Lucene search

K

Ryzen™ 4000 Series Processors Security Vulnerabilities

rubygems
rubygems

Arbitrary memory address read vulnerability with Regex search

If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. We recommend to update the Ruby to version 3.3.1 or later. In order to ensure compatibility with older Ruby...

7.3AI Score

EPSS

2024-04-22 09:00 PM
6
krebs
krebs

Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme

The head of counterintelligence for a division of the Russian Federal Security Service (FSB) was sentenced last week to nine years in a penal colony for accepting a USD $1.7 million bribe to ignore the activities of a prolific Russian cybercrime group that hacked thousands of e-commerce websites......

6.8AI Score

2024-04-22 08:07 PM
7
thn
thn

ToddyCat Hacker Group Uses Advanced Tools for Industrial-Scale Data Theft

The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments and steal valuable data. Russian cybersecurity firm Kaspersky characterized the adversary as relying on various programs to harvest data on an "industrial scale" from...

6.9AI Score

2024-04-22 03:11 PM
23
thn
thn

Researchers Uncover Windows Flaws Granting Hackers Rootkit-Like Powers

New research has found that the DOS-to-NT path conversion process could be exploited by threat actors to achieve rootkit-like capabilities to conceal and impersonate files, directories, and processes. "When a user executes a function that has a path argument in Windows, the DOS path at which the...

7.8CVSS

7.9AI Score

0.001EPSS

2024-04-22 09:22 AM
34
ibm
ibm

Security Bulletin: IBM Security Verify Governance - Identity Manager has multiple vulnerabilities

Summary Multiple security vulnerabilities have been addressed in updates to IBM Security Verify Governance - Identity Manager software component and IBM Security Verify Governance - Identity Manager virtual appliance component. Vulnerability Details ** CVEID: CVE-2023-26119 DESCRIPTION:...

9.8CVSS

10AI Score

0.164EPSS

2024-04-22 06:05 AM
17
nessus
nessus

Mitsubishi MELSEC-Q/L Series Integer Overflow or Wraparound (CVE-2024-1917)

Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. This plugin only works with Tenable.ot....

9.8CVSS

7.8AI Score

0.0004EPSS

2024-04-21 12:00 AM
11
nessus
nessus

Mitsubishi MELSEC-Q/L Series Incorrect Pointer Scaling (CVE-2024-0802)

Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from a target product or execute malicious code on a target product by sending a specially crafted...

9.8CVSS

7.5AI Score

0.0004EPSS

2024-04-21 12:00 AM
6
nessus
nessus

Mitsubishi MELSEC-Q/L Series Integer Overflow or Wraparound (CVE-2024-0803)

Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. This plugin only works with Tenable.ot....

9.8CVSS

7.8AI Score

0.0004EPSS

2024-04-21 12:00 AM
5
nessus
nessus

Mitsubishi MELSEC-Q/L Series Incorrect Pointer Scaling (CVE-2024-1915)

Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. This plugin only works with Tenable.ot. Please...

9.8CVSS

7.7AI Score

0.0004EPSS

2024-04-21 12:00 AM
8
nessus
nessus

Mitsubishi MELSEC-Q/L Series Integer Overflow or Wraparound (CVE-2024-1916)

Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. This plugin only works with Tenable.ot....

9.8CVSS

7.8AI Score

0.0004EPSS

2024-04-21 12:00 AM
5
nvd
nvd

CVE-2024-4018

Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit (local appliance api modules) allows Privilege Escalation.This issue affects U-Series Appliance: from 3.4 before...

8.8CVSS

8.8AI Score

0.0004EPSS

2024-04-19 09:15 PM
cve
cve

CVE-2024-4017

Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit (filesystem modules) allows DLL Side-Loading.This issue affects U-Series Appliance: from 3.4 before...

8.8CVSS

6.9AI Score

0.0004EPSS

2024-04-19 09:15 PM
37
nvd
nvd

CVE-2024-4017

Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit (filesystem modules) allows DLL Side-Loading.This issue affects U-Series Appliance: from 3.4 before...

8.8CVSS

8.8AI Score

0.0004EPSS

2024-04-19 09:15 PM
1
cve
cve

CVE-2024-4018

Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit (local appliance api modules) allows Privilege Escalation.This issue affects U-Series Appliance: from 3.4 before...

8.8CVSS

6.9AI Score

0.0004EPSS

2024-04-19 09:15 PM
36
cvelist
cvelist

CVE-2024-4017 Privilege Escalation in U-Series Appliance

Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit (filesystem modules) allows DLL Side-Loading.This issue affects U-Series Appliance: from 3.4 before...

8.8CVSS

8.9AI Score

0.0004EPSS

2024-04-19 08:40 PM
1
vulnrichment
vulnrichment

CVE-2024-4017 Privilege Escalation in U-Series Appliance

Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit (filesystem modules) allows DLL Side-Loading.This issue affects U-Series Appliance: from 3.4 before...

8.8CVSS

7AI Score

0.0004EPSS

2024-04-19 08:40 PM
cvelist
cvelist

CVE-2024-4018 Privilege Escalation in U-Series Appliance

Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit (local appliance api modules) allows Privilege Escalation.This issue affects U-Series Appliance: from 3.4 before...

8.8CVSS

8.9AI Score

0.0004EPSS

2024-04-19 08:29 PM
thn
thn

Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers

Threat actors behind the Akira ransomware group have extorted approximately $42 million in illicit proceeds after breaching the networks of more than 250 victims as of January 1, 2024. "Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities.....

9.1CVSS

8.2AI Score

0.027EPSS

2024-04-19 11:01 AM
31
ubuntu
ubuntu

Linux kernel vulnerabilities

Releases Ubuntu 23.10 Ubuntu 22.04 LTS Packages linux - Linux kernel linux-aws - Linux kernel for Amazon Web Services (AWS) systems linux-aws-6.5 - Linux kernel for Amazon Web Services (AWS) systems linux-azure - Linux kernel for Microsoft Azure Cloud systems linux-gcp - Linux kernel for...

7.8CVSS

7.2AI Score

0.0004EPSS

2024-04-19 12:00 AM
15
ubuntu
ubuntu

Linux kernel vulnerabilities

Releases Ubuntu 20.04 LTS Ubuntu 18.04 ESM Packages linux - Linux kernel linux-aws - Linux kernel for Amazon Web Services (AWS) systems linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems linux-azure - Linux kernel for Microsoft Azure Cloud systems linux-azure-5.4 - Linux kernel...

7.8CVSS

7.2AI Score

0.003EPSS

2024-04-19 12:00 AM
11
nessus
nessus

Cisco Integrated Management Controller CLI Command Injection (cisco-sa-cimc-cmd-inj-mUx4c5AJ)

According to its self-reported version, Cisco Integrated Management Controller CLI is affected by a command injection vulnerability. Due to insufficient validation of user-supplied input, the vulnerability could allow an authenticated, local attacker to perform command injection attacks on the...

8.8CVSS

8.9AI Score

0.0004EPSS

2024-04-19 12:00 AM
8
nessus
nessus

Mitsubishi MELSEC iQ-F Series Insufficient Resource Pool (CVE-2023-7033)

Insufficient Resource Pool vulnerability in Ethernet function of Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote attacker to cause a temporary Denial of Service condition for a certain period of time in Ethernet communication of the products by performing TCP SYN...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-04-19 12:00 AM
5
talosblog
talosblog

Could the Brazilian Supreme Court finally hold people accountable for sharing disinformation?

If you're a regular reader of this newsletter, you already know about how strongly I feel about the dangers of spreading fake news, disinformation and misinformation. And honestly, if you're reading this newsletter, I probably shouldn't have to tell you about that either. But one of the things...

7.8AI Score

2024-04-18 06:00 PM
9
qualysblog
qualysblog

TotalCloud Insights: Safeguarding Your Cloud Database from SQL Server Threats and Lateral Movement Risks

Introduction In today's tech-driven world, cloud computing has completely changed how businesses store and manage their data. It offers many advantages, like flexibility, scalability, and cost savings, making it a go-to choice for organizations of all sizes. Keeping your data secure, especially in....

8.1AI Score

2024-04-18 02:00 PM
8
ics
ics

Mitsubishi Electric MELSEC iQ-R Series (Update B)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Corporation Equipment: MELSEC iQ-R Series CPU Module Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Insufficiently Protected Credentials, Overly Restrictive Account.....

9.1CVSS

7.4AI Score

0.004EPSS

2024-04-18 12:00 PM
20
ics
ics

Mitsubishi Electric MELSEC iQ-R Series (Update B)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: MELSEC iQ-R Series CPU Module Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this...

9.1CVSS

7.5AI Score

0.003EPSS

2024-04-18 12:00 PM
23
schneier
schneier

Other Attempts to Take Over Open Source Projects

After the XZ Utils discovery, people have been examining other open-source projects. Surprising no one, the incident is not unique: The OpenJS Foundation Cross Project Council received a suspicious series of emails with similar messages, bearing different names and overlapping GitHub-associated...

7.3AI Score

2024-04-18 11:06 AM
8
securelist
securelist

DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware

Introduction In February 2024, we discovered a new malware campaign targeting government entities in the Middle East. We dubbed it "DuneQuixote"; and our investigation uncovered over 30 DuneQuixote dropper samples actively employed in the campaign. These droppers, which exist in two versions –...

7.8AI Score

2024-04-18 10:00 AM
20
nessus
nessus

Amazon Linux 2 : tomcat (ALAS-2024-2517)

The version of tomcat installed on the remote host is prior to 7.0.76-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2517 advisory. Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the...

7.5CVSS

7.4AI Score

0.034EPSS

2024-04-18 12:00 AM
6
nessus
nessus

Juniper Junos OS Vulnerability (JSA75757)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75757 advisory. An Improper Validation of Syntactic Correctness of Input vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated,...

7.5CVSS

7.2AI Score

0.0005EPSS

2024-04-18 12:00 AM
5
nessus
nessus

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1322-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1322-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...

7.8CVSS

8.4AI Score

EPSS

2024-04-18 12:00 AM
18
nessus
nessus

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1321-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1321-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...

7.8CVSS

8AI Score

EPSS

2024-04-18 12:00 AM
15
googleprojectzero
googleprojectzero

The Windows Registry Adventure #1: Introduction and research results

Posted by Mateusz Jurczyk, Google Project Zero In the 20-month period between May 2022 and December 2023, I thoroughly audited the Windows Registry in search of local privilege escalation bugs. It all started unexpectedly: I was in the process of developing a coverage-based Windows kernel fuzzer...

7.8CVSS

8.3AI Score

0.049EPSS

2024-04-18 12:00 AM
12
nessus
nessus

Juniper Junos OS Vulnerability (JSA75744)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75744 advisory. An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Network Junos OS on MX Series allows a network based attacker with low...

6.5CVSS

7.2AI Score

0.0004EPSS

2024-04-18 12:00 AM
5
nessus
nessus

Juniper Junos OS Vulnerability (JSA75742)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75742 advisory. A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in the Flow-processing Daemon (flowd) of Juniper Networks...

5.9CVSS

7.3AI Score

0.001EPSS

2024-04-18 12:00 AM
4
nessus
nessus

Juniper Junos OS Vulnerability (JSA75747)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75747 advisory. A Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a...

7.5CVSS

7.2AI Score

0.001EPSS

2024-04-18 12:00 AM
3
googleprojectzero
googleprojectzero

The Windows Registry Adventure #2: A brief history of the feature

Posted by Mateusz Jurczyk, Google Project Zero Before diving into the low-level security aspects of the registry, it is important to understand its role in the operating system and a bit of history behind it. In essence, the registry is a hierarchical database made of named "keys" and "values",...

6.3AI Score

2024-04-18 12:00 AM
4
nessus
nessus

Juniper Junos OS Vulnerability (JSA75733)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75733 advisory. A Heap-based Buffer Overflow vulnerability in the Network Services Daemon (NSD) of Juniper Networks Junos OS allows authenticated, low privileged, local attacker to...

5.5CVSS

7.3AI Score

0.0004EPSS

2024-04-18 12:00 AM
3
nvd
nvd

CVE-2024-31040

Buffer Overflow vulnerability in the get_var_integer function in mqtt_parser.c in NanoMQ 0.21.7 allows remote attackers to cause a denial of service via a series of specially crafted...

6.6AI Score

0.0004EPSS

2024-04-17 07:15 PM
cve
cve

CVE-2024-31040

Buffer Overflow vulnerability in the get_var_integer function in mqtt_parser.c in NanoMQ 0.21.7 allows remote attackers to cause a denial of service via a series of specially crafted...

6.9AI Score

0.0004EPSS

2024-04-17 07:15 PM
25
redhatcve
redhatcve

CVE-2024-26909

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free A recent DRM series purporting to simplify support for "transparent bridges" and handling of probe deferrals ironically exposed a use-after-free issue on...

5.5CVSS

7AI Score

0.0004EPSS

2024-04-17 05:54 PM
9
cisco
cisco

Cisco IOS and IOS XE Software SNMP Extended Named Access Control List Bypass Vulnerability

A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to...

7AI Score

EPSS

2024-04-17 04:00 PM
17
cisco
cisco

Cisco Integrated Management Controller CLI Command Injection Vulnerability

A vulnerability in the CLI of the Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have read-only or...

6.9AI Score

0.0004EPSS

2024-04-17 04:00 PM
8
cisco
cisco

Cisco Integrated Management Controller Web-Based Management Interface Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with Administrator-level privileges to perform command injection attacks on an affected system and elevate their privileges to root. This...

7.8AI Score

0.0004EPSS

2024-04-17 04:00 PM
11
debiancve
debiancve

CVE-2024-26909

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free A recent DRM series purporting to simplify support for "transparent bridges" and handling of probe deferrals ironically exposed a use-after-free issue on...

5.5CVSS

6.4AI Score

0.0004EPSS

2024-04-17 11:15 AM
6
nvd
nvd

CVE-2024-26909

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free A recent DRM series purporting to simplify support for "transparent bridges" and handling of probe deferrals ironically exposed a use-after-free issue on...

5.5CVSS

5.3AI Score

0.0004EPSS

2024-04-17 11:15 AM
1
cve
cve

CVE-2024-26909

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free A recent DRM series purporting to simplify support for "transparent bridges" and handling of probe deferrals ironically exposed a use-after-free issue on...

5.5CVSS

6.5AI Score

0.0004EPSS

2024-04-17 11:15 AM
33
cvelist
cvelist

CVE-2024-26909 soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free A recent DRM series purporting to simplify support for "transparent bridges" and handling of probe deferrals ironically exposed a use-after-free issue on...

5.5AI Score

0.0004EPSS

2024-04-17 10:27 AM
nessus
nessus

Fedora 39 : yyjson (2024-ef2e551fab)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-ef2e551fab advisory. yyjson through 0.8.0 has a double free, leading to remote code execution in some cases, because the pool_free function lacks loop checks. (pool_free is...

7.5AI Score

0.0004EPSS

2024-04-17 12:00 AM
7
cvelist
cvelist

CVE-2024-31040

Buffer Overflow vulnerability in the get_var_integer function in mqtt_parser.c in NanoMQ 0.21.7 allows remote attackers to cause a denial of service via a series of specially crafted...

6.8AI Score

0.0004EPSS

2024-04-17 12:00 AM
Total number of security vulnerabilities47072