Security Bulletin: NVIDIA GPU Display Driver - June 2024
NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin. To protect your system, download and install this software update through the NVIDIA Driver Downloads page or, for the vGPU software and Cloud Gaming updates,...
7.8CVSS
8AI Score
0.0004EPSS
Zyxel NAS Multiple Vulnerabilities (Jun 2024) - Active Check
Multiple Zyxel NAS devices are prone to multiple ...
9.8CVSS
8.2AI Score
0.001EPSS
Rebranded Knight Ransomware Targeting Healthcare and Businesses Worldwide
An analysis of a nascent ransomware strain called RansomHub has revealed it to be an updated and rebranded version of Knight ransomware, itself an evolution of another ransomware known as Cyclops. Knight (aka Cyclops 2.0) ransomware first arrived in May 2023, employing double extortion tactics to.....
7.8AI Score
Missing security headers in Action Pack on non-HTML responses
Permissions-Policy is Only Served on HTML Content-Type The application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This has been assigned the CVE identifier CVE-2024-28103. Versions Affected: >= 6.1.0 Not affected: < 6.1.0 Fixed...
9.8CVSS
6.3AI Score
0.001EPSS
Missing security headers in Action Pack on non-HTML responses
Permissions-Policy is Only Served on HTML Content-Type The application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This has been assigned the CVE identifier CVE-2024-28103. Versions Affected: >= 6.1.0 Not affected: < 6.1.0 Fixed...
9.8CVSS
6.3AI Score
0.001EPSS
ActionText ContentAttachment can Contain Unsanitized HTML
Instances of ActionText::Attachable::ContentAttachment included within a rich_text_area tag could potentially contain unsanitized HTML. This has been assigned the CVE identifier CVE-2024-32464. Versions Affected: >= 7.1.0 Not affected: < 7.1.0 Fixed Versions: 7.1.3.4 Impact This could...
6.1CVSS
5.9AI Score
0.0005EPSS
ActionText ContentAttachment can Contain Unsanitized HTML
Instances of ActionText::Attachable::ContentAttachment included within a rich_text_area tag could potentially contain unsanitized HTML. This has been assigned the CVE identifier CVE-2024-32464. Versions Affected: >= 7.1.0 Not affected: < 7.1.0 Fixed Versions: 7.1.3.4 Impact This could...
6.1CVSS
5.9AI Score
0.0005EPSS
Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in April 2024. Vulnerability Details ** CVEID: CVE-2024-21085 DESCRIPTION: **An...
5.9CVSS
6.2AI Score
0.001EPSS
Summary A vulnerabilitiy in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring (ITM) components. CVE-2024-3933 Vulnerability Details ** CVEID: CVE-2024-3933 DESCRIPTION: **Eclipse Openj9 could allow a local authenticated attacker to bypass security...
5.3CVSS
6.7AI Score
0.0004EPSS
Mitsubishi Electric MELSEC iQ-R, Q, L Series and MELIPC Series (Update C)
EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R, Q, and L Series CPU Module; MELIPC Series CPU Vulnerability: Improper Resource Locking 2. RISK EVALUATION Successful exploitation of this vulnerability could...
7.5CVSS
7.9AI Score
0.003EPSS
An unauthenticated remote attacker can use a malicious OPC UA client to send a crafted request to affected CODESYS products which can cause a DoS due to incorrect calculation of buffer...
7.5CVSS
7.5AI Score
0.0004EPSS
An unauthenticated remote attacker can use a malicious OPC UA client to send a crafted request to affected CODESYS products which can cause a DoS due to incorrect calculation of buffer...
7.5CVSS
7.6AI Score
0.0004EPSS
CVE-2024-5000 CODESYS: Incorrect calculation of buffer size can cause DoS on CODESYS OPC UA products
An unauthenticated remote attacker can use a malicious OPC UA client to send a crafted request to affected CODESYS products which can cause a DoS due to incorrect calculation of buffer...
7.5CVSS
7.2AI Score
0.0004EPSS
CVE-2024-5000 CODESYS: Incorrect calculation of buffer size can cause DoS on CODESYS OPC UA products
An unauthenticated remote attacker can use a malicious OPC UA client to send a crafted request to affected CODESYS products which can cause a DoS due to incorrect calculation of buffer...
7.5CVSS
7.6AI Score
0.0004EPSS
7.9CVSS
6.5AI Score
0.0004EPSS
Updated microcode packages fix security vulnerabilities
The updated package fixes security vulnerabilities: Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access. (CVE-2023-45733) Sequence of processor instructions leads to unexpected...
7.9CVSS
6.3AI Score
0.0004EPSS
ActionText ContentAttachment can Contain Unsanitized HTML
Instances of ActionText::Attachable::ContentAttachment included within a rich_text_area tag could potentially contain unsanitized HTML. This has been assigned the CVE identifier CVE-2024-32464. Versions Affected: >= 7.1.0 Not affected: < 7.1.0 Fixed Versions: 7.1.3.4 Impact This could...
6.1CVSS
6.1AI Score
EPSS
Missing security headers in Action Pack on non-HTML responses
Permissions-Policy is Only Served on HTML Content-Type The application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This has been assigned the CVE identifier CVE-2024-28103. Versions Affected: >= 6.1.0 Not affected: < 6.1.0 Fixed...
9.8CVSS
5.3AI Score
EPSS
Security Bulletin: Multiple Vulnerabilities in IBM Datacap
Summary Multiple vulnerabilities were addressed in IBM Datacap version 9.1.9 Interim Fix 004 Vulnerability Details ** CVEID: CVE-2023-26965 DESCRIPTION: **LibTIFF is vulnerable to a denial of service, caused by a heap-based buffer overflow in the loadImage() function in /libtiff/tools/tiffcrop.c......
8.8CVSS
7.6AI Score
0.034EPSS
PCI DSS 4.0: Get Audit-Ready for the New Requirements
The Payment Card Industry Data Security Standard (PCI DSS) originated in 2004 and is managed by the PCI Security Standards Council to ensure security for the global payment industry. This mandate applies to all entities worldwide that store, process, or transmit payment cardholder data or...
7.6AI Score
Microsoft is named a leader in the Forrester Wave for XDR
“Defenders think in lists, attackers think in graphs.”1 This remains a reality for the many organizations that operate across siloed security tools, fueling the demand on security operations (SOC) teams, as advanced cyberattacks continue to increase in frequency and speed. That’s where extended...
6.8AI Score
Researchers Uncover RAT-Dropping npm Package Targeting Gulp Users
Cybersecurity researchers have uncovered a new suspicious package uploaded to the npm package registry that's designed to drop a remote access trojan (RAT) on compromised systems. The package in question is glup-debugger-log, which targets users of the gulp toolkit by masquerading as a "logger for....
8AI Score
Researcher Uncovers Flaws in Cox Modems, Potentially Impacting Millions
Now-patched authorization bypass issues impacting Cox modems could have been abused as a starting point to gain unauthorized access to the devices and run malicious commands. "This series of vulnerabilities demonstrated a way in which a fully external attacker with no prerequisites could've...
8.1AI Score
IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics Targeted attacks Operation Triangulation: the final mystery Last June, we published a series of reports on Operation Triangulation, a previously unknown iOS malware...
7.8CVSS
6AI Score
0.003EPSS
Beware: Fake Browser Updates Deliver BitRAT and Lumma Stealer Malware
Fake web browser updates are being used to deliver remote access trojans (RATs) and information stealer malware such as BitRAT and Lumma Stealer (aka LummaC2). "Fake browser updates have been responsible for numerous malware infections, including those of the well-known SocGholish malware,"...
7.1AI Score
RHEL 5 : microcode_ctl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. hw: Intel SGX information leak (CVE-2019-0117) Improper conditions check in the voltage modulation...
6CVSS
6.7AI Score
0.0004EPSS
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1788)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is...
8CVSS
8.3AI Score
EPSS
RHEL 5 : openssh (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openssh: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices (CVE-2015-5600) openssh:...
9.8CVSS
7.2AI Score
0.164EPSS
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1800)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is...
8CVSS
8.3AI Score
EPSS
RHEL 5 : gnutls (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gnutls: Heap read overflow in read-packet.c (CVE-2017-5337) The TLS protocol 1.2 and earlier, as used in...
7.5CVSS
7.4AI Score
0.256EPSS
RHEL 6 : microcode_ctl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. kernel: Intel firmware update for insufficient granularity of access control in out-of-band management in some...
7.5CVSS
7AI Score
0.0004EPSS
RHEL 7 : microcode_ctl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: Intel firmware update for improper isolation of shared resources (CVE-2022-38090) Incorrect...
6.1CVSS
7.2AI Score
0.0004EPSS
RHEL 4 : openssh (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openssh: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices (CVE-2015-5600) openssh:...
7.8CVSS
7.3AI Score
0.164EPSS
RHEL 5 : ipsec-tools (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ipsec-tools: Parsing and storing ISAKMP fragments in malicious order can exhaust resources ...
7.5CVSS
7.6AI Score
0.018EPSS
RHEL 8 : openssl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712) Simultaneous Multi-threading...
7.4CVSS
6.8AI Score
0.015EPSS
New! Insight Agent Support for ARM-based Windows in InsightVM
We are pleased to introduce Insight Agent support of ARM-based Windows 11 devices for both vulnerability and policy assessment within InsightVM. Customers with Windows 11 devices powered by ARM processors can now take advantage of the great performance and lower power requirements of these chips...
7.1AI Score
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions (including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities).....
5.9CVSS
6.1AI Score
0.0004EPSS
Ars0N-Framework - A Modern Framework For Bug Bounty Hunting
Howdy! My name is Harrison Richardson, or rs0n (arson) when I want to feel cooler than I really am. The code in this repository started as a small collection of scripts to help automate many of the common Bug Bounty hunting processes I found myself repeating. Over time, I built a simple web...
7AI Score
New banking trojan “CarnavalHeist” targets Brazil with overlay attacks
Since February 2024, Cisco Talos has been observing an active campaign targeting Brazilian users with a new banking trojan called "CarnavalHeist." Many of the observed tactics, techniques and procedures (TTPs) are common among other banking trojans coming out of Brazil. This family has also been...
8AI Score
Russian Hackers Target Europe with HeadLace Malware and Credential Harvesting
The Russian GRU-backed threat actor APT28 has been attributed as behind a series of campaigns targeting networks across Europe with the HeadLace malware and credential-harvesting web pages. APT28, also known by the names BlueDelta, Fancy Bear, Forest Blizzard, FROZENLAKE, Iron Twilight, ITG05,...
7.2AI Score
Rockwell Studio 5000 Logix Designer < V34 Code Hiding
The version of Rockwell Studio 5000 Logix Designer installed on the remote Windows host is prior to V34. It is, therefore, affected by a vulnerability. An attacker who achieves administrator access on a workstation running Studio 5000 Logix Designer could inject controller code undetectable...
7.7CVSS
7.4AI Score
0.001EPSS
Rockwell Studio 5000 Logix Designer Installed (Windows)
Rockwell Studio 5000 Logix Designer is installed on the remote Windows...
7.4AI Score
Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices. Internet-exposed OT equipment in water and wastewater systems (WWS) in the US were targeted in multiple attacks over the past months by...
9.8CVSS
7.2AI Score
0.068EPSS
Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices. Internet-exposed OT equipment in water and wastewater systems (WWS) in the US were targeted in multiple attacks over the past months by...
9.8CVSS
8.7AI Score
0.068EPSS
Security Bulletin: CVE-2024-3933 affects IBM® SDK, Java™ Technology Edition
Summary CVE-2024-3933 affects IBM SDK, Java Technology Edition. An update has been released to address the vulnerability. Vulnerability Details ** CVEID: CVE-2024-3933 DESCRIPTION: **Eclipse Openj9 could allow a local authenticated attacker to bypass security restrictions, caused by the failure...
5.3CVSS
6.4AI Score
0.0004EPSS
Mitsubishi Electric MELSEC iQ-R, iQ-L Series and MELIPC Series (Update C)
EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R, iQ-L Series and MELIPC Series Vulnerability: Improper Resource Shutdown or Release 2. RISK EVALUATION Successful exploitation of this vulnerability could...
7.5CVSS
7.7AI Score
0.002EPSS
7.9CVSS
6.8AI Score
0.001EPSS
New Generative AI category added to Talos reputation services
Cisco Talos is preparing to release the first in a series of changes to our Web Categorization system, which is designed to simplify the verbiage we use. In mid-June, we're adding a new "Generative AI" category that will apply to certain websites. The "Content Category" appears whenever a user...
6.8AI Score
Yubico YubiKey 5 Series before 5.7.0, Security Key Series before 5.7.0, YubiKey Bio Series before 5.6.4, and YubiKey 5 FIPS before 5.7.2 have Incorrect Access...
6.7AI Score
EPSS
Yubico YubiKey 5 Series before 5.7.0, Security Key Series before 5.7.0, YubiKey Bio Series before 5.6.4, and YubiKey 5 FIPS before 5.7.2 have Incorrect Access...
6.9AI Score
EPSS