WordPress Meta Data Filter & Taxonomies Filter Security Vulnerabilities

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1835)

The remote host is missing an update for the Huawei...

CVE-2024-38659

In the Linux kernel, the following vulnerability has been resolved: enic: Validate length of nl attributes in enic_set_vf_port enic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE is of length PORT_PROFILE_MAX and that the nl attributes IFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are.....

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2183-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2183-1 advisory. The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: .....

RHEL 7 : kernel (RHSA-2024:4098)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4098 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * Kernel: bluetooth: Unauthorized...

Faronics WINSelect Hardcoded Credentials / Bad Permissions / Unhashed Password

...

CVE-2024-22168

A Cross-Site Scripting (XSS) vulnerability on the My Cloud, My Cloud Home, SanDisk ibi, and WD Cloud web apps was found which could allow an attacker to redirect the user to a crafted domain and reset their credentials, or to execute arbitrary client-side code in the user’s browser session to...

CVE-2024-22168

A Cross-Site Scripting (XSS) vulnerability on the My Cloud, My Cloud Home, SanDisk ibi, and WD Cloud web apps was found which could allow an attacker to redirect the user to a crafted domain and reset their credentials, or to execute arbitrary client-side code in the user’s browser session to...

CVE-2024-22168 Cross-Site Scripting (XSS) vulnerability on Western Digital My Cloud and SanDisk ibi Web Apps

A Cross-Site Scripting (XSS) vulnerability on the My Cloud, My Cloud Home, SanDisk ibi, and WD Cloud web apps was found which could allow an attacker to redirect the user to a crafted domain and reset their credentials, or to execute arbitrary client-side code in the user’s browser session to...

CVE-2024-22168 Cross-Site Scripting (XSS) vulnerability on Western Digital My Cloud and SanDisk ibi Web Apps

A Cross-Site Scripting (XSS) vulnerability on the My Cloud, My Cloud Home, SanDisk ibi, and WD Cloud web apps was found which could allow an attacker to redirect the user to a crafted domain and reset their credentials, or to execute arbitrary client-side code in the user’s browser session to...

Exploit for HTTP Request Smuggling in Apache Http Server

CVE 2023 25690 Description Some mod_proxy configurations on...

Updated python-gunicorn packages fix security vulnerability

Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling (HRS) vulnerabilities. By crafting requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This issue is due to Gunicorn's...

CVE-2024-6104

A vulnerability was found in go-retryablehttp. The package may suffer from a lack of input sanitization by not cleaning up URL data when writing to the logs. This issue could expose sensitive authentication...

CVE-2024-37759

DataGear v5.0.0 and earlier was discovered to contain a SpEL (Spring Expression Language) expression injection vulnerability via the Data Viewing...

CVE-2024-37759

DataGear v5.0.0 and earlier was discovered to contain a SpEL (Spring Expression Language) expression injection vulnerability via the Data Viewing...

CVE-2023-49793

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Zip files uploaded to the server endpoint of CodeChecker store are not properly sanitized. An attacker, using a path traversal attack, can load and display files on the machine of....

CVE-2023-49793

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Zip files uploaded to the server endpoint of CodeChecker store are not properly sanitized. An attacker, using a path traversal attack, can load and display files on the machine of....

CVE-2023-49793

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Zip files uploaded to the server endpoint of CodeChecker store are not properly sanitized. An attacker, using a path traversal attack, can load and display files on the machine of....

PYSEC-2024-54

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Zip files uploaded to the server endpoint of CodeChecker store are not properly sanitized. An attacker, using a path traversal attack, can load and display files on the machine of....

CVE-2023-49793 Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store`

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Zip files uploaded to the server endpoint of CodeChecker store are not properly sanitized. An attacker, using a path traversal attack, can load and display files on the machine of....

CVE-2023-49793 Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store`

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Zip files uploaded to the server endpoint of CodeChecker store are not properly sanitized. An attacker, using a path traversal attack, can load and display files on the machine of....

Hacker Claims TEG Ticket Vendor Breach: 30M User Records for Sale

Hacker "Sp1d3r" claims breaching TEG, an Australian ticketing giant, exposing 30 million users' data for sale on Breach Forums for USD...

Essential Strategies to Secure Your Web Applications and APIs in a Modern Application Development World

In today’s interconnected digital world, the role of web applications and APIs has become central to business operations, acting as gateways to vast amounts of valuable data and services. However, their widespread use and accessibility make them prime targets for cybercriminals, posing substantial....

Change Healthcare confirms the customer data stolen in ransomware attack

For the first time since news broke about a ransomware attack on Change Healthcare, the company has released details about the data stolen during the attack. First, a quick refresher: On February 21, 2024, Change Healthcare experienced serious system outages due to a cyberattack. The incident led.....

Exploit for OS Command Injection in Dolibarr Dolibarr Erp/Crm

Readme.md CVE-2023-30253 CVE-2023-30253 is a...

CodeChecker has a Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store`

Summary ZIP files uploaded to the server-side endpoint handling a CodeChecker store are not properly sanitized. An attacker can exercise a path traversal to make the CodeChecker server load and display files from an arbitrary location on the server machine. Details Target The vulnerable endpoint...

CodeChecker has a Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store`

Summary ZIP files uploaded to the server-side endpoint handling a CodeChecker store are not properly sanitized. An attacker can exercise a path traversal to make the CodeChecker server load and display files from an arbitrary location on the server machine. Details Target The vulnerable endpoint...

CVE-2024-29510

A flaw was found in Ghostscript. The uniprint device allows the user to provide various string fragments as device options, which are later appended to the output file. Two parameters, upWriteComponentCommands and upYMoveCommand, are treated as format strings, specifically for gp_fprintf and...

Security Bulletin: Updating IBM WebSphere Liberty Profile in Identity Insight for security update

Summary Identity Insight customers are advised to update IBM WebSphere Liberty Profile (WLP) to version 24.0.0.6 for security update in WLP. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected Product(s) |...

Widespread Use of Rafel RAT Puts 3.9 Billion Android Devices at Risk

The new Rafel RAT is an Android malware capable of stealing data, spy on you, and even lock your phone. Keep your Android updated, download apps safely, and avoid phishing attacks to stay...

Supply Chain Attack on WordPress.org Plugins Leads to 5 Maliciously Compromised WordPress Plugins

On Monday June 24th, 2024 the Wordfence Threat Intelligence team became aware of a plugin, Social Warfare, that was injected with malicious code on June 22, 2024 based on a forum post by the WordPress.org Plugin Review team. We immediately checked the malicious file and uploaded it to our internal....

CVE-2024-33687

Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the...

CVE-2024-33687

Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the...

CVE-2024-33687

Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the...

CVE-2024-33687

Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the...

Google Introduces Project Naptime for AI-Powered Vulnerability Research

Google has developed a new framework called Project Naptime that it says enables a large language model (LLM) to carry out vulnerability research with an aim to improve automated discovery approaches. "The Naptime architecture is centered around the interaction between an AI agent and a target...

Exploit for CVE-2024-29868

CVE-2024-29868: Use of Cryptographically Weak PRNG in...

Security Bulletin: IBM Watson AI Gateway for IBM Cloud Pak for Data is vulnerable to follow-redirects open redirect vulnerabilitiy [ CVE-2023-26159]

Summary Potentialfollow-redirects open redirect vulnerabilitiy [ CVE-2023-26159] have been identified that may affect IBM Watson AI Gateway for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details ** CVEID:...

3DPrint Lite < 1.9.1.5 - Arbitrary File Upload

The plugin does not have any authorisation and does not check the uploaded file in its p3dlite_handle_upload AJAX action , allowing unauthenticated users to upload arbitrary file to the web server. However, there is a .htaccess, preventing the file to be accessed on Web servers such as...

LockBit Ransomware Claims 33 TB of US Federal Reserve Data for Ransom

LockBit ransomware claims to hold 33 TB of data from the US Federal Reserve for ransom. Hackread.com investigates, reaching out to CISA for comments on the breach and ongoing negotiations. Stay...

Hfinger - Fingerprinting HTTP Requests

Tool for Fingerprinting HTTP requests of malware. Based on Tshark and written in Python3. Working prototype stage :-) Its main objective is to provide unique representations (fingerprints) of malware requests, which help in their identification. Unique means here that each fingerprint should be...

Ease the Burden with AI-Driven Threat Intelligence Reporting

_Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill's threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk. _ Cybersecurity.....

XZ backdoor: Hook analysis

Part 1: XZ backdoor story – Initial analysis Part 2: Assessing the Y, and How, of the XZ Utils incident (social engineering) In our first article on the XZ backdoor, we analyzed its code from initial infection to the function hooking it performs. As we mentioned then, its initial goal was to...

Improper Access Control

studiomitte/friendlycaptcha is vulnerable to Improper Access Control. The vulnerability is due to the extension failing to check the captcha field requirement in submitted form data, which lets an attacker bypass the captcha...

A week in security (June 17 &#8211; June 23)

Last week on Malwarebytes Labs: Microsoft Recall delayed after privacy and security concerns (Almost) everything you always wanted to know about cybersecurity, but were too afraid to ask, with Tjitske de Vries: Lock and Code S05E13 43% of couples experience pressure to share logins and locations,.....

Multiple Threat Actors Deploying Open-Source Rafel RAT to Target Android Devices

Multiple threat actors, including cyber espionage groups, are employing an open-source Android remote administration tool called Rafel RAT to meet their operational objectives by masquerading it as Instagram, WhatsApp, and various e-commerce and antivirus apps. "It provides malicious actors with a....

XML External Entity (XXE)

io.github.classgraph:classgraph is vulnerable to XML External Entity (XXE). The vulnerability is due to improper handling of external entities during XML processing, which can result in XML External Entity (XXE) injection attacks that can expose sensitive data or execute malicious...

RHEL 8 : Red Hat OpenStack Platform 16.2 (RHSA-2024:4053)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4053 advisory. Affected components: * python-yaql: a library that contains a large set of commonly used functions * openstack-tripleo-heat-templates: Heat...

Adobe FrameMaker Publishing Server Authentication Bypass (CVE-2024-30299)

The Adobe FrameMaker Publishing Server running on the remote host is affected by an authentication bypass vulnerability. An unauthenticated, remote attacker can exploit this, via specially crafted messages, to access certain application...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-643)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-643 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (CVE-2024-36905) In the Linux kernel, the following...

CVE-2024-37759

DataGear v5.0.0 and earlier was discovered to contain a SpEL (Spring Expression Language) expression injection vulnerability via the Data Viewing...