SuperSize Me By Floser Bacurio Jr., Bernadette Canubas, Michaelo Oliveros · April 02, 2024 Introduction Cyber attackers are always finding new ways to outsmart security systems and distribute malware effectively. We discovered an interesting detection evasion technique of delivering archive files.....
7.2AI Score
Free VPN apps turn Android phones into criminal proxies
Researchers at HUMAN’s Satori Threat Intelligence have discovered a disturbing number of VPN apps that turn users' devices into proxies for cybercriminals without their knowledge, as part of a camapign called PROXYLIB. Cybercriminals and state actors like to send their traffic through other...
7.5AI Score
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been found in Replify-Messenger 1.0 on Android. This issue affects some unknown processing of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup...
2.4CVSS
6.5AI Score
0.0004EPSS
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been found in Replify-Messenger 1.0 on Android. This issue affects some unknown processing of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup...
2.4CVSS
3.6AI Score
0.0004EPSS
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On February 21st, 2024, during our second Bug Bounty Extravaganza,.....
7.2CVSS
6.2AI Score
0.0004EPSS
CVE-2024-3128 Replify-Messenger Backup File androidmanifest.xml backup
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been found in Replify-Messenger 1.0 on Android. This issue affects some unknown processing of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup...
2.4CVSS
4AI Score
0.0004EPSS
Detecting Windows-based Malware Through Better Visibility
Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren't just an inconvenience that hurt businesses and end users - they damage the economy, endanger lives, destroy businesses and put national...
7AI Score
Malicious Apps Caught Secretly Turning Android Phones into Proxies for Cybercriminals
Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store. The findings come from HUMAN's Satori Threat Intelligence team, which said the cluster of VPN apps came fitted....
7AI Score
Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities
The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. "Vultur has also started masquerading more of its...
7.7AI Score
Amazon Linux 2 : squid (ALAS-2024-2509)
The version of squid installed on the remote host is prior to 3.5.20-17. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2509 advisory. An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext....
9.3CVSS
7.9AI Score
0.034EPSS
K000139140 : util-linux vulnerability CVE-2024-28085
Security Advisory Description wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not...
7AI Score
0.0005EPSS
K000139141 : liblzma vulnerability CVE-2024-3094
Security Advisory Description Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to....
10CVSS
9.3AI Score
0.133EPSS
The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple...
10CVSS
8.9AI Score
0.0004EPSS
The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple...
10CVSS
9.1AI Score
0.0004EPSS
The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple...
10CVSS
6.5AI Score
0.0004EPSS
The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple...
10CVSS
9.2AI Score
0.0004EPSS
Cross-Site Request Forgery (CSRF) vulnerability in All In One WP Security & Firewall Team All In One WP Security & Firewall.This issue affects All In One WP Security & Firewall: from n/a through...
4.3CVSS
4.6AI Score
0.0004EPSS
Cross-Site Request Forgery (CSRF) vulnerability in All In One WP Security & Firewall Team All In One WP Security & Firewall.This issue affects All In One WP Security & Firewall: from n/a through...
4.3CVSS
6.8AI Score
0.0004EPSS
Cross-Site Request Forgery (CSRF) vulnerability in All In One WP Security & Firewall Team All In One WP Security & Firewall.This issue affects All In One WP Security & Firewall: from n/a through...
4.3CVSS
5AI Score
0.0004EPSS
TheMoon Botnet Resurfaces, Exploiting EoL Devices to Power Criminal Proxy
A botnet previously considered to be rendered inert has been observed enslaving end-of-life (EoL) small home/small office (SOHO) routers and IoT devices to fuel a criminal proxy service called Faceless. "TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots...
7.5AI Score
K000139092 : DNS vulnerability CVE-2023-50387
Security Advisory Description Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a...
7.5CVSS
7.7AI Score
0.05EPSS
Description The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on....
10CVSS
6.4AI Score
0.0004EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (March 18, 2024 to March 24, 2024)
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 94 vulnerabilities disclosed in 81 WordPress.....
9.9CVSS
9.4AI Score
0.001EPSS
K000139084 : DNS vulnerability CVE-2023-50868
Security Advisory Description The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3"...
7.6AI Score
0.0005EPSS
Security Bulletin: IBM Planning Analytics Workspace has addressed multiple vulnerabilities
Summary IBM Planning Analytics Workspace is considered vulnerable to a Malicious File Upload vulnerability which could allow a privileged user to upload malicious files that can be automatically processed within the product (CVE-2023-42017). This vulnerability has been addressed. IBM Planning...
9.8CVSS
10AI Score
EPSS
Security Bulletin: IBM DevOps Release 7.0.0.1 addresses multiple vulnerabilities.
Summary IBM DevOps Release 7.0.0.1 addresses multiple vulnerabilities. Vulnerability Details ** CVEID: CVE-2024-21733 DESCRIPTION: **Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the leaking of unrelated request bodies in default error page. By sending a...
7.5CVSS
7.5AI Score
0.007EPSS
Security Bulletin: IBM DevOps Build 7.0.0.1 addresses multiple vulnerabilities.
Summary IBM DevOps Build 7.0.0.1 addresses multiple vulnerabilities. Vulnerability Details ** CVEID: CVE-2024-21733 DESCRIPTION: **Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the leaking of unrelated request bodies in default error page. By sending a...
7.5CVSS
7.5AI Score
0.007EPSS
Security Bulletin: Multiple Vulnerabilities in IBM Operations Analytics Predictive Insights.
Summary Multiple vulnerabilities were addressed in IBM Operations Analytics Predictive Insights 1.3.6 iFix 8 Vulnerability Details ** CVEID: CVE-2022-46337 DESCRIPTION: **Apache Derby could allow a remote attacker to bypass security restrictions, caused by a LDAP injection vulnerability in...
9.8CVSS
8.6AI Score
0.186EPSS
SASE Solutions Fall Short Without Enterprise Browser Extensions, New Report Reveals
As SaaS applications dominate the business landscape, organizations need optimized network speed and robust security measures. Many of them have been turning to SASE, a product category that offers cloud-based network protection while enhancing network infrastructure performance. However, a new...
7.4AI Score
github.com/chirpstack/chirpstack-gateway-bridge/ is vulnerable to Firewall Bypass. The vulnerability is due to the firewall accepting specific TCP packets outside the ESTABLISHED connection...
6.8AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: netavark-1.10.3-3.fc40
OCI network stack Netavark is a rust based network stack for containers. It is being designed to work with Podman but is also applicable for other OCI container management applications. Netavark is a tool for configuring networking for Linux containers. Its features include: * Configuration of...
8.6CVSS
8.7AI Score
0.0005EPSS
Fedora: Security Advisory for netavark (FEDORA-2024-a267e93f8c)
The remote host is missing an update for...
8.6CVSS
8.7AI Score
0.0005EPSS
K000139064 : Apache vulnerabilities CVE-2009-2299, CVE-2012-3526, CVE-2012-4001, and CVE-2012-4360
Security Advisory Description CVE-2009-2299 The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via...
6.6AI Score
0.038EPSS
Crafting Shields: Defending Minecraft Servers Against DDoS Attacks
Minecraft, with over 500 million registered users and 166 million monthly players, faces significant risks from distributed denial-of-service (DDoS) attacks, threatening server functionality, player experience, and the game's reputation. Despite the prevalence of DDoS attacks on the game, the...
7.2AI Score
K000139043 : Apache Struts vulnerabilities CVE-2016-4430, CVE-2016-4431, and CVE-2016-4433
Security Advisory Description CVE-2016-4430 Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors. CVE-2016-4431 Apache Struts 2 2.3.20 through 2.3.28.1 allows remote...
8.8CVSS
7.4AI Score
0.009EPSS
Security Advisory Description CVE-2011-1176 The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which...
8.6AI Score
0.018EPSS
K000139026 : NTP vulnerability CVE-2009-3563
Security Advisory Description ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE.....
6.9AI Score
0.965EPSS
Fedora: Security Advisory for wireshark (FEDORA-2024-4115ab9959)
The remote host is missing an update for...
7.1AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: wireshark-4.2.3-1.fc40
Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...
6.7AI Score
0.0004EPSS
K000138990 : BIND vulnerability CVE-2023-4408
Security Advisory Description The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this....
7.5CVSS
7.2AI Score
0.001EPSS
Summary IBM Storage Copy Data Management can be affected by vulnerabilities in Apache Tomcat, Apache Commons FileUpload, and Apache Axis. A remote attacker could exploit these vulnerabilities to cause a denial of service condition, to obtain a session cookie, sensitive and Http11Processor instance....
8.6CVSS
9.9AI Score
0.034EPSS
Cross-site Scripting in Moodle Chat
The Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance degradation. NOTE: the vendor's Using_Chat page says "If you know some HTML code, you can use it in your text to do things like insert...
6.5AI Score
0.0004EPSS
Cross-site Scripting in Moodle Chat
The Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance degradation. NOTE: the vendor's Using_Chat page says "If you know some HTML code, you can use it in your text to do things like insert...
6.5AI Score
0.0004EPSS
The Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance degradation. NOTE: the vendor's Using_Chat page says "If you know some HTML code, you can use it in your text to do things like insert...
6.4AI Score
0.0004EPSS
The Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance degradation. NOTE: the vendor's Using_Chat page says "If you know some HTML code, you can use it in your text to do things like insert...
6.2AI Score
0.0004EPSS
Implementing Zero Trust Controls for Compliance
The ThreatLocker® Zero Trust Endpoint Protection Platform implements a strict deny-by-default, allow-by-exception security posture to give organizations the ability to set policy-based controls within their environment and mitigate countless cyber threats, including zero-days, unseen network...
7.1AI Score
The Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance degradation. NOTE: the vendor's Using_Chat page says "If you know some HTML code, you can use it in your text to do things like insert...
6.4AI Score
0.0004EPSS
K000138989 : BIND vulnerability CVE-2023-5517
Security Advisory Description A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response....
7.5CVSS
7.3AI Score
0.001EPSS
K000138991 : BIND vulnerability CVE-2023-6516
Security Advisory Description To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is...
7.5CVSS
7AI Score
0.001EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (March 11, 2024 to March 17, 2024)
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 163 vulnerabilities disclosed in 126...
10CVSS
10AI Score
0.001EPSS