Lucene search

K

Plug'n Play Firewall Security Vulnerabilities

impervablog
impervablog

Update: CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware

Introduction Recently, Imperva Threat Research reported on attacker activity leveraging the new PHP vulnerability, CVE-2024-4577. From as early as June 8th, we have detected attacker activity leveraging this vulnerability to deliver malware, which we have now identified to be a part of the...

10CVSS

8AI Score

EPSS

2024-06-10 06:05 PM
25
impervablog
impervablog

A European Summer of Sports is Upon Us – What Does it Mean for Security?

The recent Champions League final in London (congratulations, Real Madrid!) marked the opening shot to a hot European summer of major sporting events. We now approach the highly anticipated UEFA EURO 2024 football tournament in Germany and the Olympic Games in Paris 2024. And as we do, bad actors.....

7AI Score

2024-06-10 01:00 PM
13
thn
thn

Azure Service Tags Vulnerability: Microsoft Warns of Potential Abuse by Hackers

Microsoft is warning about the potential abuse of Azure Service Tags by malicious actors to forge requests from a trusted service and get around firewall rules, thereby allowing them to gain unauthorized access to cloud resources. "This case does highlight an inherent risk in using service tags as....

7.9AI Score

2024-06-10 11:20 AM
2
cve
cve

CVE-2024-5773

A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected is an unknown function of the file /protocol/firewall/deletemacbind.php. The manipulation of the argument messagecontent leads to sql injection. It is possible to launch the.....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-06-09 03:15 AM
28
nvd
nvd

CVE-2024-5773

A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected is an unknown function of the file /protocol/firewall/deletemacbind.php. The manipulation of the argument messagecontent leads to sql injection. It is possible to launch the.....

6.3CVSS

0.0004EPSS

2024-06-09 03:15 AM
1
cvelist
cvelist

CVE-2024-5773 Netentsec NS-ASG Application Security Gateway deletemacbind.php sql injection

A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected is an unknown function of the file /protocol/firewall/deletemacbind.php. The manipulation of the argument messagecontent leads to sql injection. It is possible to launch the.....

6.3CVSS

0.0004EPSS

2024-06-09 03:00 AM
vulnrichment
vulnrichment

CVE-2024-5773 Netentsec NS-ASG Application Security Gateway deletemacbind.php sql injection

A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected is an unknown function of the file /protocol/firewall/deletemacbind.php. The manipulation of the argument messagecontent leads to sql injection. It is possible to launch the.....

6.3CVSS

7.2AI Score

0.0004EPSS

2024-06-09 03:00 AM
qualysblog
qualysblog

Check Point Security Gateway Information Disclosure Vulnerability (CVE-2024-24919)

Check Point Security Gateway is a secure web gateway that is an on-premises or cloud-delivered network security service. Check Point enforces network security policies, including firewall, VPN, and intrusion prevention capabilities. Check Point published a zero-day advisory on May 28, 2024,...

8.6CVSS

8.7AI Score

0.945EPSS

2024-06-07 11:10 PM
8
impervablog
impervablog

Imperva Protects Against Critical PHP Vulnerability CVE-2024-4577

In the ever-evolving landscape of cybersecurity, staying ahead of vulnerabilities is crucial for safeguarding sensitive information and maintaining the integrity of digital assets. Recently, a critical vulnerability– identified as CVE-2024-4577 with an initial CVSS score of 9.8 – was discovered in....

9.8CVSS

10AI Score

0.967EPSS

2024-06-07 04:33 PM
13
malwarebytes
malwarebytes

Google will start deleting location history

Google announced that it will reduce the amount of personal data it is storing by automatically deleting old data from "Timeline"—the feature that, previously named "Location History," tracks user routes and trips based on a phone’s location, allowing people to revisit all the places they've been.....

6.7AI Score

2024-06-07 04:26 PM
5
ibm
ibm

Security Bulletin: IBM Security Guardium is affected by vulnerabilities in Tomcat (CVE-2023-45648, CVE-2023-42795, CVE-2023-42794)

Summary IBM Security Guardium has addressed these vulnerabilities with an update. Vulnerability Details ** CVEID: CVE-2023-45648 DESCRIPTION: **Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of HTTP trailer headers. By sending a specially crafted invalid trailer.....

5.9CVSS

7.5AI Score

0.01EPSS

2024-06-07 03:03 PM
11
thn
thn

The AI Debate: Google's Guidelines, Meta's GDPR Dispute, Microsoft's Recall Backlash

Google is urging third-party Android app developers to incorporate generative artificial intelligence (GenAI) features in a responsible manner. The new guidance from the search and advertising giant is an effort to combat problematic content, including sexual content and hate speech, created...

7.2AI Score

2024-06-07 11:07 AM
3
thn
thn

FBI Distributes 7,000 LockBit Ransomware Decryption Keys to Help Victims

The U.S. Federal Bureau of Investigation (FBI) has disclosed that it's in possession of more than 7,000 decryption keys associated with the LockBit ransomware operation to help victims get their data back at no cost. "We are reaching out to known LockBit victims and encouraging anyone who suspects....

7.7AI Score

2024-06-07 07:48 AM
3
ibm
ibm

Security Bulletin: IBM Maximo Application Suite uses gunicorn-21.2.0-py3-none-any.whl which is vulnerable to CVE-2024-1135.

Summary IBM Maximo Application Suite uses gunicorn-21.2.0-py3-none-any.whl which is vulnerable to CVE-2024-1135. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2024-1135 DESCRIPTION: **Gunicorn is vulnerable to HTTP request...

7.5CVSS

7.3AI Score

0.0004EPSS

2024-06-07 06:46 AM
f5
f5

K000139953: PHP vulnerability CVE-2024-4577

Security Advisory Description In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API...

9.8CVSS

9.5AI Score

0.967EPSS

2024-06-07 12:00 AM
37
openvas
openvas

Fedora: Security Advisory for wireshark (FEDORA-2024-cd1f01e5d9)

The remote host is missing an update for...

6.4CVSS

4.8AI Score

0.0004EPSS

2024-06-07 12:00 AM
openvas
openvas

Fedora: Security Advisory for wireshark (FEDORA-2024-ed93e6d44f)

The remote host is missing an update for...

6.4CVSS

4.8AI Score

0.0004EPSS

2024-06-07 12:00 AM
2
wordfence
wordfence

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 27, 2024 to June 2, 2024)

_ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? __Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the...

10CVSS

9.6AI Score

EPSS

2024-06-06 03:09 PM
13
f5
f5

K000139922: Open vSwitch vulnerabilities CVE-2023-3966 and CVE-2023-5366

Security Advisory Description CVE-2023-3966 A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is...

7.5CVSS

7.1AI Score

0.0004EPSS

2024-06-06 12:00 AM
7
redos
redos

ROS-20240606-07

Vulnerability in the MULTIPART_PART_HEADERS component of the open source web application firewall ModSecurity is related to improper analysis of HTTP requests. Exploitation of the vulnerability could allow an an attacker acting remotely to bypass the firewall's...

7.5CVSS

6.7AI Score

0.002EPSS

2024-06-06 12:00 AM
3
wordfence
wordfence

40,000 WordPress Sites affected by Vulnerability That Leads to Privilege Escalation in Login/Signup Popup WordPress Plugin

📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? __Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the.....

8.8CVSS

8.5AI Score

0.001EPSS

2024-06-05 03:01 PM
6
ibm
ibm

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to XSS attacks due to [CVE-2024-1135]

Summary Gunicorn is used by IBM App Connect Enterprise Certified Container by the mapping assistance component. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to XSS attacks. This bulletin provides patch information to address...

7.5CVSS

7.3AI Score

0.0004EPSS

2024-06-05 02:58 PM
talosblog
talosblog

DarkGate switches up its tactics with new payload, email templates

This post was authored by Kalpesh Mantri. Cisco Talos is actively tracking a recent increase in activity from malicious email campaigns containing a suspicious Microsoft Excel attachment that, when opened, infected the victim's system with the DarkGate malware. These campaigns, active since the...

7.9AI Score

2024-06-05 12:00 PM
5
thn
thn

Rebranded Knight Ransomware Targeting Healthcare and Businesses Worldwide

An analysis of a nascent ransomware strain called RansomHub has revealed it to be an updated and rebranded version of Knight ransomware, itself an evolution of another ransomware known as Cyclops. Knight (aka Cyclops 2.0) ransomware first arrived in May 2023, employing double extortion tactics to.....

7.8AI Score

2024-06-05 10:10 AM
2
ibm
ibm

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Node.js Vulnerability Details ** CVEID: CVE-2024-27982 DESCRIPTION: **Node.js is vulnerable to HTTP request smuggling, caused by the use of content length obfuscation in the http server. By sending specially...

8.2CVSS

6.5AI Score

0.0004EPSS

2024-06-05 01:55 AM
2
f5
f5

K000139898: PyYAML vulnerabilities CVE-2020-1747 and CVE-2020-14343

Security Advisory Description CVE-2020-1747 A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use...

9.8CVSS

7.5AI Score

0.006EPSS

2024-06-05 12:00 AM
9
wpexploit
wpexploit

Spotify Play Button <= 1.0 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

5.9AI Score

0.0004EPSS

2024-06-05 12:00 AM
6
f5
f5

K000139917: Libxml2 vulnerability CVE-2022-40303

Security Advisory Description An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading....

7.5CVSS

7.6AI Score

0.004EPSS

2024-06-05 12:00 AM
4
f5
f5

K000139901: PyYAML vulnerability CVE-2017-18342

Security Advisory Description In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function. (CVE-2017-18342) Impact.....

9.8CVSS

9.6AI Score

0.014EPSS

2024-06-05 12:00 AM
10
wpvulndb
wpvulndb

Spotify Play Button <= 1.0 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC [spotify-play...

5.7AI Score

0.0004EPSS

2024-06-05 12:00 AM
1
cve
cve

CVE-2023-52147

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in All In One WP Security & Firewall Team All In One WP Security & Firewall allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects All In One WP Security & Firewall: from n/a through...

3.7CVSS

7AI Score

0.0004EPSS

2024-06-04 01:15 PM
25
nvd
nvd

CVE-2023-52147

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in All In One WP Security & Firewall Team All In One WP Security & Firewall allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects All In One WP Security & Firewall: from n/a through...

3.7CVSS

4.2AI Score

0.0004EPSS

2024-06-04 01:15 PM
rapid7blog
rapid7blog

The Dreaded Network Pivot: An Attack Intelligence Story

Rapid7 recently released our 2024 Attack Intelligence Report, a 14-month deep dive into the vulnerability and attacker landscape. The spiritual successor to our annual Vulnerability Intelligence Report, the AIR includes data from the Rapid7 research team combined with our detection and response...

7.2AI Score

2024-06-04 01:00 PM
10
cvelist
cvelist

CVE-2023-52147 WordPress All-In-One Security (AIOS) plugin <= 5.2.4 - Secret Login Page Location Disclosure on Multisites vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in All In One WP Security & Firewall Team All In One WP Security & Firewall allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects All In One WP Security & Firewall: from n/a through...

3.7CVSS

4.2AI Score

0.0004EPSS

2024-06-04 12:38 PM
1
ics
ics

Mitsubishi Electric MELSEC iQ-R, Q, L Series and MELIPC Series (Update C)

EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R, Q, and L Series CPU Module; MELIPC Series CPU Vulnerability: Improper Resource Locking 2. RISK EVALUATION Successful exploitation of this vulnerability could...

7.5CVSS

7.9AI Score

0.003EPSS

2024-06-04 12:00 PM
33
osv
osv

BIT-hubble-2023-27595

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In version 1.13.0, when Cilium is started, there is a short period when Cilium eBPF programs are not attached to the host. During this period, the host does not implement any of Cilium's featureset. This can....

9.8CVSS

6.2AI Score

0.001EPSS

2024-06-04 09:45 AM
2
f5
f5

K000139897: Linux kernel vulnerability CVE-2023-42753

Security Advisory Description An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h-&gt;nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer...

7.8CVSS

6.4AI Score

0.0004EPSS

2024-06-04 12:00 AM
5
qualysblog
qualysblog

PCI DSS 4.0: Get Audit-Ready for the New Requirements

The Payment Card Industry Data Security Standard (PCI DSS) originated in 2004 and is managed by the PCI Security Standards Council to ensure security for the global payment industry. This mandate applies to all entities worldwide that store, process, or transmit payment cardholder data or...

7.6AI Score

2024-06-03 05:41 PM
2
mssecure
mssecure

Microsoft is named a leader in the Forrester Wave for XDR

“Defenders think in lists, attackers think in graphs.”1 This remains a reality for the many organizations that operate across siloed security tools, fueling the demand on security operations (SOC) teams, as advanced cyberattacks continue to increase in frequency and speed. That’s where extended...

6.8AI Score

2024-06-03 04:00 PM
2
mssecure
mssecure

Microsoft is named a leader in the Forrester Wave for XDR

“Defenders think in lists, attackers think in graphs.”1 This remains a reality for the many organizations that operate across siloed security tools, fueling the demand on security operations (SOC) teams, as advanced cyberattacks continue to increase in frequency and speed. That’s where extended...

9.2AI Score

2024-06-03 04:00 PM
601
thn
thn

Researchers Uncover RAT-Dropping npm Package Targeting Gulp Users

Cybersecurity researchers have uncovered a new suspicious package uploaded to the npm package registry that's designed to drop a remote access trojan (RAT) on compromised systems. The package in question is glup-debugger-log, which targets users of the gulp toolkit by masquerading as a "logger for....

8AI Score

2024-06-03 02:00 PM
5
ibm
ibm

Security Bulletin: Multiple vulnerabilities in eclipse jetty affect IBM Business Automation Workflow

Summary IBM Business Automation Workflow packages a vulnerable version of the eclipse jetty library. Vulnerability Details ** CVEID: CVE-2020-27216 DESCRIPTION: **Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the...

7.5CVSS

7.1AI Score

0.802EPSS

2024-06-03 01:36 PM
4
ibm
ibm

Security Bulletin: Gunicorn-20.1.0-py3-none-any.whl is vulnerable to CVE-2024-1135 used in IBM Maximo Application Suite - Edge Data Collector

Summary IBM Maximo Application Suite - Edge Data Collector uses Gunicorn-20.1.0-py3-none-any.whl which is vulnerable to CVE-2024-1135 Vulnerability Details ** CVEID: CVE-2024-1135 DESCRIPTION: **Gunicorn is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP...

7.5CVSS

5.3AI Score

0.0004EPSS

2024-06-03 12:13 PM
3
schneier
schneier

Seeing Like a Data Structure

Technology was once simply a tool--and a small one at that--used to amplify human intent and capacity. That was the story of the industrial revolution: we could control nature and build large, complex human societies, and the more we employed and mastered technology, the better things got. We...

6.9AI Score

2024-06-03 11:06 AM
5
ibm
ibm

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container (ACEcc) is built on the Red Hat Universal Base Images. ACEcc operator versions 5.0.18 (LTS) and 11.6.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities.....

7.1CVSS

8.9AI Score

0.003EPSS

2024-06-03 10:05 AM
4
securelist
securelist

IT threat evolution in Q1 2024. Non-mobile statistics

IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics The statistics presented here are based on detection verdicts by Kaspersky products and services received from users who consented to providing statistical data. Quarterly.....

6.9AI Score

2024-06-03 10:00 AM
6
f5
f5

K000139877: Linux kernel vulnerabilities CVE-2021-47076 and CVE-2021-47080

Security Advisory Description CVE-2021-47076 In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Return CQE error if invalid lkey was supplied RXE is missing update of WQE status in LOCAL_WRITE failures. This caused the following kernel panic if someone sent an atomic...

5.6AI Score

0.0004EPSS

2024-06-03 12:00 AM
5
nessus
nessus

RHEL 9 : mod_security_crs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. mod_security_crs: Content-Type or Content-Transfer-Encoding MIME header fields abuse (CVE-2022-39956) ...

9.8CVSS

9.7AI Score

0.013EPSS

2024-06-03 12:00 AM
1
nessus
nessus

RHEL 8 : mod_security_crs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. mod_security_crs: Content-Type or Content-Transfer-Encoding MIME header fields abuse (CVE-2022-39956) ...

9.8CVSS

7.2AI Score

0.013EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 8 : mod_security (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. modsecurity: lacking the complete content in FILES_TMP_CONTENT leads to web application firewall...

9.8CVSS

7.7AI Score

0.005EPSS

2024-06-03 12:00 AM
1
Total number of security vulnerabilities51221