openSUSE 15 Security Update : EternalTerminal (openSUSE-SU-2022:10185-1)
The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10185-1 advisory. A privilege escalation to root exists in Eternal Terminal prior to version 6.2.0. This is due to the combination of a race condition,...
7.5CVSS
7.4AI Score
0.003EPSS
Server-side attacks, C&C in public clouds and other MDR cases we observed
Introduction This report describes several interesting incidents observed by the Kaspersky Managed Detection and Response (MDR) team. The goal of the report is to inform our customers about techniques used by attackers. We hope that learning about the attacks that took place in the wild helps you.....
AI Score
Security update for EternalTerminal (important)
An update that fixes four vulnerabilities is now available. Description: This update for EternalTerminal fixes the following issues: Update to 6.2.1: CVE-2022-24949: Fixed race condition allows local attacker to hijack IPC socket (boo#1202435) CVE-2022-24950: Fixed privilege escalation to...
7.5CVSS
2.9AI Score
0.003EPSS
Security update for EternalTerminal (important)
An update that fixes four vulnerabilities is now available. Description: This update for EternalTerminal fixes the following issues: Update to 6.2.1: CVE-2022-24949: Fixed race condition allows local attacker to hijack IPC socket (boo#1202435) CVE-2022-24950: Fixed privilege escalation to...
7.5CVSS
2.9AI Score
0.003EPSS
Security update for the Linux Kernel (important)
An update that solves 32 vulnerabilities, contains two features and has 84 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2016-3695: Fixed an issue inside the...
8.8CVSS
-0.4AI Score
0.01EPSS
0.3AI Score
0.0004EPSS
Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability
Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient validation of resources that are loaded by the application at run time. An attacker with valid credentials on Windows could execute code on the affected machine with SYSTEM...
7.8CVSS
3.6AI Score
0.001EPSS
Memory corruption in Qualcomm IPC due to buffer copy without checking the size of input while starting communication with a compromised kernel. in Snapdragon...
7.8CVSS
0.0004EPSS
Memory corruption in Qualcomm IPC due to buffer copy without checking the size of input while starting communication with a compromised kernel. in Snapdragon...
7.8CVSS
7.9AI Score
0.0004EPSS
Memory corruption in Qualcomm IPC due to buffer copy without checking the size of input while starting communication with a compromised kernel. in Snapdragon...
7.8CVSS
7.9AI Score
0.0004EPSS
Defenders beware: A case for post-ransomware investigations
Ransomware is one of the most pervasive threats that Microsoft Detection and Response Team (DART) responds to today. The groups behind these attacks continue to add sophistication to their tactics, techniques, and procedures (TTPs) as most network security postures increase. In this blog, we...
0.1AI Score
Defenders beware: A case for post-ransomware investigations
Ransomware is one of the most pervasive threats that Microsoft Detection and Response Team (DART) responds to today. The groups behind these attacks continue to add sophistication to their tactics, techniques, and procedures (TTPs) as most network security postures increase. In this blog, we...
0.1AI Score
Defenders beware: A case for post-ransomware investigations
Ransomware is one of the most pervasive threats that Microsoft Detection and Response Team (DART) responds to today. The groups behind these attacks continue to add sophistication to their tactics, techniques, and procedures (TTPs) as most network security postures increase. In this blog, we...
0.1AI Score
Defenders beware: A case for post-ransomware investigations
Ransomware is one of the most pervasive threats that Microsoft Detection and Response Team (DART) responds to today. The groups behind these attacks continue to add sophistication to their tactics, techniques, and procedures (TTPs) as most network security postures increase. In this blog, we...
0.1AI Score
Security update for the Linux Kernel (important)
An update that solves 26 vulnerabilities, contains two features and has 89 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2022-39190: Fixed an issue that was...
7.8CVSS
-0.1AI Score
0.01EPSS
Memory corruption in Qualcomm IPC due to buffer copy without checking the size of input while starting communication with a compromised kernel. in Snapdragon...
7.8CVSS
8.1AI Score
0.0004EPSS
Uncommon infection and malware propagation methods
Introduction We are often asked how targets are infected with malware. Our answer is nearly always the same: (spear) phishing. There will be exceptions, naturally, as we will encounter RCE vulnerabilities every now and then, or if the attacker is already on the network, they will use tools like...
0.8AI Score
Race condition in the Pipe (IPC) close function in FreeBSD 6.3 and 6.4 allows local users to cause a denial of service (crash) or gain privileges via vectors related to kqueues, which triggers a use after free, leading to a NULL pointer dereference or memory...
6.4AI Score
0.0004EPSS
Race condition in the Pipe (IPC) close function in FreeBSD 6.3 and 6.4 allows local users to cause a denial of service (crash) or gain privileges via vectors related to kqueues, which triggers a use after free, leading to a NULL pointer dereference or memory...
6.4AI Score
0.0004EPSS
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple...
9.1AI Score
0.002EPSS
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary process to cause a denial of service (release assertion) of the UI process. This vulnerability does not affect Apple...
6.6AI Score
0.001EPSS
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary process to cause a denial of service (release assertion) of the UI process. This vulnerability does not affect Apple...
5.3CVSS
6.3AI Score
0.001EPSS
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary process to cause a denial of service (release assertion) of the UI process. This vulnerability does not affect Apple...
5.3CVSS
3.6AI Score
0.001EPSS
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple...
9.8CVSS
3.4AI Score
0.002EPSS
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple...
9.8CVSS
8.9AI Score
0.002EPSS
Amcrest networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation, as demonstrated by...
5.9CVSS
5.8AI Score
0.002EPSS
The Linux Console on the WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices has a default password of wago for the (1) root and (2) admin accounts, (3) a default password of user for the user account, and (4) a default password of guest for the guest...
6.9AI Score
0.004EPSS
The Linux Console on the WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices has a default password of wago for the (1) root and (2) admin accounts, (3) a default password of user for the user account, and (4) a default password of guest for the guest...
6.7AI Score
0.004EPSS
WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices have default passwords for unspecified Web Based Management accounts, which makes it easier for remote attackers to obtain administrative access via a TCP...
6.8AI Score
0.004EPSS
WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices have default passwords for unspecified Web Based Management accounts, which makes it easier for remote attackers to obtain administrative access via a TCP...
6.6AI Score
0.004EPSS
Attacking Encrypted HTTP Communications
TL;DR The Reolink RLC-520A PoE camera obfuscates its HTTP communication by encrypting the POST body data. This level of security does defend against opportunistic attackers but falls short when defending against persistent attackers. Introduction Different embedded devices have their own take on...
-0.4AI Score
Summary Linux Kernel, OpenSSL, Golang Go, and Zlib vulnerabilities such as obtaining sensitive information, execution of arbitrary code, denial of service, and bypassing security restrictions may affect IBM Spectrum Protect Plus. Vulnerability Details ** CVEID: CVE-2022-2097 DESCRIPTION:...
9.8CVSS
10.1AI Score
0.106EPSS
Summary Vulnerabilities in the Linux Kernel and OpenSSL such as elevation of privileges, execution of arbitrary code, denial of service, obtaining sensitive information, and buffer overflow may affect IBM Spectrum Copy Data Management. Vulnerability Details ** CVEID: CVE-2022-1729 DESCRIPTION:...
9.8CVSS
9AI Score
0.106EPSS
ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot
ASoC: SOF: Intel: cnl: Do not process IPC reply before firmware boot This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.4 by commit...
3.6AI Score
ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot
ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.4 by commit...
4.1AI Score
Security update for the Linux Kernel (important)
An update that solves 23 vulnerabilities, contains 5 features and has 88 fixes is now available. Description: The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2022-39190: Fixed an issue that was...
7.8CVSS
-0.4AI Score
EPSS
Security update for the Linux Kernel (important)
An update that solves 25 vulnerabilities, contains four features and has 91 fixes is now available. Description: The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2022-39190: Fixed an issue that...
7.8CVSS
-0.3AI Score
EPSS
Security update for the Linux Kernel (important)
An update that solves 15 vulnerabilities, contains one feature and has 61 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 kernel was updated receive various security and bugfixes. The following security bugs were fixed: CVE-2022-39190: Fixed an issue that was...
7.8CVSS
-0.5AI Score
0.002EPSS
kernel security, bug fix, and enhancement update
[4.18.0-372.26.1.0.1_6.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict...
5.5CVSS
-0.1AI Score
0.001EPSS
Exploit for Vulnerability in Google Android
Fluoride Bluetooth stack Building and running on AOSP...
9.8CVSS
-0.3AI Score
0.001EPSS
Exploit for Use After Free in Google Android
Fluoride Bluetooth stack Building and running on AOSP...
7.8CVSS
-0.3AI Score
0.0004EPSS
-0.5AI Score
OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive...
6.2CVSS
6.7AI Score
0.0004EPSS
Zero-day puts a dent in Chrome's mojo
On Friday, Google announced the release of a new version of its Chrome browser that includes a security fix for a zero-day tracked as CVE-2022-3075. As with previous announcements, technical details about the vulnerability won't be released until a certain number of Chrome users have already...
8.8CVSS
0.9AI Score
0.02EPSS
Google Releases Urgent Chrome Update to Patch New Zero-Day Vulnerability
Google on Friday shipped emergency fixes to address a security vulnerability in the Chrome web browser that it said is being actively exploited in the wild. The issue, assigned the identifier CVE-2022-3075, concerns a case of insufficient data validation in Mojo, which refers to a collection of...
8.8CVSS
1.1AI Score
0.057EPSS
Security update for the Linux Kernel (important)
An update that solves 11 vulnerabilities and has 44 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. NOTE: This update has been retracted, as it has caused regressions on multiple machines types. The...
8.2CVSS
-0.4AI Score
0.006EPSS
Security update for the Linux Kernel (important)
An update that solves 10 vulnerabilities, contains one feature and has 43 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 RT kernel was updated to 3.12.31 to receive various security and bugfixes. The following security bugs were fixed: CVE-2022-29900, CVE-2022-29901:...
8.2CVSS
-0.3AI Score
0.006EPSS
Security update for the Linux Kernel (important)
An update that solves 11 vulnerabilities and has 49 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new...
8.2CVSS
-0.3AI Score
0.006EPSS
Request certificates via MS-ICPR (Active Directory Certificate Services). Depending on the certificate template's configuration the resulting certificate can be used for various operations such as authentication. PFX certificate files that are saved are encrypted with a blank password. This module....
7.4AI Score
Exploit for Path Traversal in Secureauth Impacket
CVE-2021-31800 - Impacket SMB Server Arbitrary file...
9.8CVSS
9.2AI Score
0.014EPSS