K000138693 : Linux kernel vulnerabilities CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208
Security Advisory Description CVE-2023-4206 A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation. When route4_change() is called on an existing filter, the whole tcf_result struct is always copied into the new...
7.8CVSS
7.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnet_policy The variable rmnet_link_ops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. See bug trace below:...
7.1CVSS
6.3AI Score
0.0004EPSS
SonicWall SonicOS Buffer Overflow (SNWLID-2022-0003)
According to its self-reported version, the remote SonicWall firewall is running a version of SonicOS that is affected by a buffer overflow vulnerability. A Stack-based buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could...
9.8CVSS
10AI Score
0.004EPSS
TruRisk™️ Insights – The Story Behind a TruRisk Score
In the world of cloud and SaaS security, where risks arise not only from vulnerabilities but also from misconfigurations and various threats, the task of prioritizing and managing them becomes increasingly complex. It's not just about identifying vulnerabilities; it's also crucial to recognize and....
7.7AI Score
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 78 vulnerabilities disclosed in 63...
10CVSS
9.2AI Score
0.001EPSS
New Leak Shows Business Side of China’s APT Menace
A new data leak that appears to have come from one of China's top private cybersecurity firms provides a rare glimpse into the commercial side of China's many state-sponsored hacking groups. Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign...
7.1AI Score
TinyTurla-NG in-depth tooling and command and control analysis
Cisco Talos, in cooperation with CERT.NGO, has discovered new malicious components used by the Turla APT. New findings from Talos illustrate the inner workings of the command and control (C2) scripts deployed on the compromised WordPress servers utilized in the compromise we previously disclosed......
7.8AI Score
AlmaLinux 8 : mysql:8.0 (ALSA-2024:0894)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0894 advisory. A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun....
7.5CVSS
6.2AI Score
0.002EPSS
Fortinet FortiOS and FortiProxy Out-of-Bounds Write Vulnerability
Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy is a secure network proxy that protects employees from cyberattacks by combining a variety of detection technologies, such as Web filtering, DNS filtering, DLP, anti-virus,...
9.8CVSS
8.2AI Score
0.018EPSS
Oracle Linux 8 : mysql:8.0 (ELSA-2024-0894)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0894 advisory. Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and...
7.5CVSS
6.2AI Score
0.002EPSS
[updated] Vibrator virus steals your personal information
I know that some of you are expecting a post similar to that about a toothbrush botnet, but this is not a hypothetical case. It actually happened. A Malwarebytes Premium customer started a thread on Reddit saying we had blocked malware from trying to infect their computer after they connected a...
7.3AI Score
K000138679 : GoLang vulnerabilities CVE-2023-24540, CVE-2023-29400, and CVE-2023-29403
Security Advisory Description CVE-2023-24540 Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly...
9.8CVSS
8.4AI Score
0.003EPSS
K000138668 : OpenSSL vulnerability CVE-2023-6237
Security Advisory Description Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVP_PKEY_public_check() to check RSA public keys may experience long delays. Where the key that is being checked has been obtained....
5.9AI Score
0.0004EPSS
K000138650 : cURL vulnerability CVE-2023-46218
Security Advisory Description This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It...
6.5CVSS
6.9AI Score
0.001EPSS
K000138649 : GnuTLS vulnerabilities CVE-2023-5981 and CVE-2024-0553
Security Advisory Description CVE-2023-5981 A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. CVE-2024-0553 A vulnerability was found in GnuTLS. The response times...
7.5CVSS
6.8AI Score
0.008EPSS
Summary Ansible-operator and opm is used by IBM Cloud Pak for Data Scheduling as part of the Ansible operator used for installation of the Scheduler. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2022-23471 DESCRIPTION: **containerd.....
9.8CVSS
9AI Score
0.024EPSS
SQL Injection Vulnerability Patched in RSS Aggregator by Feedzy WordPress Plugin
🎉 Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! On February 1st, 2024, during our second Bug Bounty...
8.8CVSS
7.8AI Score
0.0004EPSS
Astaroth, Mekotio & Ousaban abusing Google Cloud Run in LATAM-focused malware campaigns
Google Cloud Run is currently being abused in high-volume malware distribution campaigns, spreading several banking trojans such as Astaroth (aka Guildma), Mekotio and Ousaban to targets across Latin America and Europe. The volume of emails associated with these campaigns has significantly...
7AI Score
Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities
Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities listed herein. Vulnerability Details ** CVEID: CVE-2023-51074 DESCRIPTION: **json-path is vulnerable to a denial of service, caused by a stack-based buffer overflow in the Criteria.parse method. By sending a...
7.8CVSS
9.9AI Score
0.024EPSS
(RHSA-2024:0894) Moderate: mysql:8.0 security update
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. Security Fix(es): mysql: InnoDB unspecified vulnerability (CPU Apr 2023) (CVE-2023-21911) mysql: Server: DDL unspecified vulnerability (CPU Apr...
8AI Score
0.002EPSS
November 14, 2023—KB5032190 (OS Builds 22621.2715 and 22631.2715)
November 14, 2023—KB5032190 (OS Builds 22621.2715 and 22631.2715) UPDATED 2/27/24 IMPORTANT: New dates for the end of non-security updates for Windows 11, version 22H2The new end date is June 24, 2025 for Windows 11, version 22H2 Enterprise, Education, IoT Enterprise, and Enterprise multi-session.....
9.8CVSS
8.2AI Score
0.57EPSS
A null pointer dereference vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1 and USG FLEX series firmware versions from 4.50 through 5.37 Patch 1 could allow a LAN-based attacker to cause denial-of-service (DoS) conditions by downloading a crafted RAR compressed...
6.5CVSS
6.3AI Score
0.0004EPSS
A null pointer dereference vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1 and USG FLEX series firmware versions from 4.50 through 5.37 Patch 1 could allow a LAN-based attacker to cause denial-of-service (DoS) conditions by downloading a crafted RAR compressed...
6.5CVSS
6.3AI Score
0.0004EPSS
A null pointer dereference vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1 and USG FLEX series firmware versions from 4.50 through 5.37 Patch 1 could allow a LAN-based attacker to cause denial-of-service (DoS) conditions by downloading a crafted RAR compressed...
6.5CVSS
7.2AI Score
0.0004EPSS
A null pointer dereference vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1 and USG FLEX series firmware versions from 4.50 through 5.37 Patch 1 could allow a LAN-based attacker to cause denial-of-service (DoS) conditions by downloading a crafted RAR compressed...
6.5CVSS
6.5AI Score
0.0004EPSS
RHEL 8 : mysql:8.0 (RHSA-2024:0894)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0894 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and...
7.5CVSS
6.9AI Score
0.002EPSS
Security Advisory 0092 PDF Date: February 20, 2024 Revision | Date | Changes ---|---|--- 1.0 | February 20, 2024 | Initial release CVSSv3.1 Base Score: 9.8 (CVSS:3.1AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H ) Common Weakness Enumeration: CWE-1394 Use of default cryptographic key This vulnerability is...
6.7AI Score
Moderate: mysql:8.0 security update
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. Security Fix(es): mysql: InnoDB unspecified vulnerability (CPU Apr 2023) (CVE-2023-21911) mysql: Server: DDL unspecified vulnerability (CPU Apr 2023)...
7.5CVSS
8AI Score
0.002EPSS
Moderate: mysql:8.0 security update
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. Security Fix(es): mysql: InnoDB unspecified vulnerability (CPU Apr 2023) (CVE-2023-21911) mysql: Server: DDL unspecified vulnerability (CPU Apr 2023)...
7.5CVSS
8AI Score
0.002EPSS
Security Advisory 0091 _._CSAF PDF Date: February 20, 2024 Revision | Date | Changes ---|---|--- 1.0 | February 20, 2024 | Initial release The CVE-ID tracking this issue: CVE-2023-6068 CVSSv3.1 Base Score: 3.1 (AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N) Common Weakness Enumeration: CWE-283 Improper...
3.1CVSS
3.7AI Score
0.0004EPSS
6.9AI Score
0.0004EPSS
K000138651: c-ares vulnerability CVE-2022-4904
Security Advisory Description A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and...
8.6CVSS
6.9AI Score
0.001EPSS
9.8CVSS
7.2AI Score
0.006EPSS
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server : Security : Firewall). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...
4.4CVSS
4.5AI Score
0.0004EPSS
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server : Security : Firewall). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...
4.4CVSS
4.7AI Score
0.0004EPSS
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server : Security : Firewall). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...
4.4CVSS
4.6AI Score
0.0004EPSS
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Difficult to exploit vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracle Audit Vault and Database Firewall. ...
2.6CVSS
2.2AI Score
0.0004EPSS
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Difficult to exploit vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracle Audit Vault and Database Firewall. ...
2.6CVSS
2.9AI Score
0.0004EPSS
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Oracle Audit Vault and Database Firewall. ...
7.5CVSS
7.1AI Score
0.0005EPSS
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Oracle Audit Vault and Database Firewall. ...
7.5CVSS
7.3AI Score
0.0005EPSS
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Oracle Audit Vault and Database Firewall. ...
7.5CVSS
6.9AI Score
0.0005EPSS
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server : Security : Firewall). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...
4.4CVSS
5.8AI Score
0.0004EPSS
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Difficult to exploit vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracle Audit Vault and Database Firewall. ...
2.6CVSS
4.8AI Score
0.0004EPSS
K000138643 : OpenSSH vulnerability CVE-2023-51767
Security Advisory Description OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat....
7CVSS
6.7AI Score
0.001EPSS
K000138640 : Perl vulnerability CVE-2023-47038
Security Advisory Description A vulnerability was found in perl. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer. (CVE-2023-47038) Impact This vulnerability could allow a local...
7.8CVSS
7.6AI Score
0.0004EPSS
K000138641 : cURL vulnerability CVE-2023-46219
Security Advisory Description When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use. (CVE-2023-46219) Impact An attacker with a network position that allows...
5.3CVSS
6.3AI Score
0.001EPSS
Summary App Connect Professional has addressed the following vulnerability reported in Apache Tomcat. (CVE-2023-46589) Vulnerability Details ** CVEID: CVE-2023-46589 DESCRIPTION: **Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP trailer headers. By...
7.5CVSS
7.9AI Score
0.005EPSS
Why We Must Democratize Cybersecurity
With breaches making the headlines on an almost weekly basis, the cybersecurity challenges we face are becoming visible not only to large enterprises, who have built security capabilities over the years, but also to small to medium businesses and the broader public. While this is creating greater.....
9.8CVSS
9.4AI Score
0.074EPSS
U.S. Government Disrupts Russia-Linked Botnet Engaged in Cyber Espionage
The U.S. government on Thursday said it disrupted a botnet comprising hundreds of small office and home office (SOHO) routers in the country that was put to use by the Russia-linked APT28 actor to conceal its malicious activities. "These crimes included vast spear-phishing and similar credential...
9.8CVSS
9.8AI Score
0.915EPSS
RCE to Sliver: IR Tales from the Field
Rapid7 Incident Response consultants Noah Hemker, Tyler Starks, and malware analyst Tom Elkins contributed analysis and insight to this blog. Rapid7 Incident Response was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the source....
10CVSS
8.6AI Score
0.971EPSS