K000137871 : Linux kernel vulnerability CVE-2023-35001
Security Advisory Description Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace (CVE-2023-35001) Impact This vulnerability may allow an authenticated attacker with local access to...
7.8CVSS
6.7AI Score
0.0005EPSS
K000137887 : Oracle GraalVM vulnerability CVE-2023-22091
Security Advisory Description Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3......
4.8CVSS
5.6AI Score
0.001EPSS
K000137875 : PostGreSQL vulnerability CVE-2018-1058
Security Advisory Description A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected....
8.8CVSS
6.7AI Score
0.005EPSS
Uptime Kuma is an easy-to-use self-hosted monitoring tool. Prior to version 1.23.9, the application uses WebSocket (with Socket.io), but it does not verify that the source of communication is valid. This allows third-party website to access the application on behalf of their client. When...
8.8CVSS
6.7AI Score
0.001EPSS
Uptime Kuma is an easy-to-use self-hosted monitoring tool. Prior to version 1.23.9, the application uses WebSocket (with Socket.io), but it does not verify that the source of communication is valid. This allows third-party website to access the application on behalf of their client. When...
8.8CVSS
8.7AI Score
0.001EPSS
Uptime Kuma is an easy-to-use self-hosted monitoring tool. Prior to version 1.23.9, the application uses WebSocket (with Socket.io), but it does not verify that the source of communication is valid. This allows third-party website to access the application on behalf of their client. When...
8.8CVSS
0.001EPSS
Cross site request forgery (csrf)
Uptime Kuma is an easy-to-use self-hosted monitoring tool. Prior to version 1.23.9, the application uses WebSocket (with Socket.io), but it does not verify that the source of communication is valid. This allows third-party website to access the application on behalf of their client. When...
8.8CVSS
6.9AI Score
0.001EPSS
CVE-2023-49805 Uptime Kuma Missing Origin Validation in WebSockets
Uptime Kuma is an easy-to-use self-hosted monitoring tool. Prior to version 1.23.9, the application uses WebSocket (with Socket.io), but it does not verify that the source of communication is valid. This allows third-party website to access the application on behalf of their client. When...
6CVSS
8.9AI Score
0.001EPSS
At Rapid7, our Customer Advisors play a pivotal role at ensuring our customers understand their threat landscape – and feel confident in their security programs. By collaborating across various internal teams, strengthening customer relationships, and proactively seeking solutions and advocating...
6.7AI Score
Critical Unauthenticated Remote Code Execution Found in Backup Migration Plugin
Wordfence just launched its bug bounty program. Through December 20th 2023, all researchers will earn 6.25x our normal bounty rates when Wordfence handles responsible disclosure for our Holiday Bug Extravaganza! The researcher who reported this vulnerability was awarded $2,751.00! Register as a...
9.8CVSS
9.4AI Score
0.935EPSS
Cisco Talos recently discovered a new campaign conducted by the Lazarus Group we're calling "Operation Blacksmith," employing at least three new DLang-based malware families, two of which are remote access trojans (RATs), where one of these uses Telegram bots and channels as a medium of command...
10CVSS
10AI Score
0.976EPSS
Douglas-042 - Powershell Script To Help Speed Up Threat Hunting Incident Response Processes
DOUGLAS-042 stands as an ingenious embodiment of a PowerShell script meticulously designed to expedite the triage process and facilitate the meticulous collection of crucial evidence derived from both forensic artifacts and the ephemeral landscape of volatile data. Its fundamental mission revolves....
7.1AI Score
SpyLoan Scandal: 18 Malicious Loan Apps Defraud Millions of Android Users
Cybersecurity researchers have discovered 18 malicious loan apps for Android on the Google Play Store that have been collectively downloaded over 12 million times. "Despite their attractive appearance, these services are in fact designed to defraud users by offering them high-interest-rate loans...
7.1AI Score
Insights into your unpatched vulnerabilities
Every day, nearly 70 brand-new vulnerabilities are discovered in software products around the world. That’s almost 25,550 new problems each year, of which roughly 4,250 (or every one-in-six) will be classified as “critical.” But with little guidance beyond “critical” classifications—and with the...
10CVSS
8.6AI Score
0.609EPSS
Story of the year: the impact of AI on cybersecurity
In the whirlwind of technological advancements and societal transformations, the term "AI" has undoubtedly etched itself into the forefront of global discourse. Over the past twelve months, this abbreviation has resonated across innumerable headlines, business surveys and tech reports, firmly...
7.7AI Score
JVN#34145838: Multiple denial-of-service (DoS) vulnerabilities in JTEKT ELECTRONICS HMI GC-A2 series
HMI GC-A2 series provided by JTEKT ELECTRONICS CORPORATION contains multiple denial-of-service (DoS) vulnerabilities listed below. Denial-of-service (DoS) vulnerability in FTP service (CWE-400) - CVE-2023-41963 Version| Vector| Score ---|---|--- CVSS v3|...
7.5CVSS
7.7AI Score
0.001EPSS
K000137864 : Squid vulnerabilities CVE-2023-46846, CVE-2023-46847, CVE-2023-46848
Security Advisory Description CVE-2023-46846 SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. CVE-2023-46847 Squid is vulnerable to a Denial of Service,...
7.5CVSS
7.5AI Score
0.03EPSS
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2bc376c0-977e-11ee-b4bc-b42e991fc52e advisory. Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum...
9.1CVSS
9.4AI Score
0.004EPSS
PSA: High Severity File Upload Vulnerability in Elementor Patched
On December 6, 2023, the Wordfence team noticed a changelog entry for version 3.18.1 of Elementor, a WordPress plugin installed on nearly 9 million sites. We did not discover the original vulnerability and only became aware of it after reviewing the changelog containing a partial patch. We...
7.4AI Score
0.001EPSS
Cybersecurity considerations to have when shopping for holiday gifts
As I wrote about last week, there are holiday shopping-related scams already popping up all over the place. But another aspect of security that many shoppers don't consider this time of year is the security of the products they're buying, even through a legitimate online marketplace. This is a...
8.8CVSS
7.4AI Score
0.003EPSS
Summary There are multiple vulnerabilities in components of IBM i Modernization Engine for Lifecycle Integration as described in the Vulnerability Details section. Apache Tomcat is vulnerable to a denial of service (CVE-2023-44487), vulnerable to HTTP request smuggling (CVE-2023-45648), and could.....
7.5CVSS
8.1AI Score
0.732EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (November 27, 2023 to December 3, 2023)
Wordfence just launched its bug bounty program. Through December 20th 2023, all researchers will earn 6.25x our normal bounty rates when Wordfence handles responsible disclosure for our Holiday Bug Extravaganza! Register as a researcher and submit your vulnerabilities today! Last week, there were.....
9.8CVSS
9.6AI Score
EPSS
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive – Browse, Upload, Download, Embed,...
6.1CVSS
6.2AI Score
0.0005EPSS
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive – Browse, Upload, Download, Embed,...
6.1CVSS
0.0005EPSS
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive – Browse, Upload, Download, Embed,...
6.1CVSS
7.1AI Score
0.0005EPSS
CVE-2023-47548 WordPress Integrate Google Drive Plugin <= 1.3.2 is vulnerable to Open Redirection
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive – Browse, Upload, Download, Embed,...
4.7CVSS
6.5AI Score
0.0005EPSS
Hacking the Human Mind: Exploiting Vulnerabilities in the 'First Line of Cyber Defense'
_Humans are complex beings with consciousness, emotions, and the capacity to act based on thoughts. In the ever-evolving realm of cybersecurity, humans consistently remain primary targets for attackers. Over the years, these attackers have developed their expertise in exploiting various human...
7.8AI Score
PSA: Critical POP Chain Allowing Remote Code Execution Patched in WordPress 6.4.2
WordPress 6.4.2 was released today, on December 6, 2023. It includes a patch for a POP chain introduced in version 6.4 that, combined with a separate Object Injection vulnerability, could result in a Critical-Severity vulnerability allowing attackers to execute arbitrary PHP code on the site. We...
9.1AI Score
How IT teams can conduct a vulnerability assessment for third-party applications
Google Chrome, Adobe Acrobat Reader, TeamViewer, you name it—there’s no shortage of third-party apps that IT teams need to constantly check for vulnerabilities. But to get a better picture of the problem, let's bust out some napkin math. The average company uses about 200 applications overall....
7.2AI Score
ICANN Launches Service to Help With WHOIS Lookups
More than five years after domain name registrars started redacting personal data from all public domain registration records, the non-profit organization overseeing the domain industry has introduced a centralized online service designed to make it easier for researchers, law enforcement and...
7.1AI Score
Addressing post-quantum cryptography with CodeQL
When you hear the words, "quantum computing," it sounds like something out of a science fiction movie. Yet in recent years, quantum computing has become a hot topic, especially in the world of cryptography. Post-quantum cryptography raises many questions and challenges, and a group of researchers.....
7.2AI Score
Imperva named an Overall Leader We're thrilled to share that Imperva has achieved the prestigious status of Overall Leader in the KuppingerCole Leadership Compass: API Security and Management report. Our Leadership excels across the sub-categories of Product, Innovation, and Market Leadership and.....
7.3AI Score
A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. This vulnerability is due to improper...
6.8AI Score
0.001EPSS
Security Advisory 0090 _._CSAF PDF Date: December 5, 2023 Revision | Date | Changes ---|---|--- 1.0 | December 5, 2023 | Initial release The CVE-ID tracking this issue: CVE-2023-24547 CVSSv3.1 Base Score: 5.9 (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H) Common Weakness Enumeration: CWE-212:...
6.5CVSS
5.7AI Score
0.0005EPSS
FreeBSD -- TCP spoofing vulnerability in pf(4)
Problem Description: As part of its stateful TCP connection tracking implementation, pf performs sequence number validation on inbound packets. This makes it difficult for a would-be attacker to spoof the sender and inject packets into a TCP stream, since crafted packets must...
7.5CVSS
7AI Score
0.0005EPSS
K000137798 : Dbus Subscription Manager vulnerability CVE-2023-3899
Security Advisory Description A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By...
7.8CVSS
6.6AI Score
0.0004EPSS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:17.pf Security Advisory The FreeBSD Project Topic: TCP spoofing vulnerability in pf(4) Category: core Module: pf Announced: 2023-12-05 Credits: Yuxiang Yang,.....
7.5CVSS
6.9AI Score
0.0005EPSS
FreeBSD : FreeBSD -- TCP spoofing vulnerability in pf(4) (9cbbc506-93c1-11ee-8e38-002590c1f29c)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9cbbc506-93c1-11ee-8e38-002590c1f29c advisory. As part of its stateful TCP connection tracking implementation, pf performs sequence number ...
7.5CVSS
7.4AI Score
0.0005EPSS
K000137790 : Linux kernel vulnerability CVE-2023-3609
Security Advisory Description A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference...
7.8CVSS
6.8AI Score
0.0004EPSS
K000137791 : Linux kernel vulnerability CVE-2023-35788
Security Advisory Description An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege...
7.8CVSS
7.2AI Score
0.001EPSS
Project PowerUp – Helping to keep the lights on in Ukraine in the face of electronic warfare
As Russia's invasion of Ukraine entered its first winter in late 2022, nearly half of Ukraine's energy infrastructure had been destroyed, leaving millions without power. The resulting energy deficit has exacerbated something that hasn't had much media attention: The effects of electronic GPS...
6.9AI Score
Imperva & Thales: Pioneering a New Era in Cybersecurity
Imperva has been a beacon of excellence for over twenty years in the digital protection landscape, where innovation is paramount. Renowned for its groundbreaking products, Imperva has not just secured applications, APIs, and data for the world's leading organizations but has done so with...
7.3AI Score
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...
5.5CVSS
0.0004EPSS
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...
5.5CVSS
0.0004EPSS
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...
5.5CVSS
0.0004EPSS
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...
5.5CVSS
5.3AI Score
0.0004EPSS
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...
5.5CVSS
5.3AI Score
0.0004EPSS
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...
5.5CVSS
5.3AI Score
0.0004EPSS
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...
5.5CVSS
0.0004EPSS
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges...
5.5CVSS
5.3AI Score
0.0004EPSS