(RHSA-2024:1570) Important: ACS 4.4 enhancement and security update
Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features and bug fixes. This release includes the following features and updates: New Compliance capabilities (Technology Preview) Network graph enhancements for internal entities Build-time...
7.6AI Score
0.963EPSS
Virtuozzo Hybrid Infrastructure 6.1 (6.1.0-238)
In this release, Virtuozzo Hybrid Infrastructure introduces a new service---Backup and Restore as a Service---as well as provides a range of new features that cover improvements in the compute services and object storage. Additionally, this release delivers stability and security improvements, and....
7.3AI Score
Issue Overview: A flaw was found in squid. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements...
9.3CVSS
7.4AI Score
0.034EPSS
Summary APM WebSphere Application Server Agent, APM Tomcat Agent, APM SAP NetWeaver Java Stack Agent, APM WebLogic Agent and APM Data Collector for J2SE are vulnerable to okio-1.13.0.jar CVE-2023-3635. The workaround includes okio-1.13.0.jar upgraded to okio-3.5.0.jar . Vulnerability Details **...
7.5CVSS
7.4AI Score
0.001EPSS
A vulnerability in the Eclipse Vert.x toolkit results in a memory leak due to using Netty FastThreadLocal data structures. Specifically, when the Vert.x HTTP client establishes connections to different hosts, triggering the memory leak. The leak can be accelerated with intimate runtime knowledge,.....
6.5CVSS
6.3AI Score
0.0004EPSS
WP Staging (Free < 3.4.0, Pro < 5.4.0) - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
5.7AI Score
0.0004EPSS
Sharepoint Dynamic Proxy Generator Remote Command Execution Exploit
This Metasploit module exploits two vulnerabilities in Sharepoint 2019 - an authentication bypass as noted in CVE-2023-29357 which was patched in June of 2023 and CVE-2023-24955 which was a remote command execution vulnerability patched in May of 2023. The authentication bypass allows attackers to....
9.8CVSS
8.1AI Score
0.89EPSS
WP Staging (Free < 3.4.0, Pro < 5.4.0) - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) PoC 1. Go to "WP Staging > Backup ...
4.9AI Score
0.0004EPSS
9.8CVSS
7.4AI Score
0.89EPSS
The Backup and Restore WordPress WordPress plugin through 1.45 does not protect some log files containing sensitive information such as site configuration etc, allowing unauthenticated users to access such...
6.1AI Score
0.0004EPSS
The Backup and Restore WordPress WordPress plugin through 1.45 does not protect some log files containing sensitive information such as site configuration etc, allowing unauthenticated users to access such...
6.3AI Score
0.0004EPSS
CVE-2023-7232 Backup and Restore WordPress <= 1.45 - Unauthenticated Sensitive Data Exposure
The Backup and Restore WordPress WordPress plugin through 1.45 does not protect some log files containing sensitive information such as site configuration etc, allowing unauthenticated users to access such...
6.3AI Score
0.0004EPSS
When an existing standalone deployment of Veeam Agent for Windows is added to a protection group it is switched to managed mode, but the autorun entry remains in the...
7AI Score
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix null deref accessing lag dev It could be the lag dev is null so stop processing the event. In bond_enslave() the active/backup slave being set before setting the upper dev so first event is without an upper dev....
5.5CVSS
5.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix null deref accessing lag dev It could be the lag dev is null so stop processing the event. In bond_enslave() the active/backup slave being set before setting the upper dev so first event is without an upper dev....
5.5CVSS
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix null deref accessing lag dev It could be the lag dev is null so stop processing the event. In bond_enslave() the active/backup slave being set before setting the upper dev so first event is without an upper dev....
5.5CVSS
6.9AI Score
0.0004EPSS
CVE-2021-47164 net/mlx5e: Fix null deref accessing lag dev
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix null deref accessing lag dev It could be the lag dev is null so stop processing the event. In bond_enslave() the active/backup slave being set before setting the upper dev so first event is without an upper dev....
6.8AI Score
0.0004EPSS
CVE-2021-47164 net/mlx5e: Fix null deref accessing lag dev
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix null deref accessing lag dev It could be the lag dev is null so stop processing the event. In bond_enslave() the active/backup slave being set before setting the upper dev so first event is without an upper dev....
5.6AI Score
0.0004EPSS
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Improper Privilege Management vulnerability in openEuler migration-tools on Linux allows Command Injection, Restful Privilege Elevation. This vulnerability is associated with program files...
8.1CVSS
8.2AI Score
0.0004EPSS
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Improper Privilege Management vulnerability in openEuler migration-tools on Linux allows Command Injection, Restful Privilege Elevation. This vulnerability is associated with program files...
8.1CVSS
7AI Score
0.0004EPSS
CVE-2024-24892 Unauthorized RCE in migration-tools
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Improper Privilege Management vulnerability in openEuler migration-tools on Linux allows Command Injection, Restful Privilege Elevation. This vulnerability is associated with program files...
8.1CVSS
8.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix null deref accessing lag dev It could be the lag dev is null so stop processing the event. In bond_enslave() the active/backup slave being set before setting the upper dev so first event is without an upper dev....
5.5CVSS
6.6AI Score
0.0004EPSS
Everest Backup < 2.2.5 - Admin+ Arbitrary File Upload
Description The plugin does not properly validate backup files to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup) PoC 1. Go to the plugin setting and in the "Restore" section...
9.3AI Score
0.0004EPSS
Everest Backup < 2.2.5 - Admin+ Arbitrary File Upload
Description The plugin does not properly validate backup files to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite...
9.4AI Score
0.0004EPSS
Grav File Upload Path Traversal
Summary Grav is vulnerable to a file upload path traversal vulnerability, that can allow an adversary to replace or create files with extensions such as .json, .zip, .css, .gif, etc. This vulnerabiltiy can allow attackers to inject arbitrary code on the server, undermine integrity of backup files.....
8.8CVSS
9.4AI Score
0.0004EPSS
Grav File Upload Path Traversal
Summary Grav is vulnerable to a file upload path traversal vulnerability, that can allow an adversary to replace or create files with extensions such as .json, .zip, .css, .gif, etc. This vulnerabiltiy can allow attackers to inject arbitrary code on the server, undermine integrity of backup files.....
8.8CVSS
9.4AI Score
0.0004EPSS
WordPress Automatic Plugin <3.92.1 - Arbitrary File Download and SSRF
WordPress Automatic plugin <3.92.1 is vulnerable to unauthenticated Arbitrary File Download and SSRF Located in the downloader.php file, could permit attackers to download any file from a site. Sensitive data, including login credentials and backup files, could fall into the wrong hands. This...
9.9CVSS
6.7AI Score
0.001EPSS
Implementing Zero Trust Controls for Compliance
The ThreatLocker® Zero Trust Endpoint Protection Platform implements a strict deny-by-default, allow-by-exception security posture to give organizations the ability to set policy-based controls within their environment and mitigate countless cyber threats, including zero-days, unseen network...
7.1AI Score
7.4AI Score
Cross Tenant Microsoft 365 Migration
By Uzair Amir With the massive adoption of Microsoft 365, encountering complex environments involving multiple tenants is becoming increasingly common. This is a post from HackRead.com Read the original post: Cross Tenant Microsoft 365...
7.3AI Score
Grav is an open-source, flat-file content management system. A file upload path traversal vulnerability has been identified in the application prior to version 1.7.45, enabling attackers to replace or create files with extensions like .json, .zip, .css, .gif, etc. This critical security flaw poses....
8.8CVSS
7.3AI Score
0.0004EPSS
Grav is an open-source, flat-file content management system. A file upload path traversal vulnerability has been identified in the application prior to version 1.7.45, enabling attackers to replace or create files with extensions like .json, .zip, .css, .gif, etc. This critical security flaw poses....
8.8CVSS
8.9AI Score
0.0004EPSS
Grav is an open-source, flat-file content management system. A file upload path traversal vulnerability has been identified in the application prior to version 1.7.45, enabling attackers to replace or create files with extensions like .json, .zip, .css, .gif, etc. This critical security flaw poses....
8.8CVSS
8.9AI Score
0.0004EPSS
CVE-2024-27921 Grav File Upload Path Traversal vulnerability
Grav is an open-source, flat-file content management system. A file upload path traversal vulnerability has been identified in the application prior to version 1.7.45, enabling attackers to replace or create files with extensions like .json, .zip, .css, .gif, etc. This critical security flaw poses....
8.8CVSS
9.1AI Score
0.0004EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (March 11, 2024 to March 17, 2024)
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 163 vulnerabilities disclosed in 126...
10CVSS
10AI Score
0.001EPSS
Summary Multiple vulnerabilities exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Manager IP Edition . CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850 Vulnerability Details ** CVEID:...
7.5CVSS
6.8AI Score
0.001EPSS
Making Sense of Operational Technology Attacks: The Past, Present, and Future
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would...
7.2AI Score
An access control issue in Dreamer CMS v4.0.1 allows attackers to download backup files and leak sensitive...
6.4AI Score
0.0004EPSS
An access control issue in Dreamer CMS v4.0.1 allows attackers to download backup files and leak sensitive...
6.7AI Score
0.0004EPSS
Security Bulletin: Apache Derby affects IBM Spectrum Control [CVE-2022-46337]
Summary Apache Derby might allow a remote attacker to bypass security restrictions caused by an LDAP injection vulnerability in the authenticator. This vulnerability affects IBM Spectrum Control. This bulletin identifies the steps to take to mitigate the vulnerability. Vulnerability Details **...
9.8CVSS
6.6AI Score
0.002EPSS
(RHSA-2024:1433) Moderate: Migration Toolkit for Applications security and bug fix update
Migration Toolkit for Applications 7.0.2 Images Security Fix(es) from Bugzilla: golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s)...
7.4AI Score
0.963EPSS
Navigating Evolving Cybersecurity: Recent Trends and Future Outlook
“Those who fail to learn from history are doomed to repeat it." - Winston Churchill While Churchill may not have been the first person to use a variation of this quote, the essence of its meaning rang true then and still does today. In this spirit, and so that we may collectively learn and evolve.....
7.5AI Score
The Backup Bolt WordPress plugin through 1.3.0 is vulnerable to Information Exposure via the unprotected access of debug logs. This makes it possible for unauthenticated attackers to retrieve the debug log which may contain information like system errors which could contain sensitive...
9.1AI Score
0.0004EPSS
The Backup Bolt WordPress plugin through 1.3.0 is vulnerable to Information Exposure via the unprotected access of debug logs. This makes it possible for unauthenticated attackers to retrieve the debug log which may contain information like system errors which could contain sensitive...
6.1AI Score
0.0004EPSS
CVE-2023-7236 Backup Bolt <= 1.3.0 - Sensitive Data Exposure
The Backup Bolt WordPress plugin through 1.3.0 is vulnerable to Information Exposure via the unprotected access of debug logs. This makes it possible for unauthenticated attackers to retrieve the debug log which may contain information like system errors which could contain sensitive...
6.3AI Score
0.0004EPSS
Gaining kernel code execution on an MTE-enabled Pixel 8
In this post, I'll look at CVE-2023-6241, a vulnerability in the Arm Mali GPU that I reported to Arm on November 15, 2023 and was fixed in the Arm Mali driver version r47p0, which was released publicly on December 14, 2023. It was fixed in Android in the March security update. When exploited, this....
7.9AI Score
0.0004EPSS
BackWPup < 4.0.4 - Unauthenticated Backup Download
Description The plugin does not prevent visitors from leaking key information about ongoing backups, allowing unauthenticated attackers to download backups of a site's database. PoC 1) Ensure that Apache is configured with the ability to list directory content. 2) When this is done, you can see...
6.2AI Score
0.0004EPSS
Amazon Linux 2 : squid (ALAS-2024-2500)
The version of squid installed on the remote host is prior to 3.5.20-17. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2500 advisory. Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to...
8.6CVSS
6.7AI Score
0.015EPSS
7.4AI Score
Backuply – Backup, Restore, Migrate and Clone < 1.2.8 - Admin+ Directory Traversal
Description The Backuply – Backup, Restore, Migrate and Clone plugin is vulnerable to Directory Traversal via the backup_name parameter in the backuply_download_backup...
4.9CVSS
6.8AI Score
0.0004EPSS