Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data
The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that's designed to steal sensitive information as part of an ongoing intelligence collection effort. Zscaler ThreatLabz, which observed the activity in early March 2024, has...
7.8CVSS
7.5AI Score
0.974EPSS
Summary Potential open redirect vulnerability in VMware Tanzu Spring Framework ( CVE-2024-22243) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details ** CVEID:...
8.1CVSS
6.5AI Score
0.0004EPSS
TEMU sued for being “dangerous malware” by Arkansas Attorney General
Chinese online shopping giant Temu is facing a lawsuit filed by State of Arkansas Attorney General Tim Griffin, alleging that the retailer's mobile app spies on users. “Temu purports to be an online shopping platform, but it is dangerous malware, surreptitiously granting itself access to...
7.5AI Score
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: ...
6.2CVSS
6AI Score
0.0004EPSS
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from the container due to incorrect default permissions. IBM X-Force ID: ...
6.2CVSS
5.8AI Score
0.0004EPSS
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: ...
6.2CVSS
0.0004EPSS
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from the container due to incorrect default permissions. IBM X-Force ID: ...
6.2CVSS
0.0004EPSS
USN-6844-1 fixed vulnerabilities in the CUPS package. The update lead to the discovery of a regression in CUPS with regards to how the cupsd daemon handles Listen configuration directive. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Rory McNamara...
7.4AI Score
Exploit for Improper Input Validation in Google Android
Exploit for CVE-2022-20186 The write up can be found...
7.8CVSS
8AI Score
0.0004EPSS
Exploit for Improper Input Validation in Google Android
Exploit for CVE-2022-20186 The write up can be found...
7.8CVSS
8AI Score
0.0004EPSS
CVE-2024-35139 IBM Security Access Manager Docker information disclosure
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from the container due to incorrect default permissions. IBM X-Force ID: ...
6.2CVSS
5.7AI Score
0.0004EPSS
CVE-2024-35139 IBM Security Access Manager Docker information disclosure
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from the container due to incorrect default permissions. IBM X-Force ID: ...
6.2CVSS
0.0004EPSS
CVE-2024-35137 IBM Security Access Manager Docker information disclosure
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: ...
6.2CVSS
0.0004EPSS
Etcd auth Inaccurate logging of authentication attempts for users with CN-based auth only in...
7.4AI Score
Go package github.com/notaryproject/notation configured with permissive trust policies potentially susceptible to rollback attack from compromised...
6.8CVSS
6.7AI Score
0.001EPSS
Authenticated users can crash the CubeFS servers with maliciously crafted requests in...
6.5CVSS
6.7AI Score
0.0004EPSS
Moby Docker cp broken with debian containers in github.com/moby/moby
Moby Docker cp broken with debian containers in...
9.8CVSS
6.6AI Score
0.016EPSS
SFTP is possible on the Proxy server for any user with SFTP access in...
7.2AI Score
Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an attacker to cause excessive CPU consumption on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details.....
7.1AI Score
EPSS
Security Bulletin: Vulnerability in Pallets Werkzeug affects IBM Process Mining CVE-2024-34069
Summary There is a vulnerability in Pallets Werkzeug that could allow an attacker to gain elevated privileges on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details ** CVEID: CVE-2024-34069 ...
7.5CVSS
8AI Score
0.0004EPSS
3 More Plugins Infected in WordPress.org Supply Chain Attack Due to Compromised Developer Passwords
Update #1: As of 12:36PM EST, another plugin has been infected. We've updated the list below to include this fourth plugin and the plugins team has been notified. Update #2: As of 2:20 PM EST, two more plugins appear to have malicious commits, however, the releases have not officially been made...
7.1AI Score
Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletin(s).....
8.8CVSS
8.6AI Score
0.0004EPSS
9.8CVSS
7.4AI Score
0.038EPSS
CometBFT is unstability during blocksync when syncing from malicious peer
Name: ASA-2024-008: Instability during blocksync when syncing from malicious peer Component: CometBFT Criticality: Medium (ACMv1: I:Moderate; L: Possible) Affected versions: < v0.38.7 Summary An issue was identified for nodes syncing on an existing network during blocksync in which a malicious.....
6.7AI Score
CometBFT is unstability during blocksync when syncing from malicious peer
Name: ASA-2024-008: Instability during blocksync when syncing from malicious peer Component: CometBFT Criticality: Medium (ACMv1: I:Moderate; L: Possible) Affected versions: < v0.38.7 Summary An issue was identified for nodes syncing on an existing network during blocksync in which a malicious.....
6.7AI Score
GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others
GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment (CI/CD) pipelines as any user. The weaknesses, which affect GitLab Community Edition (CE) and Enterprise Edition...
9.6CVSS
7.3AI Score
EPSS
Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can...
3.6CVSS
6.8AI Score
0.0004EPSS
Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can...
3.6CVSS
0.0004EPSS
Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can...
3.6CVSS
3.9AI Score
0.0004EPSS
CVE-2024-38531 Nix sandbox escape
Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can...
3.6CVSS
0.0004EPSS
Summary A vulnerability in the github.com/containerd/containerd-v1.6.17 package has been addressed. Vulnerability Details ** CVEID: CVE-2023-25173 DESCRIPTION: **containerd could allow a local authenticated attacker to bypass security restrictions, caused by improper setup for supplementary...
7.8CVSS
7AI Score
0.001EPSS
Security Bulletin: A vulnerability in Go affects Data Replication on Cloud Pak for Data
Summary A vulnerability in the Go package has been addressed. Vulnerability Details ** CVEID: CVE-2023-24532 DESCRIPTION: **An unspecified error with return an incorrect result in the ScalarMult and ScalarBaseMult methods of the P256 Curve in Golang Go has an unknown impact and attack vector....
5.3CVSS
6.3AI Score
0.001EPSS
Security Bulletin: A vulnerability in setuptools affects Data Replication on Cloud Pak for Data
Summary A vulnerability in the setuptools package has been addressed. Vulnerability Details ** CVEID: CVE-2022-40897 DESCRIPTION: **Pypa Setuptools is vulnerable to a denial of service, caused by improper input validation. By sending request with a specially crafted regular expression, an remote...
5.9CVSS
6.8AI Score
0.005EPSS
Security Bulletin: A vulnerability in Go affects Data Replication on Cloud Pak for Data
Summary A vulnerability in the package Go has been addressed. Vulnerability Details ** CVEID: CVE-2022-41725 DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a flaw when perform multipart form parsing with mime/multipart.Reader.ReadForm. By sending a specially-crafted...
7.5CVSS
6.7AI Score
0.001EPSS
Summary InfoSphere Data Replication uses the guava package. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-2976 DESCRIPTION: **Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a...
7.1CVSS
5.8AI Score
0.0004EPSS
Glastonbury ticket hijack vulnerability fixed
The Glastonbury ticket website was vulnerable to a relatively simple attack that that allowed ticket theft and data leakage. What’s the issue? An attacker could scrape collaborative ticket buying information (e.g. on Reddit) to gather people’s details, use a flaw in the registration process and...
6.8AI Score
8220 Gang Exploits Oracle WebLogic Server Flaws for Cryptocurrency Mining
Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known security flaws in the Oracle WebLogic Server. "The threat actor employs fileless execution techniques, using DLL reflective and process injection, allowing the malware...
7.5CVSS
7.1AI Score
0.974EPSS
Combatting the Evolving SaaS Kill Chain: How to Stay Ahead of Threat Actors
The modern kill chain is eluding enterprises because they aren't protecting the infrastructure of modern business: SaaS. SaaS continues to dominate software adoption, and it accounts for the greatest share of public cloud spending. But enterprises and SMBs alike haven't revised their security...
7.4AI Score
Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour...
7.2AI Score
0.0004EPSS
New SnailLoad Attack Exploits Network Latency to Spy on Users' Web Activities
A group of security researchers from the Graz University of Technology have demonstrated a new side-channel attack known as SnailLoad that could be used to remotely infer a user's web activity. "SnailLoad exploits a bottleneck present on all Internet connections," the researchers said in a study...
7.4AI Score
The Theron Lite theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the theme's Button shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
6.4CVSS
0.0004EPSS
The Theron Lite theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the theme's Button shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
6.4CVSS
5.8AI Score
0.0004EPSS
The Scylla lite theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the theme's Button shortcode in all versions up to, and including, 1.8.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
6.4CVSS
0.0004EPSS
The Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘galleryID’ and 'className' parameters in all versions up to, and including, 3.2.1 due to...
6.4CVSS
0.001EPSS
The Ultimate Post Kit Addons For Elementor – (Post Grid, Post Carousel, Post Slider, Category List, Post Tabs, Timeline, Post Ticker, Tag Cloud) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the Social Count (Static) widget in all versions up to,.....
6.4CVSS
0.001EPSS
The Scylla lite theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the theme's Button shortcode in all versions up to, and including, 1.8.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
6.4CVSS
5.8AI Score
0.0004EPSS
The Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘galleryID’ and 'className' parameters in all versions up to, and including, 3.2.1 due to...
6.4CVSS
5.8AI Score
0.001EPSS
The Ultimate Post Kit Addons For Elementor – (Post Grid, Post Carousel, Post Slider, Category List, Post Tabs, Timeline, Post Ticker, Tag Cloud) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the Social Count (Static) widget in all versions up to,.....
6.4CVSS
5.7AI Score
0.001EPSS
The Scylla lite theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the theme's Button shortcode in all versions up to, and including, 1.8.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
6.4CVSS
0.0004EPSS
The Ultimate Post Kit Addons For Elementor – (Post Grid, Post Carousel, Post Slider, Category List, Post Tabs, Timeline, Post Ticker, Tag Cloud) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the Social Count (Static) widget in all versions up to,.....
6.4CVSS
0.001EPSS