Ryzen™ Threadripper™ PRO Processors “Castle Peak” WS Security Vulnerabilities

Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro < 5.3.2 - Unauthenticated Arbitrary Shortcode Execution

Description The The Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.3.1. This is due to the plugin for WordPress allowing users to execute an action that does....

Linux kernel vulnerabilities

Releases Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages linux - Linux kernel linux-azure - Linux kernel for Microsoft Azure Cloud systems linux-azure-5.15 - Linux kernel for Microsoft Azure cloud systems linux-azure-fde - Linux kernel for Microsoft Azure CVM cloud systems linux-azure-fde-5.15 -...

Linux kernel vulnerabilities

Releases Ubuntu 20.04 LTS Ubuntu 18.04 ESM Packages linux - Linux kernel linux-aws - Linux kernel for Amazon Web Services (AWS) systems linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems linux-azure - Linux kernel for Microsoft Azure Cloud systems linux-azure-5.4 - Linux kernel...

School Management Pro <= 10.3.4 - Authenticated (School Admin+) SQL Injection

Description The The School Management Pro plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 10.3.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

SUSE: Security Advisory (SUSE-SU-2024:1139-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2024:0917-1)

The remote host is missing an update for...

WP Migrate Pro < 2.6.11 - Unauthenticated PHP Object Injection

Description The WP Migrate Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.6.10 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the...

SUSE: Security Advisory (SUSE-SU-2024:0975-1)

The remote host is missing an update for...

CVE-2024-33752

An arbitrary file upload vulnerability exists in emlog pro 2.3.0 and pro 2.3.2 at admin/views/plugin.php that could be exploited by a remote attacker to submit a special request to upload a malicious file to execute arbitrary...

CVE-2024-33752

An arbitrary file upload vulnerability exists in emlog pro 2.3.0 and pro 2.3.2 at admin/views/plugin.php that could be exploited by a remote attacker to submit a special request to upload a malicious file to execute arbitrary...

DNS Poisoning

Bouncy Castle Java Cryptography APIs are vulnerable to improper SSL/TLS hostname verification. The vulnerability is due to hostname verification potentially being performed against a DNS-resolved IP address when no explicit hostname is provided, which could lead to DNS poisoning...

CVE-2024-34447

A flaw was found in Bouncy Castle Java Cryptography APIs. Affected versions of this package are vulnerable to a use of incorrectly-resolved name or reference issue when resolving domain names over an SSL socket that was created without an explicit hostname, such as in the HttpsURLConnection()...

CVE-2024-34069

Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, and....

Debian dsa-5680 : affs-modules-6.1.0-21-4kc-malta-di - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5680 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a...

CVE-2024-33752

An arbitrary file upload vulnerability exists in emlog pro 2.3.0 and pro 2.3.2 at admin/views/plugin.php that could be exploited by a remote attacker to submit a special request to upload a malicious file to execute arbitrary...

CVE-2024-34064

Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, &gt;, or =, as each would then be interpreted as starting a separate attribute. If an application accepts keys (...

CVE-2024-33599

nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was...

CVE-2024-33601

nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was...

Oracle Linux 9 : openssl / and / openssl-fips-provider (ELSA-2024-2447)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2447 advisory. Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function...

CVE-2024-33600

nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This...

CVE-2024-33602

nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This...

Debian dsa-5681 : affs-modules-5.10.0-29-4kc-malta-di - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5681 advisory. Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an...

Apache Commons BCEL: Remote Code Execution

Background The Byte Code Engineering Library (Apache Commons BCEL™) is intended to give users a convenient way to analyze, create, and manipulate (binary) Java class files (those ending with .class). Description A vulnerability has been discovered in U-Boot tools. Please review the CVE identifier.....

[SECURITY] [DLA 3808-1] intel-microcode security update

Debian LTS Advisory DLA-3808-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost May 04, 2024 https://wiki.debian.org/LTS Package : intel-microcode Version : 3.20240312.1~deb10u1 CVE...

JS-Tap - JavaScript Payload And Supporting Software To Be Used As XSS Payload Or Post Exploitation Implant To Monitor Users As They Use The Targeted Application

JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom JavaScript payloads in clients. Changelogs Major changes are documented in the project Announcements:...

Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities

Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as APT28, drawing condemnation from the European Union (E.U.), the North Atlantic Treaty Organization (NATO), the U.K., and the U.S. The.....

CVE-2024-3868

The Folders Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's First Name and Last Name in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level.....

CVE-2024-3868

The Folders Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's First Name and Last Name in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level.....

CVE-2024-3868

The Folders Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's First Name and Last Name in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level.....

CVE-2024-3868

The Folders Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's First Name and Last Name in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level.....

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1490-1)

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1490-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of...

Debian dla-3808 : intel-microcode - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3808 advisory. Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user...

Bouncy Castle Java Cryptography API vulnerable to DNS poisoning

An issue was discovered in Bouncy Castle Java Cryptography APIs before BC 1.78. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-resolved IP...

Bouncy Castle Java Cryptography API vulnerable to DNS poisoning

An issue was discovered in Bouncy Castle Java Cryptography APIs before BC 1.78. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-resolved IP...

Metasploit Weekly Wrap-Up 05/03/24

Dump secrets inline This week, our very own cdelafuente-r7 added a significant improvement to the well-known Windows Secrets Dump module to reduce the footprint when dumping SAM hashes, LSA secrets and cached credentials. The module is now directly reading the Windows Registry remotely without...

CVE-2024-34447

An issue was discovered in Bouncy Castle Java Cryptography APIs before BC 1.78. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-resolved IP...

CVE-2024-34447

An issue was discovered in Bouncy Castle Java Cryptography APIs before BC 1.78. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-resolved IP...

CVE-2024-34447

An issue was discovered in Bouncy Castle Java Cryptography APIs before BC 1.78. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-resolved IP...

Security above all else—expanding Microsoft’s Secure Future Initiative

Last November, we launched the Secure Future Initiative (SFI) to prepare for the increasing scale and high stakes of cyberattacks. SFI brings together every part of Microsoft to advance cybersecurity protection across our company and products. Since then, the threat landscape has continued to...

Cybercriminals Forge Alliances via Compromised Routers

...

Cuckoo Malware Operates as Both an Infostealer and Spyware

...

Summary of Vulnerabilities, Actors & Attacks: April 2024

...

Goldoon Botnet Exploits Longstanding D-Link Vulnerability

...

Over 2 Million Malicious Repositories Planted on Docker Hub

...

CVE-2023-51595

Voltronic Power ViewPower Pro selectDeviceListBy SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The...

CVE-2023-51595

Voltronic Power ViewPower Pro selectDeviceListBy SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The...

CVE-2023-51588

Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower Pro. An attacker must first obtain the ability to execute...

CVE-2023-51588

Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower Pro. An attacker must first obtain the ability to execute...

CVE-2023-51593

Voltronic Power ViewPower Pro Expression Language Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The...

CVE-2023-51591

Voltronic Power ViewPower Pro doDocument XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...