Lucene search

K

Plug'n Play Firewall Security Vulnerabilities

trellix
trellix

SuperSize Me

SuperSize Me By Floser Bacurio Jr., Bernadette Canubas, Michaelo Oliveros · April 02, 2024 Introduction Cyber attackers are always finding new ways to outsmart security systems and distribute malware effectively. We discovered an interesting detection evasion technique of delivering archive files.....

7.2AI Score

2024-04-02 12:00 AM
20
malwarebytes
malwarebytes

Free VPN apps turn Android phones into criminal proxies

Researchers at HUMAN’s Satori Threat Intelligence have discovered a disturbing number of VPN apps that turn users' devices into proxies for cybercriminals without their knowledge, as part of a camapign called PROXYLIB. Cybercriminals and state actors like to send their traffic through other...

7.5AI Score

2024-04-01 05:58 PM
12
cve
cve

CVE-2024-3128

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been found in Replify-Messenger 1.0 on Android. This issue affects some unknown processing of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup...

2.4CVSS

6.5AI Score

0.0004EPSS

2024-04-01 03:16 PM
23
nvd
nvd

CVE-2024-3128

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been found in Replify-Messenger 1.0 on Android. This issue affects some unknown processing of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup...

2.4CVSS

3.6AI Score

0.0004EPSS

2024-04-01 03:16 PM
wordfence
wordfence

Unauthenticated Stored Cross-Site Scripting Vulnerability Patched in WP-Members Membership Plugin – $500 Bounty Awarded

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On February 21st, 2024, during our second Bug Bounty Extravaganza,.....

7.2CVSS

6.2AI Score

0.0004EPSS

2024-04-01 03:03 PM
8
cvelist
cvelist

CVE-2024-3128 Replify-Messenger Backup File androidmanifest.xml backup

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been found in Replify-Messenger 1.0 on Android. This issue affects some unknown processing of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup...

2.4CVSS

4AI Score

0.0004EPSS

2024-04-01 02:31 PM
thn
thn

Detecting Windows-based Malware Through Better Visibility

Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren't just an inconvenience that hurt businesses and end users - they damage the economy, endanger lives, destroy businesses and put national...

7AI Score

2024-04-01 11:20 AM
22
thn
thn

Malicious Apps Caught Secretly Turning Android Phones into Proxies for Cybercriminals

Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store. The findings come from HUMAN's Satori Threat Intelligence team, which said the cluster of VPN apps came fitted....

7AI Score

2024-04-01 10:10 AM
28
thn
thn

Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities

The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. "Vultur has also started masquerading more of its...

7.7AI Score

2024-04-01 06:04 AM
33
nessus
nessus

Amazon Linux 2 : squid (ALAS-2024-2509)

The version of squid installed on the remote host is prior to 3.5.20-17. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2509 advisory. An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext....

9.3CVSS

7.9AI Score

0.034EPSS

2024-04-01 12:00 AM
9
f5
f5

K000139140 : util-linux vulnerability CVE-2024-28085

Security Advisory Description wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not...

7AI Score

0.0005EPSS

2024-04-01 12:00 AM
18
f5
f5

K000139141 : liblzma vulnerability CVE-2024-3094

Security Advisory Description Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to....

10CVSS

9.3AI Score

0.133EPSS

2024-04-01 12:00 AM
39
cve
cve

CVE-2024-2086

The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple...

10CVSS

8.9AI Score

0.0004EPSS

2024-03-30 05:15 AM
36
nvd
nvd

CVE-2024-2086

The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple...

10CVSS

9.1AI Score

0.0004EPSS

2024-03-30 05:15 AM
vulnrichment
vulnrichment

CVE-2024-2086

The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple...

10CVSS

6.5AI Score

0.0004EPSS

2024-03-30 04:31 AM
cvelist
cvelist

CVE-2024-2086

The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple...

10CVSS

9.2AI Score

0.0004EPSS

2024-03-30 04:31 AM
nvd
nvd

CVE-2024-30468

Cross-Site Request Forgery (CSRF) vulnerability in All In One WP Security & Firewall Team All In One WP Security & Firewall.This issue affects All In One WP Security & Firewall: from n/a through...

4.3CVSS

4.6AI Score

0.0004EPSS

2024-03-29 05:15 PM
1
cve
cve

CVE-2024-30468

Cross-Site Request Forgery (CSRF) vulnerability in All In One WP Security & Firewall Team All In One WP Security & Firewall.This issue affects All In One WP Security & Firewall: from n/a through...

4.3CVSS

6.8AI Score

0.0004EPSS

2024-03-29 05:15 PM
32
cvelist
cvelist

CVE-2024-30468 WordPress All-In-One Security (AIOS) – Security and Firewall plugin <= 5.2.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in All In One WP Security & Firewall Team All In One WP Security & Firewall.This issue affects All In One WP Security & Firewall: from n/a through...

4.3CVSS

5AI Score

0.0004EPSS

2024-03-29 04:20 PM
thn
thn

TheMoon Botnet Resurfaces, Exploiting EoL Devices to Power Criminal Proxy

A botnet previously considered to be rendered inert has been observed enslaving end-of-life (EoL) small home/small office (SOHO) routers and IoT devices to fuel a criminal proxy service called Faceless. "TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots...

7.5AI Score

2024-03-29 12:12 PM
25
f5
f5

K000139092 : DNS vulnerability CVE-2023-50387

Security Advisory Description Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a...

7.5CVSS

7.7AI Score

0.05EPSS

2024-03-29 12:00 AM
31
wpvulndb
wpvulndb

Integrate Google Drive < 1.3.9 - Missing Authorization to Unauthenticated Settings Modification and Export

Description The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on....

10CVSS

6.4AI Score

0.0004EPSS

2024-03-29 12:00 AM
4
wordfence
wordfence

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 18, 2024 to March 24, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 94 vulnerabilities disclosed in 81 WordPress.....

9.9CVSS

9.4AI Score

0.001EPSS

2024-03-28 03:35 PM
24
f5
f5

K000139084 : DNS vulnerability CVE-2023-50868

Security Advisory Description The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3"...

7.6AI Score

0.0005EPSS

2024-03-28 12:00 AM
28
ibm
ibm

Security Bulletin: IBM Planning Analytics Workspace has addressed multiple vulnerabilities

Summary IBM Planning Analytics Workspace is considered vulnerable to a Malicious File Upload vulnerability which could allow a privileged user to upload malicious files that can be automatically processed within the product (CVE-2023-42017). This vulnerability has been addressed. IBM Planning...

9.8CVSS

10AI Score

EPSS

2024-03-27 08:31 PM
47
ibm
ibm

Security Bulletin: IBM DevOps Release 7.0.0.1 addresses multiple vulnerabilities.

Summary IBM DevOps Release 7.0.0.1 addresses multiple vulnerabilities. Vulnerability Details ** CVEID: CVE-2024-21733 DESCRIPTION: **Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the leaking of unrelated request bodies in default error page. By sending a...

7.5CVSS

7.5AI Score

0.007EPSS

2024-03-27 05:25 PM
18
ibm
ibm

Security Bulletin: IBM DevOps Build 7.0.0.1 addresses multiple vulnerabilities.

Summary IBM DevOps Build 7.0.0.1 addresses multiple vulnerabilities. Vulnerability Details ** CVEID: CVE-2024-21733 DESCRIPTION: **Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the leaking of unrelated request bodies in default error page. By sending a...

7.5CVSS

7.5AI Score

0.007EPSS

2024-03-27 05:19 PM
10
ibm
ibm

Security Bulletin: Multiple Vulnerabilities in IBM Operations Analytics Predictive Insights.

Summary Multiple vulnerabilities were addressed in IBM Operations Analytics Predictive Insights 1.3.6 iFix 8 Vulnerability Details ** CVEID: CVE-2022-46337 DESCRIPTION: **Apache Derby could allow a remote attacker to bypass security restrictions, caused by a LDAP injection vulnerability in...

9.8CVSS

8.6AI Score

0.186EPSS

2024-03-27 03:37 PM
12
thn
thn

SASE Solutions Fall Short Without Enterprise Browser Extensions, New Report Reveals

As SaaS applications dominate the business landscape, organizations need optimized network speed and robust security measures. Many of them have been turning to SASE, a product category that offers cloud-based network protection while enhancing network infrastructure performance. However, a new...

7.4AI Score

2024-03-27 10:56 AM
15
veracode
veracode

Firewall Bypass

github.com/chirpstack/chirpstack-gateway-bridge/ is vulnerable to Firewall Bypass. The vulnerability is due to the firewall accepting specific TCP packets outside the ESTABLISHED connection...

6.8AI Score

0.0004EPSS

2024-03-27 07:52 AM
4
fedora
fedora

[SECURITY] Fedora 40 Update: netavark-1.10.3-3.fc40

OCI network stack Netavark is a rust based network stack for containers. It is being designed to work with Podman but is also applicable for other OCI container management applications. Netavark is a tool for configuring networking for Linux containers. Its features include: * Configuration of...

8.6CVSS

8.7AI Score

0.0005EPSS

2024-03-27 12:15 AM
12
openvas
openvas

Fedora: Security Advisory for netavark (FEDORA-2024-a267e93f8c)

The remote host is missing an update for...

8.6CVSS

8.7AI Score

0.0005EPSS

2024-03-27 12:00 AM
5
f5
f5

K000139064 : Apache vulnerabilities CVE-2009-2299, CVE-2012-3526, CVE-2012-4001, and CVE-2012-4360

Security Advisory Description CVE-2009-2299 The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via...

6.6AI Score

0.038EPSS

2024-03-27 12:00 AM
8
thn
thn

Crafting Shields: Defending Minecraft Servers Against DDoS Attacks

Minecraft, with over 500 million registered users and 166 million monthly players, faces significant risks from distributed denial-of-service (DDoS) attacks, threatening server functionality, player experience, and the game's reputation. Despite the prevalence of DDoS attacks on the game, the...

7.2AI Score

2024-03-26 11:29 AM
19
f5
f5

K000139043 : Apache Struts vulnerabilities CVE-2016-4430, CVE-2016-4431, and CVE-2016-4433

Security Advisory Description CVE-2016-4430 Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors. CVE-2016-4431 Apache Struts 2 2.3.20 through 2.3.28.1 allows remote...

8.8CVSS

7.4AI Score

0.009EPSS

2024-03-26 12:00 AM
8
f5
f5

K000139044 : Apache httpd vulnerabilities CVE-2011-1176, CVE-2011-2688, CVE-2013-0942, CVE-2013-2765, and CVE-2013-4365

Security Advisory Description CVE-2011-1176 The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which...

8.6AI Score

0.018EPSS

2024-03-26 12:00 AM
20
f5
f5

K000139026 : NTP vulnerability CVE-2009-3563

Security Advisory Description ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE.....

6.9AI Score

0.965EPSS

2024-03-25 12:00 AM
7
openvas
openvas

Fedora: Security Advisory for wireshark (FEDORA-2024-4115ab9959)

The remote host is missing an update for...

7.1AI Score

0.0004EPSS

2024-03-25 12:00 AM
1
fedora
fedora

[SECURITY] Fedora 40 Update: wireshark-4.2.3-1.fc40

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

6.7AI Score

0.0004EPSS

2024-03-23 12:48 AM
4
f5
f5

K000138990 : BIND vulnerability CVE-2023-4408

Security Advisory Description The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this....

7.5CVSS

7.2AI Score

0.001EPSS

2024-03-23 12:00 AM
23
ibm
ibm

Security Bulletin: Vulnerabilities in Apache Tomcat, Apache Commons FileUpload and Apache Axis might affect IBM Storage Copy Data Management

Summary IBM Storage Copy Data Management can be affected by vulnerabilities in Apache Tomcat, Apache Commons FileUpload, and Apache Axis. A remote attacker could exploit these vulnerabilities to cause a denial of service condition, to obtain a session cookie, sensitive and Http11Processor instance....

8.6CVSS

9.9AI Score

0.034EPSS

2024-03-22 04:05 PM
9
osv
osv

Cross-site Scripting in Moodle Chat

The Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance degradation. NOTE: the vendor's Using_Chat page says "If you know some HTML code, you can use it in your text to do things like insert...

6.5AI Score

0.0004EPSS

2024-03-22 03:31 PM
12
github
github

Cross-site Scripting in Moodle Chat

The Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance degradation. NOTE: the vendor's Using_Chat page says "If you know some HTML code, you can use it in your text to do things like insert...

6.5AI Score

0.0004EPSS

2024-03-22 03:31 PM
11
cve
cve

CVE-2024-28593

The Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance degradation. NOTE: the vendor's Using_Chat page says "If you know some HTML code, you can use it in your text to do things like insert...

6.4AI Score

0.0004EPSS

2024-03-22 03:15 PM
36
nvd
nvd

CVE-2024-28593

The Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance degradation. NOTE: the vendor's Using_Chat page says "If you know some HTML code, you can use it in your text to do things like insert...

6.2AI Score

0.0004EPSS

2024-03-22 03:15 PM
thn
thn

Implementing Zero Trust Controls for Compliance

The ThreatLocker® Zero Trust Endpoint Protection Platform implements a strict deny-by-default, allow-by-exception security posture to give organizations the ability to set policy-based controls within their environment and mitigate countless cyber threats, including zero-days, unseen network...

7.1AI Score

2024-03-22 11:28 AM
22
cvelist
cvelist

CVE-2024-28593

The Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance degradation. NOTE: the vendor's Using_Chat page says "If you know some HTML code, you can use it in your text to do things like insert...

6.4AI Score

0.0004EPSS

2024-03-22 12:00 AM
f5
f5

K000138989 : BIND vulnerability CVE-2023-5517

Security Advisory Description A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response....

7.5CVSS

7.3AI Score

0.001EPSS

2024-03-22 12:00 AM
7
f5
f5

K000138991 : BIND vulnerability CVE-2023-6516

Security Advisory Description To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is...

7.5CVSS

7AI Score

0.001EPSS

2024-03-22 12:00 AM
7
wordfence
wordfence

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 11, 2024 to March 17, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 163 vulnerabilities disclosed in 126...

10CVSS

10AI Score

0.001EPSS

2024-03-21 03:55 PM
40
Total number of security vulnerabilities51221