CVE-2024-26976 KVM: Always flush async #PF workqueue when vCPU is being destroyed
In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async #PF workqueue when vCPU is being destroyed Always flush the per-vCPU async #PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed. KVM must ensure...
7.6AI Score
0.0004EPSS
CVE-2024-26951 wireguard: netlink: check for dangling peer via is_dead instead of empty list
In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via is_dead instead of empty list If all peers are removed via wg_peer_remove_all(), rather than setting peer_list to empty, the peer is added to a temporary list with a head on the...
7.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async #PF workqueue when vCPU is being destroyed Always flush the per-vCPU async #PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed. KVM must ensure...
7.5AI Score
0.0004EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1480-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1480-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic...
7.8CVSS
8AI Score
EPSS
In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via is_dead instead of empty list If all peers are removed via wg_peer_remove_all(), rather than setting peer_list to empty, the peer is added to a temporary list with a head on the...
7.6AI Score
0.0004EPSS
Velociraptor 0.7.2 Release: Digging Deeper than Ever with EWF Support, Dynamic DNS and More
By Dr. Mike Cohen and Carlos Canto Rapid7 is very excited to announce that version 0.7.2 of Velociraptor is now fully available for download. In this post we’ll discuss some of the interesting new features. EWF Support Velociraptor has introduced the ability to analyze dead disk images in the...
6.6AI Score
(RHSA-2024:2580) Moderate: yajl security update
Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C, and a small validating JSON generator. Security Fix(es): yajl: Memory leak in yajl_tree_parse function (CVE-2023-33460) For more details about the security issue(s), including the impact, a CVSS...
7.8AI Score
0.001EPSS
Man Who Mass-Extorted Psychotherapy Patients Gets Six Years
A 26-year-old Finnish man was sentenced to more than six years in prison today after being convicted of hacking into an online psychotherapy clinic, leaking tens of thousands of patient therapy records, and attempting to extort the clinic and patients. On October 21, 2020, the Vastaamo...
7.4AI Score
Managed Detection and Response in 2023
Managed Detection and Response in 2023 (PDF) Alongside other security solutions, we provide Kaspersky Managed Detection and Response (MDR) to organizations worldwide, delivering expert monitoring and incident response 24/7. The task involves collecting telemetry for analysis by both...
7AI Score
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024
The U.K. National Cyber Security Centre (NCSC) is calling on manufacturers of smart devices to comply with new legislation that prohibits them from using default passwords, effective April 29, 2024. "The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act),...
7.5AI Score
Pouring Acid Rain By Max Kersten · April 30, 2024 In two recent major geopolitical conflicts, in Ukraine and in Israel, wipers - malware used to destroy access to files and commonly used to halt telecom operations - were used to destroy digital infrastructure. Their ongoing shows that wipers have.....
7.7AI Score
RHEL 8 : yajl (RHSA-2024:2580)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2580 advisory. Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C, and a small validating JSON generator. ...
6.5CVSS
7AI Score
0.001EPSS
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1466-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1466-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...
7.8CVSS
7.5AI Score
EPSS
Amazon Linux 2 : firefox (ALASFIREFOX-2024-024)
The version of firefox installed on the remote host is prior to 115.10.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2024-024 advisory. An attacker was able to inject an event handler into a privileged object that would allow arbitrary ...
8.1AI Score
0.0004EPSS
FCC Fines Major U.S. Wireless Carriers for Selling Customer Location Data
The U.S. Federal Communications Commission (FCC) today levied fines totaling nearly $200 million against the four major carriers -- including AT&T, Sprint, T-Mobile and Verizon -- for illegally sharing access to customers' location information without consent. The fines mark the culmination of a...
7AI Score
Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023
Google on Monday revealed that almost 200,000 app submissions to its Play Store for Android were either rejected or remediated to address issues with access to sensitive data such as location or SMS messages over the past year. The tech giant also said it blocked 333,000 bad accounts from the app.....
7.3AI Score
Kaiser health insurance leaked patient data to advertisers
Health insurance giant Kaiser has announced it will notify millions of patients about a data breach after sharing patients’ data with advertisers. Kaiser said that an investigation led to the discovery that “certain online technologies, previously installed on its websites and mobile applications,....
7AI Score
Fedora 38 : python-fastapi / python-starlette (2023-9d50269499)
The remote Fedora 38 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-9d50269499 advisory. python-starlette 0.25.0 ### Fixed - Limit the number of fields and files when parsing multipart/form-data on the MultipartParser ## python-fastapi...
7.3AI Score
Fedora 40 : nodejs20 (2024-2ffe03eaa6)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2ffe03eaa6 advisory. An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2...
8.2CVSS
7.7AI Score
0.0004EPSS
Fedora 40 : golang-github-prometheus-node-exporter (2023-654e0ddfd8)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-654e0ddfd8 advisory. An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP...
7.5CVSS
9.6AI Score
0.024EPSS
Amazon Linux 2023 : nodejs20, nodejs20-devel, nodejs20-full-i18n (ALAS2023-2024-594)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-594 advisory. 2024-06-19: CVE-2024-27982 was added to this advisory. NOTE: https://nodejs.org/en/blog/vulnerability/april-2024-security-releases/ (CVE-2024-27982) An attacker can make the Node.js HTTP/2...
5.3CVSS
6.3AI Score
0.0004EPSS
Oracle Linux 7 : tigervnc (ELSA-2024-2080)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2080 advisory. A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when...
7.8CVSS
7.2AI Score
0.0005EPSS
Fedora 40 : firefox (2024-8b5bd4ad5f)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-8b5bd4ad5f advisory. An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling range- based bounds check elimination. This...
6.3AI Score
0.0005EPSS
Fedora 39 : python-fastapi / python-starlette (2023-6c030b3c71)
The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-6c030b3c71 advisory. python-starlette 0.25.0 ### Fixed - Limit the number of fields and files when parsing multipart/form-data on the MultipartParser ## python-fastapi...
7.3AI Score
Fedora 40 : dnsx (2023-65413f7fd0)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-65413f7fd0 advisory. An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP...
7.5CVSS
6.9AI Score
0.024EPSS
Fedora 40 : xorg-x11-server-Xwayland (2024-01a9916e9e)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-01a9916e9e advisory. A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when...
7.8CVSS
7.4AI Score
0.0005EPSS
AlmaLinux 8 : tigervnc (ALSA-2024:2037)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:2037 advisory. A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped...
7.8CVSS
7.7AI Score
0.0005EPSS
Amazon Linux 2023 : nodejs, nodejs-devel, nodejs-full-i18n (ALAS2023-2024-593)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-593 advisory. An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data...
5.3CVSS
6.5AI Score
0.0004EPSS
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks
Identity and access management (IAM) services provider Okta has warned of a spike in the "frequency and scale" of credential stuffing attacks aimed at online services. These unprecedented attacks, observed over the last month, are said to be facilitated by "the broad availability of residential...
6.8AI Score
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's display name autofilled into forms in all versions up to, and including, 1.15.24 due to insufficient input sanitization and output escaping....
4.4CVSS
5.7AI Score
0.0004EPSS
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's display name autofilled into forms in all versions up to, and including, 1.15.24 due to insufficient input sanitization and output escaping....
4.4CVSS
4.3AI Score
0.0004EPSS
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's display name autofilled into forms in all versions up to, and including, 1.15.24 due to insufficient input sanitization and output escaping....
4.4CVSS
4.5AI Score
0.0004EPSS
RHEL 6 / 7 : httpd24 (RHSA-2018:3558)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3558 advisory. curl: TLS session resumption client cert bypass (CVE-2016-5419) curl: Re-using connection with wrong client cert (CVE-2016-5420) ...
9.8CVSS
9.5AI Score
0.959EPSS
RHEL 7 : collectd (RHSA-2018:0252)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0252 advisory. collectd is a small C-language daemon, which reads various system metrics periodically and updates RRD files (creating them if necessary). Because...
9.8CVSS
9.5AI Score
0.009EPSS
RHEL 7 : openstack-nova and python-novaclient (RHSA-2018:0369)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0369 advisory. OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform....
6.5CVSS
6.7AI Score
0.001EPSS
10 Critical Endpoint Security Tips You Should Know
In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets. According to the IDC, 70% of successful breaches start at the endpoint. Unprotected endpoints provide...
7.4AI Score
New 'Brokewell' Android Malware Spread Through Fake Browser Updates
Fake browser updates are being used to push a previously undocumented Android malware called Brokewell. "Brokewell is a typical modern banking malware equipped with both data-stealing and remote-control capabilities built into the malware," Dutch security firm ThreatFabric said in an analysis...
7.2AI Score
Form Maker by 10Web < 1.15.25 - Authenticated (Subscriber+) Stored Self-Based Cross-Site Scripting
Description The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's display name autofilled into forms in all versions up to, and including, 1.15.24 due to insufficient input sanitization and output...
4.4CVSS
5.7AI Score
0.0004EPSS
CentOS 9 : kernel-5.14.0-437.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-437.el9 build changelog. In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The...
7.2AI Score
0.0004EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 15, 2024 to April 21, 2024)
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 209 vulnerabilities disclosed in 169...
9.9AI Score
EPSS
(RHSA-2024:2063) Moderate: yajl security update
Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C, and a small validating JSON generator. Security Fix(es): yajl: heap-based buffer overflow when handling large inputs due to an integer overflow (CVE-2022-24795) yajl: Memory leak in...
7.8AI Score
0.013EPSS
Talos IR trends: BEC attacks surge, while weaknesses in MFA persist
Business email compromise (BEC) was the top threat observed by Cisco Talos Incident Response (Talos IR) in the first quarter of 2024, accounting for nearly half of engagements, which is more than double what was observed in the previous quarter. The most observed means of gaining initial access...
8.3AI Score
0.733EPSS
The Rise of Large-Language-Model Optimization
The web has become so interwoven with everyday life that it is easy to forget what an extraordinary accomplishment and treasure it is. In just a few decades, much of human knowledge has been collectively written up and made available to anyone with an internet connection. But all of this is coming....
6.7AI Score
[SECURITY] Fedora 38 Update: libfilezilla-0.47.0-1.fc38
libfilezilla is a small and modern C++ library, offering some basic functionality to build high-performing, platform-independent...
5.9CVSS
6.6AI Score
0.002EPSS
RHEL 8 : yajl (RHSA-2024:2063)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2063 advisory. Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C, and a small validating JSON...
7.5CVSS
8.1AI Score
0.013EPSS
IBM Cognos Analytics 11.1.1 < 11.1.7 FP8 / 11.2.x < 11.2.4 FP3 / 12.0.x < 12.0.2 (7123154)
The version of IBM Cognos Analytics installed on the remote host is prior to 11.1.7 FP8, 11.2.4 FP3, or 12.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the IBM Security Bulletin No. 7123154, including the following: When deserializing untrusted or corrupted data,...
9.8CVSS
8.3AI Score
0.86EPSS
The OpenSearch software family vulnerability is related to a bug in the parser where an input string of small size can cause it to use an undefined amount of memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...
7.5CVSS
7AI Score
0.001EPSS
Oracle Linux 8 : tigervnc (ELSA-2024-2037)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2037 advisory. A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when...
7.8CVSS
7.1AI Score
0.0005EPSS
Description The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.15.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
5.9CVSS
7.8AI Score
0.0004EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : FreeRDP vulnerabilities (USN-6749-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6749-1 advisory. FreeRDP is a set of free and open source remote desktop protocol library and clients. In affected versions an integer overflow...
9.8CVSS
9.5AI Score
0.001EPSS