Lucene search

K

Plug'n Play Firewall Security Vulnerabilities

f5
f5

K000139353 : aiohttp vulnerability CVE-2024-23334

Security Advisory Description aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to...

7.5CVSS

7.3AI Score

0.052EPSS

2024-04-19 12:00 AM
15
nessus
nessus

Mitsubishi MELSEC iQ-F Series Insufficient Resource Pool (CVE-2023-7033)

Insufficient Resource Pool vulnerability in Ethernet function of Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote attacker to cause a temporary Denial of Service condition for a certain period of time in Ethernet communication of the products by performing TCP SYN...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-04-19 12:00 AM
5
github
github

IPv6 enabled on IPv4-only network interfaces

In 26.0.0 and 26.0.1, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. Impact A container with an ipvlan or macvlan interface will normally be configured to share an external network link with the host machine. Because of this direct access,...

4.7CVSS

6.9AI Score

0.0004EPSS

2024-04-18 09:52 PM
5
osv
osv

IPv6 enabled on IPv4-only network interfaces

In 26.0.0 and 26.0.1, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. Impact A container with an ipvlan or macvlan interface will normally be configured to share an external network link with the host machine. Because of this direct access,...

4.7CVSS

6.9AI Score

0.0004EPSS

2024-04-18 09:52 PM
6
talosblog
talosblog

Could the Brazilian Supreme Court finally hold people accountable for sharing disinformation?

If you're a regular reader of this newsletter, you already know about how strongly I feel about the dangers of spreading fake news, disinformation and misinformation. And honestly, if you're reading this newsletter, I probably shouldn't have to tell you about that either. But one of the things...

7.8AI Score

2024-04-18 06:00 PM
10
cve
cve

CVE-2024-32334

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall...

6AI Score

0.0004EPSS

2024-04-18 05:15 PM
24
nvd
nvd

CVE-2024-32334

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall...

5.8AI Score

0.0004EPSS

2024-04-18 05:15 PM
nvd
nvd

CVE-2024-32327

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Port Forwarding under the Firewall...

5.8AI Score

0.0004EPSS

2024-04-18 05:15 PM
cve
cve

CVE-2024-32333

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall...

6AI Score

0.0004EPSS

2024-04-18 05:15 PM
24
cve
cve

CVE-2024-32327

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Port Forwarding under the Firewall...

6AI Score

0.0004EPSS

2024-04-18 05:15 PM
24
nvd
nvd

CVE-2024-32333

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall...

5.8AI Score

0.0004EPSS

2024-04-18 05:15 PM
githubexploit
githubexploit

Exploit for Command Injection in Paloaltonetworks Pan-Os

PAN-OS CVE-2024-3400 Check Overview **[FOR INTERNAL USE...

10CVSS

7.5AI Score

0.957EPSS

2024-04-18 04:45 PM
164
wordfence
wordfence

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 8, 2024 to April 14, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 219 vulnerabilities disclosed in 209...

8.8AI Score

EPSS

2024-04-18 03:58 PM
26
ics
ics

Mitsubishi Electric MELSEC iQ-R Series (Update B)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: MELSEC iQ-R Series CPU Module Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this...

9.1CVSS

7.5AI Score

0.003EPSS

2024-04-18 12:00 PM
23
ics
ics

Mitsubishi Electric MELSEC iQ-R Series (Update B)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Corporation Equipment: MELSEC iQ-R Series CPU Module Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Insufficiently Protected Credentials, Overly Restrictive Account.....

9.1CVSS

7.4AI Score

0.004EPSS

2024-04-18 12:00 PM
21
thn
thn

New Android Trojan 'SoumniBot' Evades Detection with Clever Tricks

A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest extraction and parsing procedure. The malware is "notable for an unconventional approach to evading analysis and detection, namely obfuscation of the Android.....

7AI Score

2024-04-18 10:31 AM
35
githubexploit

10CVSS

10AI Score

0.957EPSS

2024-04-18 10:16 AM
160
f5
f5

K000139340 : Apache Tomcat vulnerability CVE-2024-22029

Security Advisory Description A flaw was found in the Tomcat package of OpenSUSE and derived distributions. This issue occurs due to incorrect permissions and a race condition in the %post section of the Tomcat RPM package, resulting in local privilege escalation when the Tomcat package is...

7AI Score

EPSS

2024-04-18 12:00 AM
12
cvelist
cvelist

CVE-2024-32334

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall...

6AI Score

0.0004EPSS

2024-04-18 12:00 AM
googleprojectzero
googleprojectzero

The Windows Registry Adventure #1: Introduction and research results

Posted by Mateusz Jurczyk, Google Project Zero In the 20-month period between May 2022 and December 2023, I thoroughly audited the Windows Registry in search of local privilege escalation bugs. It all started unexpectedly: I was in the process of developing a coverage-based Windows kernel fuzzer...

7.8CVSS

8.3AI Score

0.049EPSS

2024-04-18 12:00 AM
12
cvelist
cvelist

CVE-2024-32327

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Port Forwarding under the Firewall...

6AI Score

0.0004EPSS

2024-04-18 12:00 AM
cvelist
cvelist

CVE-2024-32333

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall...

6AI Score

0.0004EPSS

2024-04-18 12:00 AM
googleprojectzero
googleprojectzero

The Windows Registry Adventure #2: A brief history of the feature

Posted by Mateusz Jurczyk, Google Project Zero Before diving into the low-level security aspects of the registry, it is important to understand its role in the operating system and a bit of history behind it. In essence, the registry is a hierarchical database made of named "keys" and "values",...

6.3AI Score

2024-04-18 12:00 AM
4
hackread
hackread

Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall Vulnerability (CVE-2024-3400)

By Cyber Newswire Zero Knowledge Networking vendor shrugs off firewall flaw! This is a post from HackRead.com Read the original post: Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall Vulnerability...

10CVSS

9.7AI Score

0.957EPSS

2024-04-17 04:20 PM
26
wordfence
wordfence

$400 Bounty Awarded for SQL Injection Vulnerability Patched in WP Activity Log Premium WordPress Plugin

🎉 Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On February 24th, 2024, during our second Bug Bounty...

8.8CVSS

8AI Score

0.0004EPSS

2024-04-17 03:03 PM
5
talosblog
talosblog

OfflRouter virus causes Ukrainian users to upload confidential documents to VirusTotal

During a threat-hunting exercise, Cisco Talos discovered documents with potentially confidential information originating from Ukraine. The documents contained malicious VBA code, indicating they may be used as lures to infect organizations. The results of the investigation have shown that the...

7AI Score

2024-04-17 11:59 AM
9
thn
thn

Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign

Cybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads. The activity entails the exploitation of CVE-2023-48788 (CVSS score: 9.3), a critical SQL...

9.8CVSS

10AI Score

0.711EPSS

2024-04-17 10:23 AM
26
thn
thn

Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services

Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services, since at least March 18, 2024. "These attacks all appear to be originating from TOR exit nodes and.....

8.8CVSS

9.1AI Score

0.069EPSS

2024-04-17 08:38 AM
24
fedora
fedora

[SECURITY] Fedora 39 Update: wireshark-4.0.14-1.fc39

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

7.8CVSS

7AI Score

0.0004EPSS

2024-04-17 02:19 AM
5
githubexploit
githubexploit

Exploit for Command Injection in Paloaltonetworks Pan-Os

Cyberspace Mapping Dork Fofa ```...

10CVSS

9.9AI Score

0.957EPSS

2024-04-16 04:18 PM
57
githubexploit
githubexploit

Exploit for Command Injection in Paloaltonetworks Pan-Os

Cyberspace Mapping Dork Fofa ```...

10CVSS

9.9AI Score

0.957EPSS

2024-04-16 04:18 PM
79
githubexploit
githubexploit

Exploit for Command Injection in Paloaltonetworks Pan-Os

Cyberspace Mapping Dork Fofa ```...

10CVSS

7.3AI Score

0.957EPSS

2024-04-16 04:18 PM
35
talosblog
talosblog

Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials

Cisco Talos would like to acknowledge Anna Bennett and Brandon White of Cisco Talos and Phillip Schafer, Mike Moran, and Becca Lynch of the Duo Security Research team for their research that led to the identification of these attacks. Cisco Talos is actively monitoring a global increase in...

7.6AI Score

2024-04-16 12:00 PM
16
veracode
veracode

Firewall Bypass

github.com/edgelesssys/constellation is vulnerable to Firewall Bypass. The vulnerability is due to the world configuration which does not prevent unauthorized access to entities inside the cloud VPC to directly reach pods using their internal IP...

7AI Score

2024-04-16 09:21 AM
2
githubexploit
githubexploit

Exploit for Command Injection in Paloaltonetworks Pan-Os

PAN-OS Firewall Command Injection Vulnerability This...

10CVSS

10AI Score

0.957EPSS

2024-04-16 07:31 AM
79
osv
osv

Request smuggling leading to endpoint restriction bypass in Gunicorn

Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling (HRS) vulnerabilities. By crafting requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This issue is due to Gunicorn's...

7.5CVSS

7.4AI Score

0.0004EPSS

2024-04-16 12:30 AM
79
github
github

Request smuggling leading to endpoint restriction bypass in Gunicorn

Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling (HRS) vulnerabilities. By crafting requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This issue is due to Gunicorn's...

7.5CVSS

7.4AI Score

0.0004EPSS

2024-04-16 12:30 AM
34
hackread
hackread

Palo Alto Patches 0-Day (CVE-2024-3400) Exploited by Python Backdoor

By Deeba Ahmed Firewall on fire! This is a post from HackRead.com Read the original post: Palo Alto Patches 0-Day (CVE-2024-3400) Exploited by Python...

10CVSS

7.3AI Score

0.957EPSS

2024-04-15 06:29 PM
32
osv
osv

Constallation has pods exposed to peers in VPC

Impact Cilium allows outside actors (world entity) to directly access pods with their internal pod IP, even if they are not exposed explicitly (e.g. via LoadBalancer). A pod that does not authenticate clients and that does not exclude world traffic via network policy may leak sensitive data to an.....

6.8AI Score

2024-04-15 06:13 PM
5
github
github

Constallation has pods exposed to peers in VPC

Impact Cilium allows outside actors (world entity) to directly access pods with their internal pod IP, even if they are not exposed explicitly (e.g. via LoadBalancer). A pod that does not authenticate clients and that does not exclude world traffic via network policy may leak sensitive data to an.....

6.8AI Score

2024-04-15 06:13 PM
5
wordfence
wordfence

$1,250 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Email Subscribers by Icegram Express WordPress Plugin

🎉 Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On March 25th, 2024, during our second Bug Bounty Extravaganza,.....

9.8CVSS

8.5AI Score

0.012EPSS

2024-04-15 03:00 PM
22
kitploit
kitploit

Frameless-Bitb - A New Approach To Browser In The Browser (BITB) Without The Use Of Iframes, Allowing The Bypass Of Traditional Framebusters Implemented By Login Pages Like Microsoft And The Use With Evilginx

A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft. This POC code is built for using this new BITB with Evilginx, and a Microsoft Enterprise phishlet. Before diving deep into this, I.....

6.7AI Score

2024-04-15 12:30 PM
20
securelist
securelist

Using the LockBit builder to generate targeted ransomware

The previous Kaspersky research focused on a detailed analysis of the LockBit 3.0 builder leaked in 2022. Since then, attackers have been able to generate customized versions of the threat according to their needs. This opens up numerous possibilities for malicious actors to make their attacks...

7.8AI Score

2024-04-15 10:00 AM
12
thn
thn

Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability

Palo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come under active exploitation in the wild. Tracked as CVE-2024-3400 (CVSS score: 10.0), the critical vulnerability is a case of command injection in the GlobalProtect feature...

10CVSS

9.7AI Score

0.957EPSS

2024-04-15 08:17 AM
21
kitploit
kitploit

Toolkit - The Essential Toolkit For Reversing, Malware Analysis, And Cracking

This tool compilation is carefully crafted with the purpose of being useful both for the beginners and veterans from the malware analysis world. It has also proven useful for people trying their luck at the cracking underworld. It's the ideal complement to be used with the manuals from the site,...

7.2AI Score

2024-04-14 09:24 PM
10
wired
wired

How Israel Defended Against Iran's Drone and Missile Attack

The Iron Dome, US allies, and long-range interceptor missiles all came into...

7.4AI Score

2024-04-14 01:01 AM
5
wallarmlab
wallarmlab

How to track and stop CVE-2024-3400: Palo Alto Networks API Exploit Causing Critical Infrastructure and Enterprise Epidemics

On Friday April 12, Palo Alto disclosed that some versions of PAN-OS are not only vulnerable to remote code execution, but that the vulnerability has been actively exploited to install backdoors on Palo Alto firewalls. A patch is expected to be available on April 14th. The advisory from Palo Alto.....

10CVSS

10AI Score

0.957EPSS

2024-04-13 09:57 PM
59
githubexploit
githubexploit

Exploit for Command Injection in Paloaltonetworks Pan-Os

This repo contains a script to set up the safe environment for...

10CVSS

9.8AI Score

0.957EPSS

2024-04-13 11:55 AM
136
githubexploit
githubexploit

Exploit for CVE-2024-3400

CVE-2024-3400 Vulnerability Checker Description...

10CVSS

9.9AI Score

0.957EPSS

2024-04-13 11:06 AM
179
thn
thn

Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack

Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly three weeks before it came to light yesterday. The network security company's Unit 42 division is tracking the activity under the name Operation...

10CVSS

9.9AI Score

0.957EPSS

2024-04-13 08:25 AM
66
Total number of security vulnerabilities51221