K000139353 : aiohttp vulnerability CVE-2024-23334
Security Advisory Description aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to...
7.5CVSS
7.3AI Score
0.052EPSS
Mitsubishi MELSEC iQ-F Series Insufficient Resource Pool (CVE-2023-7033)
Insufficient Resource Pool vulnerability in Ethernet function of Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote attacker to cause a temporary Denial of Service condition for a certain period of time in Ethernet communication of the products by performing TCP SYN...
5.3CVSS
5.3AI Score
0.0004EPSS
IPv6 enabled on IPv4-only network interfaces
In 26.0.0 and 26.0.1, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. Impact A container with an ipvlan or macvlan interface will normally be configured to share an external network link with the host machine. Because of this direct access,...
4.7CVSS
6.9AI Score
0.0004EPSS
IPv6 enabled on IPv4-only network interfaces
In 26.0.0 and 26.0.1, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. Impact A container with an ipvlan or macvlan interface will normally be configured to share an external network link with the host machine. Because of this direct access,...
4.7CVSS
6.9AI Score
0.0004EPSS
Could the Brazilian Supreme Court finally hold people accountable for sharing disinformation?
If you're a regular reader of this newsletter, you already know about how strongly I feel about the dangers of spreading fake news, disinformation and misinformation. And honestly, if you're reading this newsletter, I probably shouldn't have to tell you about that either. But one of the things...
7.8AI Score
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall...
6AI Score
0.0004EPSS
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall...
5.8AI Score
0.0004EPSS
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Port Forwarding under the Firewall...
5.8AI Score
0.0004EPSS
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall...
6AI Score
0.0004EPSS
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Port Forwarding under the Firewall...
6AI Score
0.0004EPSS
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall...
5.8AI Score
0.0004EPSS
Exploit for Command Injection in Paloaltonetworks Pan-Os
PAN-OS CVE-2024-3400 Check Overview **[FOR INTERNAL USE...
10CVSS
7.5AI Score
0.957EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 8, 2024 to April 14, 2024)
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 219 vulnerabilities disclosed in 209...
8.8AI Score
EPSS
Mitsubishi Electric MELSEC iQ-R Series (Update B)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: MELSEC iQ-R Series CPU Module Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this...
9.1CVSS
7.5AI Score
0.003EPSS
Mitsubishi Electric MELSEC iQ-R Series (Update B)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Corporation Equipment: MELSEC iQ-R Series CPU Module Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Insufficiently Protected Credentials, Overly Restrictive Account.....
9.1CVSS
7.4AI Score
0.004EPSS
New Android Trojan 'SoumniBot' Evades Detection with Clever Tricks
A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest extraction and parsing procedure. The malware is "notable for an unconventional approach to evading analysis and detection, namely obfuscation of the Android.....
7AI Score
10CVSS
10AI Score
0.957EPSS
K000139340 : Apache Tomcat vulnerability CVE-2024-22029
Security Advisory Description A flaw was found in the Tomcat package of OpenSUSE and derived distributions. This issue occurs due to incorrect permissions and a race condition in the %post section of the Tomcat RPM package, resulting in local privilege escalation when the Tomcat package is...
7AI Score
EPSS
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall...
6AI Score
0.0004EPSS
The Windows Registry Adventure #1: Introduction and research results
Posted by Mateusz Jurczyk, Google Project Zero In the 20-month period between May 2022 and December 2023, I thoroughly audited the Windows Registry in search of local privilege escalation bugs. It all started unexpectedly: I was in the process of developing a coverage-based Windows kernel fuzzer...
7.8CVSS
8.3AI Score
0.049EPSS
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Port Forwarding under the Firewall...
6AI Score
0.0004EPSS
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall...
6AI Score
0.0004EPSS
The Windows Registry Adventure #2: A brief history of the feature
Posted by Mateusz Jurczyk, Google Project Zero Before diving into the low-level security aspects of the registry, it is important to understand its role in the operating system and a bit of history behind it. In essence, the registry is a hierarchical database made of named "keys" and "values",...
6.3AI Score
Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall Vulnerability (CVE-2024-3400)
By Cyber Newswire Zero Knowledge Networking vendor shrugs off firewall flaw! This is a post from HackRead.com Read the original post: Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall Vulnerability...
10CVSS
9.7AI Score
0.957EPSS
🎉 Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On February 24th, 2024, during our second Bug Bounty...
8.8CVSS
8AI Score
0.0004EPSS
OfflRouter virus causes Ukrainian users to upload confidential documents to VirusTotal
During a threat-hunting exercise, Cisco Talos discovered documents with potentially confidential information originating from Ukraine. The documents contained malicious VBA code, indicating they may be used as lures to infect organizations. The results of the investigation have shown that the...
7AI Score
Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign
Cybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads. The activity entails the exploitation of CVE-2023-48788 (CVSS score: 9.3), a critical SQL...
9.8CVSS
10AI Score
0.711EPSS
Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services
Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services, since at least March 18, 2024. "These attacks all appear to be originating from TOR exit nodes and.....
8.8CVSS
9.1AI Score
0.069EPSS
[SECURITY] Fedora 39 Update: wireshark-4.0.14-1.fc39
Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...
7.8CVSS
7AI Score
0.0004EPSS
Exploit for Command Injection in Paloaltonetworks Pan-Os
Cyberspace Mapping Dork Fofa ```...
10CVSS
9.9AI Score
0.957EPSS
Exploit for Command Injection in Paloaltonetworks Pan-Os
Cyberspace Mapping Dork Fofa ```...
10CVSS
9.9AI Score
0.957EPSS
Exploit for Command Injection in Paloaltonetworks Pan-Os
Cyberspace Mapping Dork Fofa ```...
10CVSS
7.3AI Score
0.957EPSS
Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials
Cisco Talos would like to acknowledge Anna Bennett and Brandon White of Cisco Talos and Phillip Schafer, Mike Moran, and Becca Lynch of the Duo Security Research team for their research that led to the identification of these attacks. Cisco Talos is actively monitoring a global increase in...
7.6AI Score
github.com/edgelesssys/constellation is vulnerable to Firewall Bypass. The vulnerability is due to the world configuration which does not prevent unauthorized access to entities inside the cloud VPC to directly reach pods using their internal IP...
7AI Score
Exploit for Command Injection in Paloaltonetworks Pan-Os
PAN-OS Firewall Command Injection Vulnerability This...
10CVSS
10AI Score
0.957EPSS
Request smuggling leading to endpoint restriction bypass in Gunicorn
Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling (HRS) vulnerabilities. By crafting requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This issue is due to Gunicorn's...
7.5CVSS
7.4AI Score
0.0004EPSS
Request smuggling leading to endpoint restriction bypass in Gunicorn
Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling (HRS) vulnerabilities. By crafting requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This issue is due to Gunicorn's...
7.5CVSS
7.4AI Score
0.0004EPSS
Palo Alto Patches 0-Day (CVE-2024-3400) Exploited by Python Backdoor
By Deeba Ahmed Firewall on fire! This is a post from HackRead.com Read the original post: Palo Alto Patches 0-Day (CVE-2024-3400) Exploited by Python...
10CVSS
7.3AI Score
0.957EPSS
Constallation has pods exposed to peers in VPC
Impact Cilium allows outside actors (world entity) to directly access pods with their internal pod IP, even if they are not exposed explicitly (e.g. via LoadBalancer). A pod that does not authenticate clients and that does not exclude world traffic via network policy may leak sensitive data to an.....
6.8AI Score
Constallation has pods exposed to peers in VPC
Impact Cilium allows outside actors (world entity) to directly access pods with their internal pod IP, even if they are not exposed explicitly (e.g. via LoadBalancer). A pod that does not authenticate clients and that does not exclude world traffic via network policy may leak sensitive data to an.....
6.8AI Score
🎉 Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On March 25th, 2024, during our second Bug Bounty Extravaganza,.....
9.8CVSS
8.5AI Score
0.012EPSS
A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft. This POC code is built for using this new BITB with Evilginx, and a Microsoft Enterprise phishlet. Before diving deep into this, I.....
6.7AI Score
Using the LockBit builder to generate targeted ransomware
The previous Kaspersky research focused on a detailed analysis of the LockBit 3.0 builder leaked in 2022. Since then, attackers have been able to generate customized versions of the threat according to their needs. This opens up numerous possibilities for malicious actors to make their attacks...
7.8AI Score
Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability
Palo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come under active exploitation in the wild. Tracked as CVE-2024-3400 (CVSS score: 10.0), the critical vulnerability is a case of command injection in the GlobalProtect feature...
10CVSS
9.7AI Score
0.957EPSS
Toolkit - The Essential Toolkit For Reversing, Malware Analysis, And Cracking
This tool compilation is carefully crafted with the purpose of being useful both for the beginners and veterans from the malware analysis world. It has also proven useful for people trying their luck at the cracking underworld. It's the ideal complement to be used with the manuals from the site,...
7.2AI Score
How Israel Defended Against Iran's Drone and Missile Attack
The Iron Dome, US allies, and long-range interceptor missiles all came into...
7.4AI Score
On Friday April 12, Palo Alto disclosed that some versions of PAN-OS are not only vulnerable to remote code execution, but that the vulnerability has been actively exploited to install backdoors on Palo Alto firewalls. A patch is expected to be available on April 14th. The advisory from Palo Alto.....
10CVSS
10AI Score
0.957EPSS
Exploit for Command Injection in Paloaltonetworks Pan-Os
This repo contains a script to set up the safe environment for...
10CVSS
9.8AI Score
0.957EPSS
10CVSS
9.9AI Score
0.957EPSS
Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack
Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly three weeks before it came to light yesterday. The network security company's Unit 42 division is tracking the activity under the name Operation...
10CVSS
9.9AI Score
0.957EPSS