RHEL 6 : binutils (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. binutils: heap-based buffer overflow in finish_stab in stabs.c (CVE-2018-12699) The srec_scan function...
7.8CVSS
8.8AI Score
0.049EPSS
RHEL 7 : gvfs (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gvfs: race condition in daemon/gvfsbackendadmin.c due to admin backend not implementing ...
7.3CVSS
7.6AI Score
0.039EPSS
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1800)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is...
8CVSS
8.3AI Score
EPSS
RHEL 6 : e4fsprogs (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. e2fsprogs: potential buffer overflow in closefs() (incomplete CVE-2015-0247 fix) (CVE-2015-1572) ...
8.2AI Score
0.001EPSS
RHEL 7 : e4fsprogs (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. e2fsprogs: potential buffer overflow in closefs() (incomplete CVE-2015-0247 fix) (CVE-2015-1572) ...
7.9AI Score
0.001EPSS
RHEL 6 : openvswitch (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openvswitch: Buffer over-read while parsing the group mod OpenFlow message (CVE-2017-9265) In Open...
9.8CVSS
8.9AI Score
0.018EPSS
RHEL 5 : sssd (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. sssd: information leak from the sssd-sudo responder (CVE-2018-10852) The System Security Services Daemon...
7.5CVSS
5.8AI Score
0.014EPSS
EulerOS 2.0 SP11 : unbound (EulerOS-SA-2024-1794)
According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the...
8CVSS
7.9AI Score
0.05EPSS
RHEL 4 : krb5 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. krb5, krb5-appl: ftpd incorrect group privilege dropping (MITKRB5-SA-2011-005) (CVE-2011-1526) krb5:...
10AI Score
0.095EPSS
RHEL 6 : pcre (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. pcre: Integer overflow caused by missing check for certain conditions (8.38/31) (CVE-2015-8394) PCRE...
9.8CVSS
9.7AI Score
0.059EPSS
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1807)
The remote host is missing an update for the Huawei...
8CVSS
7AI Score
0.05EPSS
RHEL 8 : stf_sg-core-rhel8 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. golang: syscall: faccessat checks wrong group (CVE-2022-29526) Note that Nessus has not tested for this issue but...
5.3CVSS
6.5AI Score
0.002EPSS
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1794)
The remote host is missing an update for the Huawei...
8CVSS
7AI Score
0.05EPSS
In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. Because the permissions are generated when accessed, they default to the root inode's...
6.8AI Score
0.0004EPSS
RHEL 8 : openssl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712) Simultaneous Multi-threading...
7.4CVSS
6.8AI Score
0.015EPSS
RHEL 5 : e4fsprogs (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. e2fsprogs: potential buffer overflow in closefs() (incomplete CVE-2015-0247 fix) (CVE-2015-1572) ...
7.9AI Score
0.001EPSS
Ticketmaster confirms customer data breach
Live Nation Entertainment has confirmed what everyone has been speculating on for the last week: Ticketmaster has suffered a data breach. In a filing with the SEC, Live Nation said on May 20th it identified "unauthorized activity within a third-party cloud database environment containing Company...
7.4AI Score
Oracle Linux 8 : idm:DL1 / and / idm:client (ELSA-2024-3267)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3267 advisory. bind-dyndb-ldap custodia ipa [4.9.13-9.0.1] - Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674] [9.4.13-9] - dcerpc:...
6.8CVSS
6.8AI Score
0.0004EPSS
Check Point Security Gateway Arbitrary File Read
This module leverages an unauthenticated arbitrary root file read vulnerability for Check Point Security Gateway appliances. When the IPSec VPN or Mobile Access blades are enabled on affected devices, traversal payloads can be used to read any files on the local file system. Password hashes read...
8.6CVSS
7.4AI Score
0.945EPSS
Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices
Microsoft has emphasized the need for securing internet-exposed operational technology (OT) devices following a spate of cyber attacks targeting such environments since late 2023. "These repeated attacks against OT devices emphasize the crucial need to improve the security posture of OT devices...
7.6AI Score
**Check Point Security Gateway RCE Exploit Tool...
8.6CVSS
7.2AI Score
0.945EPSS
I don't think it's an exaggeration to predict that artificial intelligence will affect every aspect of our society. Not by doing new things. But mostly by doing things that are already being done by humans, perfectly competently. Replacing humans with AIs isn't necessarily interesting. But when an....
7.4AI Score
Russian Hackers Target Europe with HeadLace Malware and Credential Harvesting
The Russian GRU-backed threat actor APT28 has been attributed as behind a series of campaigns targeting networks across Europe with the HeadLace malware and credential-harvesting web pages. APT28, also known by the names BlueDelta, Fancy Bear, Forest Blizzard, FROZENLAKE, Iron Twilight, ITG05,...
7.2AI Score
OpenAI, Meta, and TikTok Crack Down on Covert Influence Campaigns, Some AI-Powered
OpenAI on Thursday disclosed that it took steps to cut off five covert influence operations (IO) originating from China, Iran, Israel, and Russia that sought to abuse its artificial intelligence (AI) tools to manipulate public discourse or political outcomes online while obscuring their true...
6.8AI Score
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:1870-1)
The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1870-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following...
7.8CVSS
8.9AI Score
EPSS
Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices. Internet-exposed OT equipment in water and wastewater systems (WWS) in the US were targeted in multiple attacks over the past months by...
9.8CVSS
8.7AI Score
0.039EPSS
Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices. Internet-exposed OT equipment in water and wastewater systems (WWS) in the US were targeted in multiple attacks over the past months by...
9.8CVSS
7.2AI Score
0.039EPSS
FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine
Cloudflare on Thursday said it took steps to disrupt a month-long phishing campaign orchestrated by a Russia-aligned threat actor called FlyingYeti targeting Ukraine. "The FlyingYeti campaign capitalized on anxiety over the potential loss of access to housing and utilities by enticing targets to...
7.8CVSS
7.6AI Score
0.192EPSS
Cyber Espionage Alert: LilacSquid Targets IT, Energy, and Pharma Sectors
A previously undocumented cyber espionage-focused threat actor named LilacSquid has been linked to targeted attacks spanning various sectors in the United States (U.S.), Europe, and Asia as part of a data theft campaign since at least 2021. "The campaign is geared toward establishing long-term...
7.3AI Score
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 20, 2024 to May 26, 2024)
_ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? __Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the...
9.8CVSS
10AI Score
0.035EPSS
RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability
The threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal. The addition of the PAN-OS vulnerability to its toolkit has been complemented by updates to the malware, which now...
10CVSS
10AI Score
0.976EPSS
LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader
By Anna Bennett, Nicole Hoffman, Asheer Malhotra, Sean Taylor and Brandon White. Cisco Talos is disclosing a new suspected data theft campaign, active since at least 2021, we attribute to an advanced persistent threat actor (APT) we're calling "LilacSquid." LilacSquid's victimology includes a...
7.8AI Score
Europol Shuts Down 100+ Servers Linked to IcedID, TrickBot, and Other Malware
Europol on Thursday said it shut down the infrastructure associated with several malware loader operations such as IcedID, SystemBC, PikaBot, SmokeLoader, Bumblebee, and TrickBot as part of a coordinated law enforcement effort codenamed Operation Endgame. "The actions focused on disrupting...
7.2AI Score
The Ticketmaster “breach”—what you need to know
Earlier this week, a cybercriminal group posted an alleged database up for sale online which, it says, contains customer and card details of 560 million Live Nation/Ticketmaster users. The data was offered for sale on one forum under the name "Shiny Hunters". ShinyHunters is the online handle for.....
7.3AI Score
U.S. Dismantles World's Largest 911 S5 Botnet with 19 Million Infected Devices
The U.S. Department of Justice (DoJ) on Wednesday said it dismantled what it described as "likely the world's largest botnet ever," which consisted of an army of 19 million infected devices that was leased to other threat actors to commit a wide array of offenses. The botnet, which has a global...
7.5AI Score
Nautobot is vulnerable to Improper Authorization. The vulnerability is due to Nautobot failing to restrict Dynamic Group member listings based on member object permissions, allowing users to view all objects in a Dynamic Group regardless of their specific...
6.3CVSS
7AI Score
0.0004EPSS
Cross-site Request Forgery (CSRF)
sylius/resource-bundle is vulnerable to a Cross-Site Request Forgery. The vulnerability is due to the absence of proper validation and insufficient CSRF protection for actions such as marking order payments or product reviews in the AdminBundle and ResourceBundle. This allowing attackers to...
7AI Score
Cross-site Request Forgery (CSRF)
sylius/admin-bundle is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability is due to the absence of a CSRF token requirement in several administrative actions, such as marking orders payments as completed or refunded, and marking product reviews as accepted or rejected. This flaws...
7.1AI Score
8.8CVSS
7.5AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1732)
The remote host is missing an update for the Huawei...
8CVSS
7.1AI Score
0.05EPSS
Advanced Custom Fields < 6.3 - Contributor+ Custom Field Access
Description The plugin allows you to display custom field values for any post via shortcode without checking for the correct access PoC 1. ADMIN: Install Advanced Custom Fields (or ACF Pro) 2. ADMIN: Create a new field group for posts and add a field to that 3. ADMIN: Fill in content for posts...
9.3AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1721)
The remote host is missing an update for the Huawei...
8CVSS
7.1AI Score
0.05EPSS
chromium -- multiple security fixes
Chrome Releases reports: This update includes 11 security fixes: [339877165] High CVE-2024-5493: Heap buffer overflow in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2024-05-11 [338071106] High CVE-2024-5494: Use after free in Dawn. Reported by wgslfuzz on 2024-05-01 [338103465] High...
7.5AI Score
0.0004EPSS
Stable Channel Update for Desktop
The Stable channel has been updated to 125.0.6422.141/.142 for Windows, Mac and 125.0.6422.141 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept...
7.3AI Score
0.0004EPSS
Advanced Custom Fields < 6.3 - Contributor+ Custom Field Access
Description The plugin allows you to display custom field values for any post via shortcode without checking for the correct...
9.5AI Score
0.0004EPSS
Nautobot dynamic-group-members doesn't enforce permission restrictions on member objects
Impact What kind of vulnerability is it? Who is impacted? A user with permissions to view Dynamic Group records (extras.view_dynamicgroup permission) can use the Dynamic Group detail UI view (/extras/dynamic-groups/<uuid>/) and/or the members REST API view...
6.3CVSS
7AI Score
0.0004EPSS
Nautobot dynamic-group-members doesn't enforce permission restrictions on member objects
Impact What kind of vulnerability is it? Who is impacted? A user with permissions to view Dynamic Group records (extras.view_dynamicgroup permission) can use the Dynamic Group detail UI view (/extras/dynamic-groups/<uuid>/) and/or the members REST API view...
6.3CVSS
6.5AI Score
0.0004EPSS
Cisco Talos' Vulnerability Research team has helped to disclose and patch more than 20 vulnerabilities over the past three weeks, including two in the popular Adobe Acrobat Reader software. Acrobat, one of the most popular PDF readers currently available, contains two out-of-bounds read...
9.8CVSS
9.8AI Score
0.001EPSS
U.S. Sentences 31-Year-Old to 10 Years for Laundering $4.5M in Email Scams
The U.S. Department of Justice (DoJ) has sentenced a 31-year-old man to 10 years in prison for laundering more than $4.5 million through business email compromise (BEC) schemes and romance scams. Malachi Mullings, 31, of Sandy Springs, Georgia pleaded guilty to the money laundering offenses in...
7.2AI Score
New Research Warns About Weak Offboarding Management and Insider Risks
A recent study by Wing Security found that 63% of businesses may have former employees with access to organizational data, and that automating SaaS Security can help mitigate offboarding risks. Employee offboarding is typically seen as a routine administrative task, but it can pose substantial...
6.9AI Score