Oracle Linux 8 : curl (ELSA-2024-1601)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1601 advisory. This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl...
6.5CVSS
6.4AI Score
0.001EPSS
Security Bulletin: NVIDIA CUDA Toolkit - April 2024
NVIDIA has released a software update for NVIDIA® CUDA® Toolkit. To protect your system, download and install this software update from the CUDA Toolkit Downloads page. Go to NVIDIA Product Security. Details This section provides a summary of potential vulnerabilities that this security update...
3.3CVSS
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address (HPA) the HDM decoder registers are programmed...
7.5AI Score
0.0004EPSS
(RHSA-2024:1644) Important: grafana-pcp security and bug fix update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fix(es): golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA...
7.7AI Score
0.0005EPSS
Summary IBM® Db2® is vulnerable to a denial of service with a specially crafted query on certain columnar table. Vulnerability Details ** CVEID: CVE-2024-22360 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service with a specially...
5.3CVSS
6.7AI Score
0.0004EPSS
Summary IBM® Db2® is vulnerable to denial of service with a specially crafted query under certain conditions. Vulnerability Details ** CVEID: CVE-2024-27254 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server is vulnerable to denial of service with a...
5.3CVSS
6.7AI Score
0.0004EPSS
Summary IBM® Db2® is vulnerable to denial of service with a specially crafted query. Vulnerability Details ** CVEID: CVE-2024-25046 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service by an authenticated user using a specially...
5.3CVSS
6.6AI Score
0.0004EPSS
Summary IBM® Db2® is vulnerable to denial of service when quering a specific UDF built-in function concurrently. Vulnerability Details ** CVEID: CVE-2023-52296 DESCRIPTION: **IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service when quering a...
5.3CVSS
6.6AI Score
0.0004EPSS
Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution
The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed. The audacious supply chain compromise, tracked as CVE-2024-3094 (CVSS score: 10.0),...
10CVSS
9.9AI Score
0.133EPSS
Exploit for Embedded Malicious Code in Tukaani Xz
Description Malicious code was discovered in the upstream...
10CVSS
9.5AI Score
0.133EPSS
CentOS 8 : curl (CESA-2024:1601)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:1601 advisory. An information disclosure vulnerability exists in...
6.5CVSS
8.2AI Score
0.001EPSS
RHEL 8 : grafana-pcp (RHSA-2024:1644)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:1644 advisory. The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace...
7.5CVSS
7.9AI Score
0.0005EPSS
Important: grafana-pcp security and bug fix update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fix(es): golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA...
7.5CVSS
7.6AI Score
0.0005EPSS
SuperSize Me By Floser Bacurio Jr., Bernadette Canubas, Michaelo Oliveros · April 02, 2024 Introduction Cyber attackers are always finding new ways to outsmart security systems and distribute malware effectively. We discovered an interesting detection evasion technique of delivering archive files.....
7.2AI Score
Tukaani Project XZ Utils Backdoor (Feb/Mar 2024)
The XZ Utils of the Tukaani Project have been backdoored by an unknown threat actor in February and March...
10CVSS
9.8AI Score
0.133EPSS
Important: grafana-pcp security and bug fix update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fix(es): golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA...
7.5CVSS
7.5AI Score
0.0005EPSS
Sante PACS Server Token Endpoint SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the....
9.8CVSS
9.9AI Score
0.001EPSS
Sante PACS Server Token Endpoint SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the....
9.8CVSS
10AI Score
0.001EPSS
CVE-2024-1863 Sante PACS Server Token Endpoint SQL Injection Remote Code Execution Vulnerability
Sante PACS Server Token Endpoint SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the....
9.8CVSS
10AI Score
0.001EPSS
XZ is vulnerable to Injected Malicious Code. Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which.....
10CVSS
7.1AI Score
0.133EPSS
Detecting Windows-based Malware Through Better Visibility
Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren't just an inconvenience that hurt businesses and end users - they damage the economy, endanger lives, destroy businesses and put national...
7AI Score
Exploit for Embedded Malicious Code in Tukaani Xz
CVE-2024-3094 Malicious code was discovered in the upstream...
10CVSS
9.8AI Score
0.133EPSS
Summary IBM Maximo Application Suite uses cryptography-41.0.2-cp37-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2023-49083.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2023-4807 DESCRIPTION: **OpenSSL is...
7.8CVSS
9.9AI Score
0.003EPSS
Ross Anderson unexpectedly passed away Thursday night in, I believe, his home in Cambridge. I can't remember when I first met Ross. Of course it was before 2008, when we created the Security and Human Behavior workshop. It was well before 2001, when we created the Workshop on Economics and...
7.2AI Score
K000139141 : liblzma vulnerability CVE-2024-3094
Security Advisory Description Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to....
10CVSS
9.3AI Score
0.133EPSS
GLSA-202403-04 : XZ utils: Backdoor in release tarballs
The remote host is affected by the vulnerability described in GLSA-202403-04 (XZ utils: Backdoor in release tarballs) Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a...
10CVSS
9.6AI Score
0.133EPSS
JFrog Artifactory prior to version 7.76.2 is vulnerable to Arbitrary File Write of untrusted data, which may lead to DoS or Remote Code Execution when a specially crafted series of requests is sent by an authenticated user. This is due to insufficient validation of...
7.2CVSS
7.6AI Score
0.0004EPSS
Updated microcode packages fix security vulnerabilities
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2023-22655) Information exposure through microarchitectural state after...
6.5CVSS
7.8AI Score
0.001EPSS
Exploit for Embedded Malicious Code in Tukaani Xz
CVE-2024-3094 Malicious code was discovered in the upstream...
10CVSS
9.8AI Score
0.133EPSS
7.3AI Score
Urgent: Secret Backdoor Found in XZ Utils Library, Impacts Major Linux Distros
Red Hat on Friday released an "urgent security alert" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access. The software supply chain compromise, tracked as...
10CVSS
9.5AI Score
0.133EPSS
Fedora 38 : xen (2024-29f57f1b4e)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-29f57f1b4e advisory. Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors...
6.5CVSS
7.4AI Score
0.0004EPSS
Fedora 39 : xen (2024-9e9f53d01d)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-9e9f53d01d advisory. Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors...
6.5CVSS
7.4AI Score
0.0004EPSS
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in.....
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in.....
10CVSS
9.6AI Score
0.133EPSS
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in.....
10CVSS
9.3AI Score
0.133EPSS
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in.....
10CVSS
9.5AI Score
0.133EPSS
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions...
10CVSS
9.4AI Score
0.133EPSS
CVE-2024-3094 Xz: malicious code in distributed source
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in.....
10CVSS
9.5AI Score
0.133EPSS
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in.....
10CVSS
9.4AI Score
0.133EPSS
Dormakaba Locks Used in Millions of Hotel Rooms Could Be Cracked in Seconds
Security vulnerabilities discovered in Dormakaba's Saflok electronic RFID locks used in hotels could be weaponized by threat actors to forge keycards and stealthily slip into locked rooms. The shortcomings have been collectively named Unsaflok by researchers Lennert Wouters, Ian Carroll, rqu,...
7.7AI Score
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in.....
10CVSS
9.3AI Score
0.133EPSS
7.4AI Score
[ASA-202403-1] xz: arbitrary code execution
Arch Linux Security Advisory ASA-202403-1 Severity: Critical Date : 2024-03-29 CVE-ID : CVE-2024-3094 Package : xz Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-2851 Summary The package xz before version 5.6.1-2 is vulnerable to arbitrary code...
10CVSS
7.2AI Score
0.133EPSS
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in.....
10CVSS
9.6AI Score
0.133EPSS
Online Book System index.php File SQL Injection Vulnerability
Online Book System is an online booking system. A SQL injection vulnerability exists in version 1.0 of Online Book System, which originates from a lack of validation of externally entered SQL statements in the username/password/login_username/login_password parameters of the /index.php file. An...
7.3CVSS
7.9AI Score
0.0004EPSS
Exploit for Path Traversal in Grafana
CVE-2021-43798 This is a script to exploit CVE-2021-43798 a...
7.5CVSS
7.3AI Score
0.975EPSS
Stories from the SOC Part 1: IDAT Loader to BruteRatel
Rapid7’s Managed Detection and Response (MDR) team continuously monitors our customers' environments, identifying emerging threats and developing new detections. In August 2023, Rapid7 identified a new malware loader named the IDAT Loader. Malware loaders are a type of malicious software designed.....
8.1AI Score
Welcome to this week's threat source newsletter with Jon out, you've got me as your substitute teacher. I'm taking you back to those halcyon days of youth and that moment when you found out that you had a sub that day, will I be the teacher that just rolls in the TV cart and delivers the single...
7.7AI Score
From ChatBot To SpyBot: ChatGPT Post Exploitation
In the second installment of our blog post series on ChatGPT, we delve deeper into the security implications that come with the integration of AI into our daily routines. Building on the discoveries shared in our initial post, "XSS Marks the Spot: Digging Up Vulnerabilities in ChatGPT," where we...
6.1AI Score