database of an affected device with the privileges of the elasticsearch user. These vulnerability is due to the...

7.5CVSS

7.5AI Score

0.001EPSS

2023-09-27 06:15 PM
2
cvelist
cvelist

CVE-2023-20034

Vulnerability in the Elasticsearch database used in the of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to access the Elasticsearch configuration database of an affected device with the privileges of the elasticsearch user. These vulnerability is due to the...

7.5CVSS

7.8AI Score

0.001EPSS

2023-09-27 05:12 PM
ics
ics

People's Republic of China-Linked Cyber Actors Hide in Router Firmware

Executive Summary The United States National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Japan National Police Agency (NPA), and the Japan National Center of Incident Readiness and Strategy for...

9.8AI Score

2023-09-27 12:00 PM
32
securelist
securelist

QR codes in email phishing

QR codes are everywhere: you can see them on posters and leaflets, ATM screens, price tags and merchandise, historical buildings and monuments. People use them to share information, promote various online resources, pay for their goodies, and pass verification. And yet you don't see lots of QR...

7.1AI Score

2023-09-27 10:00 AM
12
malwarebytes
malwarebytes

Malwarebytes MDR wins G2 awards for "Best ROI," "Easiest to Use," and more

Malwarebytes Managed Detection and Response (MDR) earned a placed in 12 new reports on G2's Fall 2023 reports, winning badges for "Easiest to do Business With," "Best Est. ROI," "Easiest to Use," and "Easiest Admin." Purpose-built for resource constrained teams, Malwarebytes MDR provides IT staff.....

6.9AI Score

2023-09-27 09:00 AM
8
hivepro
hivepro

New Variant of RedLine Stealer Uses Batch Script to Evade Detection

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new variant of RedLine Stealer that is being distributed as a batch script file. This new variant of RedLine Stealer is more sophisticated than previous versions and uses a number of techniques to evade....

6.9AI Score

2023-09-27 06:06 AM
9
nessus
nessus

Amazon Linux 2 : firefox (ALASFIREFOX-2023-009)

The version of firefox installed on the remote host is prior to 102.5.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2023-009 advisory. Service Workers should not be able to infer information about opaque cross-origin responses; but timing ...

9.8CVSS

7.8AI Score

0.002EPSS

2023-09-27 12:00 AM
4
nessus
nessus

Amazon Linux 2 : ecs-service-connect-agent (ALASECS-2023-007)

The version of ecs-service-connect-agent installed on the remote host is prior to v1.27.0.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2023-007 advisory. Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1,...

9.8CVSS

7.5AI Score

0.001EPSS

2023-09-27 12:00 AM
13
qualysblog
qualysblog

Qualys Survey of Top 10 Exploited Vulnerabilities in 2023

The Qualys Threat Research Unit (TRU) has thoroughly analyzed vulnerabilities reported in 2023. Our comprehensive study assesses factors including weaponization status, existence in the CISA KEV, instances or usage of malware and ransomware, trending vulnerabilities, various scoring metrics, and...

9.8CVSS

9.8AI Score

0.971EPSS

2023-09-26 01:04 PM
106
talosblog
talosblog

ICS protocol coverage using Snort 3 service inspectors

With more devices on operational technology (OT) networks now getting connected to wide-reaching IT networks, it is more important than ever to have effective detection capabilities for ICS protocols. However, there are a few issues that usually arise when creating detection for ICS protocol...

7.1AI Score

2023-09-26 12:00 PM
10
hivepro
hivepro

Hive Pro Partners with Tech Titan to Fortify Cybersecurity Landscape in Southeast Asia

HERNDON, VA., Sept. 26, 2023 - Hive Pro®, a pioneer vendor in Threat Exposure Management, is thrilled to announce a strategic partnership with Tech Titan Group, a leading IT Solutions Provider renowned for its innovation-driven approach and dedication to addressing evolving customer needs across...

6.7AI Score

2023-09-26 05:15 AM
16
talos
talos

Accusoft ImageGear tif_processing_dng_channel_count stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1742 Accusoft ImageGear tif_processing_dng_channel_count stack-based buffer overflow vulnerability September 25, 2023 CVE Number CVE-2023-28393 SUMMARY A stack-based buffer overflow vulnerability exists in the tif_processing_dng_channel_count functionality of.....

8.8CVSS

7.2AI Score

0.001EPSS

2023-09-25 12:00 AM
9
talos
talos

Accusoft ImageGear tiff_planar_adobe out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1750 Accusoft ImageGear tiff_planar_adobe out-of-bounds write vulnerability September 25, 2023 CVE Number CVE-2023-32284 SUMMARY An out-of-bounds write vulnerability exists in the tiff_planar_adobe functionality of Accusoft ImageGear 20.1. A specially crafted.....

9.8CVSS

7.2AI Score

0.001EPSS

2023-09-25 12:00 AM
12
thn
thn

Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics

Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign. "Deadglyph's architecture is unusual as it consists of cooperating components – one a native x64 binary,.....

7.8CVSS

7.8AI Score

0.001EPSS

2023-09-23 11:10 AM
156
thn
thn

New Variant of Banking Trojan BBTok Targets Over 40 Latin American Banks

An active malware campaign targeting Latin America is dispensing a new variant of a banking trojan called BBTok, particularly users in Brazil and Mexico. "The BBTok banker has a dedicated functionality that replicates the interfaces of more than 40 Mexican and Brazilian banks, and tricks the...

7.3AI Score

2023-09-22 02:48 PM
12
spring
spring

Simplified Event Externalization with Spring Modulith

Transactional service methods are a common pattern in Spring applications. These methods trigger a state transition important to the business. This usually involves a core domain abstraction, such as an aggregate and its corresponding repository. A stereotypical example of such an arrangement...

6.8AI Score

2023-09-22 12:00 AM
18
github
github

Passkeys are generally available

Passkeys are a new form of sign-in and phishing resistant credential that make it easier to protect your GitHub account by reducing use of passwords and other, more easily phishable authentication methods. Since the launch of passkeys in beta in July, tens of thousands of developers have adopted...

6.8AI Score

2023-09-21 04:00 PM
13
securelist
securelist

Overview of IoT threats in 2023

IoT devices (routers, cameras, NAS boxes, and smart home components) multiply every year. Statista portal predicts their number will exceed 29 billion by 2030. As connected device numbers increase, so does the need for protection against various threats. The first-ever large-scale malware attacks.....

9.1CVSS

8.1AI Score

0.571EPSS

2023-09-21 10:00 AM
21
thn
thn

Ukrainian Hacker Suspected to be Behind "Free Download Manager" Malware Attack

The maintainers of Free Download Manager (FDM) have acknowledged a security incident dating back to 2020 that led to its website being used to distribute malicious Linux software. "It appears that a specific web page on our site was compromised by a Ukrainian hacker group, exploiting it to...

6.4AI Score

2023-09-21 08:48 AM
39
nvd
nvd

CVE-2023-43635

Vault Key Sealed With SHA1 PCRs The measured boot solution implemented in EVE OS leans on a PCR locking mechanism. Different parts of the system update different PCR values in the TPM, resulting in a unique value for each PCR entry. These PCRs are then used in order to seal/unseal a key from the...

8.8CVSS

8.7AI Score

0.0004EPSS

2023-09-20 03:15 PM
cve
cve

CVE-2023-43635

Vault Key Sealed With SHA1 PCRs The measured boot solution implemented in EVE OS leans on a PCR locking mechanism. Different parts of the system update different PCR values in the TPM, resulting in a unique value for each PCR entry. These PCRs are then used in order to seal/unseal a key from the...

8.8CVSS

8.6AI Score

0.0004EPSS

2023-09-20 03:15 PM
18
prion
prion

Design/Logic Flaw

Vault Key Sealed With SHA1 PCRs The measured boot solution implemented in EVE OS leans on a PCR locking mechanism. Different parts of the system update different PCR values in the TPM, resulting in a unique value for each PCR entry. These PCRs are then used in order to seal/unseal a key from the...

8.8CVSS

8.6AI Score

0.0004EPSS

2023-09-20 03:15 PM
6
cvelist
cvelist

CVE-2023-43635 Vault Key Sealed With SHA1 PCRs

Vault Key Sealed With SHA1 PCRs The measured boot solution implemented in EVE OS leans on a PCR locking mechanism. Different parts of the system update different PCR values in the TPM, resulting in a unique value for each PCR entry. These PCRs are then used in order to seal/unseal a key from the...

8.8CVSS

8.8AI Score

0.0004EPSS

2023-09-20 02:58 PM
nessus
nessus

Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2023-344)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-344 advisory. Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1, Wasmtime's implementation of managing per-instance state, such as tables and memories, contains...

9.8CVSS

7.5AI Score

0.001EPSS

2023-09-20 12:00 AM
9
spring
spring

Hello, Java 21

Hi, Spring fans! Get the bits Before we get started, do something for me quickly. If you haven’t already, go install SKDMAN. Then run: sdk install java 21-graalce && sdk default java 21-graalce There you have it. You now have Java 21 and graalvm supporting Java 21 on your machine, ready to go....

6.9AI Score

2023-09-20 12:00 AM
15
wordfence
wordfence

Two PHP Object Injection Vulnerabilities Fixed in Essential Blocks

On August 18, 2023, the Wordfence Threat Intelligence team initiated the responsible disclosure process for two PHP Object Injection vulnerabilities in the Essential Blocks plugin for WordPress, a plugin with over 100,000 installations. We received a response three days later and sent over our...

7.8AI Score

0.001EPSS

2023-09-19 01:48 PM
14
thn
thn

Inside XWorm: Malware Analysts Decode the Stealthy Tactics of the Latest Variant

XWorm is a relatively new representative of the remote access trojan cohort that has already earned its spot among the most persistent threats across the globe. Since 2022, when it was first observed by researchers, it has undergone a number of major updates that have significantly enhanced its...

6.9AI Score

2023-09-19 11:32 AM
25
packetstorm

7.1AI Score

0.001EPSS

2023-09-19 12:00 AM
219
thn
thn

Hook: New Android Banking Trojan That Expands on ERMAC's Legacy

A new analysis of the Android banking trojan known as Hook has revealed that it's based on its predecessor called ERMAC. "The ERMAC source code was used as a base for Hook," NCC Group security researchers Joshua Kamp and Alberto Segura said in a technical analysis published last week. "All...

7.6AI Score

2023-09-18 12:11 PM
39
malwarebytes
malwarebytes

Malwarebytes named leader across six endpoint security categories, marking its ease of use, in G2 Fall 2023 results

The peer-to-peer review source G2 has released their Fall 2023 reports, ranking Malwarebytes as a leader across a number of endpoint protection categories. In the most recent results, Malwarebytes is the only vendor to earn the "Easiest to Use" and "Easiest Admin" recognition for its Endpoint...

7.2AI Score

2023-09-18 10:30 AM
17
cnvd
cnvd

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2023-82284)

Adobe Experience Manager (AEM) is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie (Adobe). The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS

5.7AI Score

0.0005EPSS

2023-09-18 12:00 AM
11
cnvd
cnvd

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2023-82283)

Adobe Experience Manager (AEM) is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee (Adobe). The program supports mobile content management, marketing and sales campaign management and multi-site management. A.....

5.4CVSS

5.7AI Score

0.0005EPSS

2023-09-18 12:00 AM
8
nvd
nvd

CVE-2022-20917

A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper...

4.3CVSS

4.6AI Score

0.001EPSS

2023-09-15 03:15 AM
cve
cve

CVE-2022-20917

A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper...

4.3CVSS

4.7AI Score

0.001EPSS

2023-09-15 03:15 AM
2816
4
prion
prion

Design/Logic Flaw

A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper...

4.3CVSS

4.7AI Score

0.001EPSS

2023-09-15 03:15 AM
12
cvelist
cvelist

CVE-2022-20917

A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper...

4.3CVSS

5AI Score

0.001EPSS

2023-09-15 02:12 AM
Total number of security vulnerabilities9647