RHEL 9 : libreoffice (RHSA-2023:6508)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6508 advisory. libreoffice: Empty entry in Java class path (CVE-2022-38745) libreoffice: Array index underflow in Calc formula parsing (CVE-2023-0950) ...
7.8CVSS
7.2AI Score
0.001EPSS
9.8CVSS
9.5AI Score
0.001EPSS
9.8CVSS
9.5AI Score
0.001EPSS
Gaming-related cyberthreats in 2023: Minecrafters targeted the most
Introduction and trends The gaming industry continues growing. The Newzoo report for 2023 reveals that two in five — more than three billion — across the globe are gamers, which is 6.3 percent more than last year. Globally, gaming revenue amounts to an estimated US$242.39 billion, with almost half....
6.4AI Score
Rocky Linux 9 : libreoffice (RLSA-2023:0304)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0304 advisory. An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by...
8.8CVSS
7.5AI Score
0.002EPSS
Amazon Linux 2023 : compat-libpthread-nonshared, glibc, glibc-all-langpacks (ALAS2023-2023-407)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-407 advisory. A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash. (CVE-2023-5156) Note that Nessus has not...
7.5CVSS
6.7AI Score
0.001EPSS
WhatsApp spy mod spreads through Telegram, attacks Arabic-speaking users
It is not rare that users of popular instant messaging services find the official client apps to be lacking in functionality. To address that problem, third-party developers come up with mods that offer sought-after features besides aesthetic upgrades. Unfortunately, some of these mods contain...
8AI Score
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Thunderbird vulnerabilities (USN-6468-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6468-1 advisory. It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to...
9.8CVSS
8.6AI Score
0.001EPSS
Releases Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages thunderbird - Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an...
9.8CVSS
9.4AI Score
0.001EPSS
9.8CVSS
9.5AI Score
0.001EPSS
Releases Ubuntu 20.04 LTS Packages firefox - Mozilla Open Source web browser Details Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive...
9.8CVSS
9.3AI Score
0.001EPSS
9.8CVSS
9.5AI Score
0.001EPSS
Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6456-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6456-1 advisory. It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient...
9.8CVSS
8.7AI Score
0.001EPSS
9.8CVSS
9.5AI Score
0.001EPSS
[SECURITY] [DLA 3637-1] thunderbird security update
Debian LTS Advisory DLA-3637-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 29, 2023 https://wiki.debian.org/LTS Package : thunderbird Version : 1:115.4.1-1~deb10u1 CVE...
9.8CVSS
9.1AI Score
0.001EPSS
Debian DLA-3637-1 : thunderbird - LTS security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3637 advisory. It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay....
9.8CVSS
8.5AI Score
0.001EPSS
[SECURITY] [DSA 5538-1] thunderbird security update
Debian Security Advisory DSA-5538-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 27, 2023 https://www.debian.org/security/faq Package : thunderbird CVE ID : CVE-2023-5721 CVE-2023-5724...
9.8CVSS
7.6AI Score
0.001EPSS
Debian DSA-5538-1 : thunderbird - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5538 advisory. It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient...
9.8CVSS
8.5AI Score
0.001EPSS
[SECURITY] [DLA 3632-1] firefox-esr security update
Debian LTS Advisory DLA-3632-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 27, 2023 https://wiki.debian.org/LTS Package : firefox-esr Version : 115.4.0esr-1~deb10u1 CVE...
9.8CVSS
8.8AI Score
0.001EPSS
A cascade of compromise: unveiling Lazarus’ new campaign
Earlier this year, a software vendor was compromised by the Lazarus malware delivered through unpatched legitimate software. What's remarkable is that these software vulnerabilities were not new, and despite warnings and patches from the vendor, many of the vendor's systems continued to use the...
7.5AI Score
Debian DLA-3632-1 : firefox-esr - LTS security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3632 advisory. It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay....
9.8CVSS
8.5AI Score
0.001EPSS
In the beginning of 2023, thanks to our Kaspersky Unified Monitoring and Analysis Platform (KUMA) SIEM system, we noticed suspicious network activity that turned out to be an ongoing attack targeting the iPhones and iPads of our colleagues. The moment we understood that there was a clear pattern...
7.3AI Score
9.8CVSS
9.5AI Score
0.001EPSS
[SECURITY] [DSA 5535-1] firefox-esr security update
Debian Security Advisory DSA-5535-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 25, 2023 https://www.debian.org/security/faq Package : firefox-esr CVE ID : CVE-2023-5721 CVE-2023-5724...
9.8CVSS
7.3AI Score
0.001EPSS
Debian DSA-5535-1 : firefox-esr - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5535 advisory. It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient...
9.8CVSS
8.6AI Score
0.001EPSS
Stealer for PIX payment system, new Lumar stealer and Rhysida ransomware
Introduction As a cybersecurity company, Kaspersky is constantly dealing with known and brand-new malware samples. As part of our crimeware reporting service, we provide our customers with technical reports on the evolution of existing crimeware families, as well as newly emerging ones. In this...
7AI Score
The outstanding stealth of Operation Triangulation
Introduction In our previous blogpost on Triangulation, we discussed the details of TriangleDB, the main implant used in this campaign, its C2 protocol and the commands it can receive. We mentioned, among other things, that it is able to execute additional modules. We also mentioned that this...
7.4AI Score
Ubuntu 16.04 LTS : Firefox vulnerabilities (USN-4278-2)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4278-2 advisory. A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This...
8.8CVSS
7.6AI Score
0.013EPSS
Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu/Sl Firmware
hikvision_brute Brute Hikvision CAMS with CVE-2021-36260...
9.8CVSS
9.5AI Score
0.975EPSS
Ubuntu 16.04 LTS / 18.04 LTS : Thunderbird vulnerabilities (USN-4150-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4150-1 advisory. Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. This...
8.8CVSS
8.5AI Score
0.009EPSS
Ubuntu 16.04 LTS / 18.04 LTS : Firefox regressions (USN-4234-2)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4234-2 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
6.7AI Score
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Firefox vulnerabilities (USN-3896-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3896-1 advisory. An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a...
8.8CVSS
8AI Score
0.024EPSS
Ubuntu 18.04 LTS : Firefox regressions (USN-4278-3)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4278-3 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
6.7AI Score
Ubuntu 16.04 LTS / 18.04 LTS : Firefox vulnerability (USN-4020-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4020-1 advisory. A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash....
8.8CVSS
8.7AI Score
0.752EPSS
Ubuntu 18.04 LTS : Thunderbird vulnerabilities (USN-4202-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4202-1 advisory. A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer was shown as having a valid digital signature,...
8.8CVSS
9.3AI Score
0.015EPSS
Ubuntu 16.04 LTS / 18.04 LTS : Firefox regression (USN-4122-2)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4122-2 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
6.7AI Score
Ubuntu 16.04 LTS : Firefox vulnerabilities (USN-4216-2)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4216-2 advisory. When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write...
8.8CVSS
9.5AI Score
0.014EPSS
Ubuntu 16.04 LTS / 18.04 LTS : Firefox vulnerability (USN-4032-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4032-1 advisory. Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed...
10CVSS
9.1AI Score
0.008EPSS
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Firefox vulnerabilities (USN-3919-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3919-1 advisory. Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and...
8.8CVSS
8.8AI Score
0.952EPSS
Money-making scripts attack organizations
In April of this year, the FBI published an advisory on attacks targeting government, law enforcement, and non-profit organizations. Attackers download scripts onto victims' devices, delivering several types of malware all at once. The main aim is to utilize company resources for mining, steal...
7.2AI Score
Social Feed <= 2.2.0 - Reflected XSS
Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as...
6.1CVSS
5.7AI Score
0.0005EPSS
A hack in hand is worth two in the bush
The ongoing conflict between Israel and Hamas has also extended into the digital domain. The involvement of hackers highlights the evolving nature of warfare in the 21st century, where traditional military operations are complemented by sophisticated cyber tactics, and where the boundaries between....
7.5AI Score
ChatGPT at work: how chatbots help employees, but threaten business
Workhorse Only a few months ago, ChatGPT and other chatbots based on large language models (LLMs) were still a novelty. Users enjoyed using them to compose poems and lyrics in the style of famous artists (which left Nick Cave, for example, decidedly unimpressed), researchers debated blowing up...
6.8AI Score
ToddyCat: Keep calm and check logs
ToddyCat is an advanced APT actor that we described in a previous publication last year. The group started its activities in December 2020 and has been responsible for multiple sets of attacks against high-profile entities in Europe and Asia. Our first publication was focused on their main tools,.....
7.5AI Score
[2.28-225.0.4.6] - CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode. - CVE-2203-4806: potential use-after-free in getaddrinfo. - CVE-2023-4813: potential use-after-free in gaih_inet (RHEL-2435). - CVE-2023-4813: work around RHEL-8 limitation in test (RHEL-2435). Reviewed by: Jose...
7.7AI Score
0.014EPSS
[2.34-60.0.3.7] - CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode (#2234716). - CVE-2203-4806: potential use-after-free in getaddrinfo. - CVE-2023-4813: potential use-after-free in gaih_inet. Reviewed by: Jose E. Marchesi [2.34-60.0.3] - CVE-2023-4911: tunables: Terminate...
8AI Score
0.014EPSS
Oracle Linux 9 : glibc (ELSA-2023-12873)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12873 advisory. A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an...
7.8CVSS
8AI Score
0.014EPSS
Oracle Linux 8 : glibc (ELSA-2023-12872)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12872 advisory. A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application...
7.8CVSS
8AI Score
0.014EPSS
Ubuntu 20.04 LTS : Firefox regressions (USN-6404-2)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6404-2 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
6.7AI Score
Releases Ubuntu 20.04 LTS Packages firefox - Mozilla Open Source web browser Details USN-6404-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security...
9.8CVSS
10AI Score
0.245EPSS