Threat Actors Increasingly Abusing GitHub for Malicious Purposes
The ubiquity of GitHub in information technology (IT) environments has made it a lucrative choice for threat actors to host and deliver malicious payloads and act as dead drop resolvers, command-and-control, and data exfiltration points. "Using GitHub services for malicious infrastructure allows...
7.4AI Score
The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the BMI_BACKUP case of the handle_downloading function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers to...
7.5CVSS
7.2AI Score
0.001EPSS
The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the BMI_BACKUP case of the handle_downloading function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers to...
7.5CVSS
7.3AI Score
0.001EPSS
The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the Log File Folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally, default...
8.7CVSS
8.5AI Score
0.0005EPSS
The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the Log File Folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally, default...
8.7CVSS
8.4AI Score
0.0005EPSS
The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the BMI_BACKUP case of the handle_downloading function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers to...
7.5CVSS
6.6AI Score
0.001EPSS
The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the Log File Folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally, default...
8.7CVSS
6.9AI Score
0.0005EPSS
The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the Log File Folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally, default...
8.7CVSS
8.6AI Score
0.0005EPSS
The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the BMI_BACKUP case of the handle_downloading function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers to...
7.5CVSS
7.5AI Score
0.001EPSS
How to Customize Retention Options in Drop-Down for Copy Backup, Export Backup, and VeeamZIP
This article documents how to customize the retention options that are available when configuring Copy Backup, Export Backup, and...
7.1AI Score
Hotfix for Update Rollup 2 for Microsoft Azure Backup Server v3
Hotfix for Update Rollup 2 for Microsoft Azure Backup Server v3 Azure Backup Introduction This article describes the improvements contained in Hotfix for Update Rollup 2 for Microsoft Azure Backup Server V3. This article also contains the installation instructions for this update. Issues that are.....
6.5AI Score
7.8CVSS
7.7AI Score
0.001EPSS
Kyocera Device Manager before 3.1.1213.0 allows NTLM credential exposure during UNC path authentication via a crafted change from a local path to a UNC path. It allows administrators to configure the backup location of the database used by the application. Attempting to change this location to a...
7.2CVSS
6.9AI Score
0.003EPSS
Kyocera Device Manager before 3.1.1213.0 allows NTLM credential exposure during UNC path authentication via a crafted change from a local path to a UNC path. It allows administrators to configure the backup location of the database used by the application. Attempting to change this location to a...
7.2CVSS
7AI Score
0.003EPSS
Kyocera Device Manager before 3.1.1213.0 allows NTLM credential exposure during UNC path authentication via a crafted change from a local path to a UNC path. It allows administrators to configure the backup location of the database used by the application. Attempting to change this location to a...
7.2CVSS
7.1AI Score
0.003EPSS
SEC X account hacked to hawk crypto-scams
We have seen several high-profile accounts that were taken over on X (formerly Twitter) only to be used for cryptocurrency related promotional activities, like expressing the approval of exchange-traded funds (ETFs). The latest victim in this line-up is the Securities and Exchange Commission...
7.6AI Score
Security Bulletin: AIX is vulnerable to denial of service vulnerabilities
Summary UPDATED: (Additional iFixes are now available for AIX 7.2 TL5 SP5, 7.3 TL0 SP2, 7.3 TL0 SP3, 7.3 TL1 SP1, and VIOS 3.1.3.21, 3.1.3.30, and 3.1.4.10. Both the original and new iFixes address the kernel security vulnerabilities mentioned in the bulletin, but the new iFixes also address the...
6.2CVSS
6.5AI Score
0.0004EPSS
The vulnerability allows a remote attacker to access sensitive data inside exported packages or obtain up to Remote Code Execution (RCE) with root privileges on the device. The vulnerability can be exploited directly by authenticated users, via crafted HTTP requests, or indirectly by...
8.8CVSS
8.8AI Score
0.001EPSS
The vulnerability allows a remote attacker to access sensitive data inside exported packages or obtain up to Remote Code Execution (RCE) with root privileges on the device. The vulnerability can be exploited directly by authenticated users, via crafted HTTP requests, or indirectly by...
8.8CVSS
8.2AI Score
0.001EPSS
Cross site request forgery (csrf)
The vulnerability allows a remote attacker to access sensitive data inside exported packages or obtain up to Remote Code Execution (RCE) with root privileges on the device. The vulnerability can be exploited directly by authenticated users, via crafted HTTP requests, or indirectly by...
8.8CVSS
7.8AI Score
0.001EPSS
The vulnerability allows a remote attacker to access sensitive data inside exported packages or obtain up to Remote Code Execution (RCE) with root privileges on the device. The vulnerability can be exploited directly by authenticated users, via crafted HTTP requests, or indirectly by...
7.8CVSS
9.2AI Score
0.001EPSS
WWBN AVideo aVideoEncoder.json.php chunkFile path information disclosure vulnerability
Talos Vulnerability Report TALOS-2023-1869 WWBN AVideo aVideoEncoder.json.php chunkFile path information disclosure vulnerability January 10, 2024 CVE Number CVE-2023-47171 SUMMARY An information disclosure vulnerability exists in the aVideoEncoder.json.php chunkFile path functionality of WWBN...
6.5CVSS
7AI Score
0.0005EPSS
Microsoft .NET Framework Multiple Vulnerabilities (KB5034273)
This host is missing an important security update according to Microsoft...
9.8CVSS
9.6AI Score
0.001EPSS
Kyocera Device Manager before 3.1.1213.0 allows NTLM credential exposure during UNC path authentication via a crafted change from a local path to a UNC path. It allows administrators to configure the backup location of the database used by the application. Attempting to change this location to a...
7.1AI Score
0.003EPSS
Microsoft .NET Framework Multiple Vulnerabilities (KB5034275)
This host is missing an important security update according to Microsoft...
9.8CVSS
9.6AI Score
0.001EPSS
Microsoft .NET Framework Multiple Vulnerabilities (KB5034274)
This host is missing an important security update according to Microsoft...
9.8CVSS
9.6AI Score
0.001EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : tar (SUSE-SU-2024:0070-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0070-1 advisory. It was discovered that tar incorrectly handled extended attributes in PAX archives. An attacker...
7.3AI Score
0.0004EPSS
Microsoft .NET Framework Multiple Vulnerabilities (KB5033920)
This host is missing an important security update according to Microsoft...
9.8CVSS
9.6AI Score
0.001EPSS
Microsoft .NET Framework Multiple Vulnerabilities (KB5034276)
This host is missing an important security update according to Microsoft...
9.8CVSS
9.6AI Score
0.001EPSS
What Is Cloud Data Protection?
A Deep Dive into the Cosmic Universe of Information Safeguarding: An Exhaustive Examination of Distributed Data Security As the virtual dominions continue to propagate at a phenomenal pace, the totality of data we generate daily scales new zeniths. We see ourselves increasingly relying on 'online.....
6.6AI Score
Qualys offers a holistic risk-based approach to securing modern cloud workloads Over the past three years, Qualys has had a strong collaboration with Microsoft, with Qualys providing the vulnerability assessment engine for Microsoft Defender for Cloud, covering infrastructure and container...
7.6AI Score
Alert: New Vulnerabilities Discovered in QNAP and Kyocera Device Manager
A security flaw has been disclosed in Kyocera's Device Manager product that could be exploited by bad actors to carry out malicious activities on affected systems. "This vulnerability allows attackers to coerce authentication attempts to their own resources, such as a malicious SMB share, to...
9.8CVSS
8.6AI Score
0.058EPSS
New decryptor for Babuk Tortilla ransomware variant released
Cisco Talos obtained executable code capable of decrypting files affected by the Babuk Tortilla ransomware variant, allowing Talos to extract and share the private decryption key used by the threat actor. Cisco Talos shared the key with our peers at Avast for inclusion in the Avast Babuk decryptor....
7.3AI Score
Amazon Linux 2 : squid (ALAS-2024-2382)
The version of squid installed on the remote host is prior to 3.5.20-17. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2382 advisory. Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Collapse of Data into Unsafe...
5.3CVSS
7.6AI Score
0.0004EPSS
Amazon Linux AMI : squid (ALAS-2024-1901)
The version of squid installed on the remote host is prior to 3.5.20-17.53. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1901 advisory. Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable...
8.6CVSS
6.3AI Score
0.015EPSS
Amazon Linux 2 : squid (ALAS-2024-2381)
The version of squid installed on the remote host is prior to 3.5.20-17. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2381 advisory. Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value...
8.6CVSS
6.3AI Score
0.019EPSS
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team FastDup – Fastest WordPress Migration & Duplicator.This issue affects FastDup – Fastest WordPress Migration & Duplicator: from n/a through...
7.5CVSS
6AI Score
0.001EPSS
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team FastDup – Fastest WordPress Migration & Duplicator.This issue affects FastDup – Fastest WordPress Migration & Duplicator: from n/a through...
7.5CVSS
7.6AI Score
0.001EPSS
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team FastDup – Fastest WordPress Migration & Duplicator.This issue affects FastDup – Fastest WordPress Migration & Duplicator: from n/a through...
7.5CVSS
7.1AI Score
0.001EPSS
CVE-2023-51406 WordPress FastDup Plugin <= 2.1.7 is vulnerable to Sensitive Data Exposure
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team FastDup – Fastest WordPress Migration & Duplicator.This issue affects FastDup – Fastest WordPress Migration & Duplicator: from n/a through...
5.3CVSS
7.7AI Score
0.001EPSS
The Clone WordPress plugin before 2.4.3 uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically defined file...
7.5CVSS
7.6AI Score
0.001EPSS
The Clone WordPress plugin before 2.4.3 uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically defined file...
7.5CVSS
7.6AI Score
0.001EPSS
The Clone WordPress plugin before 2.4.3 uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically defined file...
7.5CVSS
6.9AI Score
0.001EPSS
CVE-2023-6750 Clone < 2.4.3 - Unauthenticated Backup Download
The Clone WordPress plugin before 2.4.3 uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically defined file...
7.7AI Score
0.001EPSS
Siemens SCALANCE Use of Weak Hash (CVE-2023-44319)
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL- Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2...
4.9CVSS
7.1AI Score
0.001EPSS
Siemens SCALANCE Use of Hard-coded Cryptographic Key (CVE-2023-44318)
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL- Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2...
4.9CVSS
5.9AI Score
0.001EPSS
For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests this means running on...
7.8CVSS
7AI Score
0.0004EPSS
For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests this means running on...
7.8CVSS
7.4AI Score
0.0004EPSS
For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests this means running on...
7.8CVSS
7.3AI Score
0.0004EPSS
For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests this means running on...
7.8CVSS
5.2AI Score
0.0004EPSS