Spam & Virus Firewall 600 Security Vulnerabilities

Cross site scripting

Forcepoint NGFW Security Management Center Management Server has SMC Downloads optional feature to offer standalone Management Client downloads and ECA configuration downloads. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Next...

CVE-2023-5451

Forcepoint NGFW Security Management Center Management Server has SMC Downloads optional feature to offer standalone Management Client downloads and ECA configuration downloads. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Next...

Why it Pays to Have a Comprehensive API Security Strategy

In an era dominated by digital connectivity and rapid technological advancements, Application Programming Interfaces (APIs) play a pivotal role in facilitating seamless communication and data exchange between diverse software applications. As API usage continues to grow, so does the need for...

Security Bulletin: IBM Cloud Pak for Network Automation 2.7 fixes multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.7 fixes multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details ** CVEID: CVE-2023-24998 DESCRIPTION: **Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the number of request...

Checkmk < 2.2.0p24, 2.3.x < 2.3.0b1, 2.4.x < 2.4.0b1 Privilege Escalation Vulnerability

Checkmk is prone to a privilege escalation...

openSUSE: Security Advisory for apache2 (SUSE-SU-2023:0314-1)

The remote host is missing an update for...

Windows PowerShell - Event Log Bypass Single Quote Code Execution Vulnerability

...

Windows PowerShell - Event Log Bypass Single Quote Code Execution

...

Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities

Summary QRadar Suite Software includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability Details **...

K000138726 : Linux kernel vulnerability CVE-2023-3611

Security Advisory Description An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to...

conmon security update

conmon [2.1.3-8] - address CVE-2023-39326 [2.1.3-7] - Resolve CVE-2023-39325 [2.1.3-6] - Add ol8_baseos_latest, and ol9_baseos_latest, to Jenkinsfile [2.1.3-5] - Add systemd-devel as build requirement [2.1.3-4] - Add support ARM build [2.1.3.3] - Add OL9 support [2.1.3.2] - Update inline with...

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 19, 2024 to February 25, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 83 vulnerabilities disclosed in 57 WordPress.....

CVE-2024-26608 ksmbd: fix global oob in ksmbd_nl_policy

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix global oob in ksmbd_nl_policy Similar to a reported issue (check the commit b33fb5b801c6 ("net: qualcomm: rmnet: fix global oob in rmnet_policy"), my local fuzzer finds another global out-of-bounds read for policy...

CVE-2023-51696

Cross-Site Request Forgery (CSRF) vulnerability in СleanTalk - Anti-Spam Protection Spam protection, Anti-Spam, FireWall by CleanTalk.This issue affects Spam protection, Anti-Spam, FireWall by CleanTalk: from n/a through...

CVE-2023-51696

Cross-Site Request Forgery (CSRF) vulnerability in СleanTalk - Anti-Spam Protection Spam protection, Anti-Spam, FireWall by CleanTalk.This issue affects Spam protection, Anti-Spam, FireWall by CleanTalk: from n/a through...

Cross site request forgery (csrf)

Cross-Site Request Forgery (CSRF) vulnerability in ?leanTalk - Anti-Spam Protection Spam protection, Anti-Spam, FireWall by CleanTalk.This issue affects Spam protection, Anti-Spam, FireWall by CleanTalk: from n/a through...

CVE-2023-51696 WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.20 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in СleanTalk - Anti-Spam Protection Spam protection, Anti-Spam, FireWall by CleanTalk.This issue affects Spam protection, Anti-Spam, FireWall by CleanTalk: from n/a through...

CVE-2023-41165

An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.38 before 3.7.39, 3.10.0 through 3.11.26 before 3.11.27, 4.0 through 4.3.21 before 4.3.22, and 4.4.0 through 4.6.8 before 4.6.9. An administrator with write access to the SNS firewall can configure a login disclaimer...

CVE-2023-41165

An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.38 before 3.7.39, 3.10.0 through 3.11.26 before 3.11.27, 4.0 through 4.3.21 before 4.3.22, and 4.4.0 through 4.6.8 before 4.6.9. An administrator with write access to the SNS firewall can configure a login disclaimer...

Design/Logic Flaw

An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.38 before 3.7.39, 3.10.0 through 3.11.26 before 3.11.27, 4.0 through 4.3.21 before 4.3.22, and 4.4.0 through 4.6.8 before 4.6.9. An administrator with write access to the SNS firewall can configure a login disclaimer...

CentOS 9 : grafana-9.0.9-1.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the grafana-9.0.9-1.el9 build changelog. XSS (CVE-2021-23648) Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated...

Security Bulletin: Multiple Vulnerabilities in IBM Cloud Pak for Multicloud Management

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for Multicloud Management version 2.3 Fix Pack 8 Vulnerability Details ** CVEID: CVE-2023-25577 DESCRIPTION: **Pallets Werkzeug is vulnerable to a denial of service, caused by a flaw when parsing multipart form data with many...

Security Bulletin: Multiple Vulnerabilities in CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.4.1 Vulnerability Details ** CVEID: CVE-2023-4641 DESCRIPTION: **shadow-maint shadow-utils could allow a local authenticated attacker to obtain sensitive information, caused by failing to clean the buffer used to.....

Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.8

Summary Third party reported 'Stored XSS' and 'CSRF' issues, Apache Tomcat, Apache ActiveMQ, CKEditor, libcURL, xmlbeans, scala-library, json-smart, jna-platform, jackson-databind, commons-io, shiro-core, commons-net, snappy-java, xercesImpl are identified as vulnerable components with multiple...

Cybersecurity Agencies Warn Ubiquiti EdgeRouter Users of APT28's MooBot Threat

In a new joint advisory, cybersecurity and intelligence agencies from the U.S. and other countries are urging users of Ubiquiti EdgeRouter to take protective measures, weeks after a botnet comprising infected routers was felled by law enforcement as part of an operation codenamed Dying Ember. The.....

Security Advisory 0093

Security Advisory 0093 _._CSAF PDF Date: February 28, 2024 Revision | Date | Changes ---|---|--- 1.0 | February 28, 2024 | Initial release The CVE-ID tracking this issue: CVE-2024-27889 CVSSv3.1 Base Score: 8.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) Common Weakness Enumeration: CWE-89:...

TimbreStealer campaign targets Mexican users with financial lures

Cisco Talos has discovered a new campaign operated by a threat actor distributing a previously unknown malware we're calling "TimbreStealer." This threat actor was observed distributing TimbreStealer via a spam campaign using Mexican tax-related themes starting in at least November 2023. The...

Mitsubishi Electric Multiple Factory Automation Products

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: MELSEC iQ-F Series Vulnerability: Insufficient Resource Pool 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote...

Exploit for OS Command Injection in Zyxel Usg Flex 100W Firmware

CVE-2022-30525 (Zyxel Firewall Remote Command Injection) A...

MikroTik RouterOS Confused Deputy (CVE-2019-3924)

MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vulnerability to bypass the router's firewall or for....

K000138731 : Linux vulnerability CVE-2023-3776

Security Advisory Description A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference...

Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities

Summary IBM Cognos Analytics is affected and considered vulnerable, based on current information, to vulnerabilities in Open-Source Software (OSS) components consumed by IBM Cognos Analytics. IBM Cognos Analytics has addressed the applicable CVEs by upgrading or removing the vulnerable libraries......

CVE-2024-0455

The inclusion of the web scraper for AnythingLLM means that any user with the proper authorization level (manager, admin, and when in single user) could put in the URL http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance which is a special IP and URL...

CVE-2024-0455

The inclusion of the web scraper for AnythingLLM means that any user with the proper authorization level (manager, admin, and when in single user) could put in the URL http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance which is a special IP and URL...

CVE-2024-0455

The inclusion of the web scraper for AnythingLLM means that any user with the proper authorization level (manager, admin, and when in single user) could put in the URL http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance which is a special IP and URL...

Cross site request forgery (csrf)

The inclusion of the web scraper for AnythingLLM means that any user with the proper authorization level (manager, admin, and when in single user) could put in the URL http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance which is a special IP and URL...

Latest Research Reveals Rise in API Attacks in 2023, Putting Businesses at Risk in 2024

The State of API Security in 2024 Report highlights how APIs and their increased usage are significantly changing the threat landscape. In 2023, the number of API-targeted attacks rose significantly. Attacks targeting the business logic of APIs constituted 27% of attacks in 2023, a growth of 10%...

A week in security (February 19 &#8211; February 25)

Last week on Malwarebytes Labs: Joomla! patches XSS flaws that could lead to remote code execution Update now! ConnectWise ScreenConnect vulnerability needs your attention Why ransomware gangs love using RMM tools—and how to stop them Signal to shield user phone numbers by default Vibrator virus...

CVE-2024-0455 SSRF on AWS deployed instances of AnythingLLM via /metadata

The inclusion of the web scraper for AnythingLLM means that any user with the proper authorization level (manager, admin, and when in single user) could put in the URL http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance which is a special IP and URL...

K000138682 : libssh vulnerability CVE-2023-2283

Security Advisory Description A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in thepki_verify_data_signature function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited....

Joomla! patches XSS flaws that could lead to remote code execution

On February 20, Joomla! posted details about four vulnerabilities it had fixed in its Content Management System (CMS), and one in the Joomla! Framework that affects the CMS. Joomla! is an open-source CMS that’s been around since 2005, and has been one of the most popular CMS platforms by market...

$2,063 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Ultimate Member WordPress Plugin

🎉 Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! On January 30th, 2024, shortly after the launch of our...

CVE-2024-26597

In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnet_policy The variable rmnet_link_ops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. See bug trace below:...

CVE-2024-26597

In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnet_policy The variable rmnet_link_ops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. See bug trace below: ...

CVE-2024-26597

In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnet_policy The variable rmnet_link_ops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. See bug trace below:...

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnet_policy The variable rmnet_link_ops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. See bug trace below:...

CVE-2024-26597 net: qualcomm: rmnet: fix global oob in rmnet_policy

In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnet_policy The variable rmnet_link_ops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. See bug trace below:...

CVE-2024-26597 net: qualcomm: rmnet: fix global oob in rmnet_policy

In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnet_policy The variable rmnet_link_ops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. See bug trace below:...

K000138695 : OpenSSL vulnerability CVE-2024-0727

Security Advisory Description Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12...

K000138704 : Multiple MySQL vulnerabilities

Security Advisory Description CVE-2024-20964 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with...