How Attackers Can Own a Business Without Touching the Endpoint
Attackers are increasingly making use of "networkless" attack techniques targeting cloud apps and identities. Here's how attackers can (and are) compromising organizations – without ever needing to touch the endpoint or conventional networked systems and services. Before getting into the details...
7.5AI Score
Summary The IBM® Engineering System Design Rhapsody 9.0.1 iFix006 and The IBM® Engineering System Design Rhapsody 9.0.2 iFix002 contains fixes which was identified as a vulnerability during OSS scan. These version contain upgraded version of guava-28.0-jre.jar (CVE-2020-8908), httpclient-4.0.jar...
9.8CVSS
8.1AI Score
0.129EPSS
6.7AI Score
0.0005EPSS
Description The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the form_save_action() function in all versions up to, and including, 3.1.5. This makes it...
8.8CVSS
6.9AI Score
0.001EPSS
Improper Validation in the User Profile Metadata - ownCloud
Improper Validation in the User Profile Metadata may allow an authenticated attacker to edit their own profile in a way that consumes a substantial amount of resources, creating a Denial of...
6.8AI Score
EPSS
Improper Validation in the User's Avatar Mechanism - ownCloud
Improper Validation in the User’s Avatar Mechanism may allow an authenticated attacker to edit their own profile in a way that consumes a substantial amount of resources, creating a Denial of...
6.8AI Score
EPSS
New glibc packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/aaa_glibc-solibs-2.33-i586-6_slack15.0.txz: Rebuilt. patches/packages/glibc-2.33-i586-6_slack15.0.txz: Rebuilt. This update fixes a...
7.5AI Score
0.0005EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 8, 2024 to April 14, 2024)
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 219 vulnerabilities disclosed in 209...
8.8AI Score
EPSS
Global Police Operation Disrupts 'LabHost' Phishing Service, Over 30 Arrested Worldwide
As many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used by criminal actors to steal personal credentials from victims around the world. Described as one of the largest Phishing-as-a-Service (PhaaS) providers,...
7.2AI Score
A vulnerability was found in Totara LMS 18.0.1 Build 20231128.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin/roles/check.php of the component Profile Handler. The manipulation of the argument ID Number leads to cross site scripting. The....
3.5CVSS
6AI Score
0.0004EPSS
A vulnerability was found in Totara LMS 18.0.1 Build 20231128.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin/roles/check.php of the component Profile Handler. The manipulation of the argument ID Number leads to cross site scripting. The....
3.5CVSS
3.6AI Score
0.0004EPSS
CVE-2024-3931 Totara LMS Profile check.php cross site scripting
A vulnerability was found in Totara LMS 18.0.1 Build 20231128.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin/roles/check.php of the component Profile Handler. The manipulation of the argument ID Number leads to cross site scripting. The....
3.5CVSS
4AI Score
0.0004EPSS
CVE-2024-3931 Totara LMS Profile check.php cross site scripting
A vulnerability was found in Totara LMS 18.0.1 Build 20231128.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin/roles/check.php of the component Profile Handler. The manipulation of the argument ID Number leads to cross site scripting. The....
3.5CVSS
6AI Score
0.0004EPSS
Slackware Linux 15.0 / current aaa_glibc-solibs Vulnerability (SSA:2024-109-01)
The version of aaa_glibc-solibs installed on the remote host is prior to 2.33 / 2.39. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-109-01 advisory. The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by...
7.7AI Score
0.0005EPSS
Juniper Junos OS Vulnerability (JSA75747)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75747 advisory. A Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a...
7.5CVSS
7.2AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping.....
7AI Score
0.0004EPSS
OfflRouter virus causes Ukrainian users to upload confidential documents to VirusTotal
During a threat-hunting exercise, Cisco Talos discovered documents with potentially confidential information originating from Ukraine. The documents contained malicious VBA code, indicating they may be used as lures to infect organizations. The results of the investigation have shown that the...
7AI Score
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping.....
6.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping.....
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD...
6.5AI Score
0.0004EPSS
CVE-2024-26837 net: bridge: switchdev: Skip MDB replays of deferred events on offload
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping.....
6.7AI Score
0.0004EPSS
CVE-2024-26837 net: bridge: switchdev: Skip MDB replays of deferred events on offload
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping.....
6.5AI Score
0.0004EPSS
Cross-site Scripting (XSS) possible due to improper sanitisation of `href` attributes on `<a>` tags
Summary There is a potential cross-site scripting (XSS) vulnerability that can be exploited via maliciously crafted user data. Our filter to detect and prevent the use of the javascript: URL scheme in the href attribute of an <a> tag could be bypassed with tab \t or newline \n characters between...
7.1CVSS
5.9AI Score
0.0004EPSS
Cross-site Scripting (XSS) possible due to improper sanitisation of `href` attributes on `<a>` tags
Summary There is a potential cross-site scripting (XSS) vulnerability that can be exploited via maliciously crafted user data. Our filter to detect and prevent the use of the javascript: URL scheme in the href attribute of an <a> tag could be bypassed with tab \t or newline \n characters between...
7.1CVSS
5.9AI Score
0.0004EPSS
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel (AWS) vulnerabilities (USN-6725-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6725-2 advisory. An out-of-bounds (OOB) memory read flaw was found in parse_lease_state in the KSMBD implementation of the in-kernel samba server and...
9.8CVSS
7.4AI Score
EPSS
Ubuntu 20.04 LTS : Linux kernel (IoT) vulnerabilities (USN-6726-2)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6726-2 advisory. Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them...
7.8CVSS
7.9AI Score
EPSS
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping.....
6.6AI Score
0.0004EPSS
Ubuntu 20.04 LTS : Linux kernel (Xilinx ZynqMP) vulnerabilities (USN-6726-3)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6726-3 advisory. Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them...
7.8CVSS
7.9AI Score
EPSS
FTC Fines Mental Health Startup Cerebral $7 Million for Major Privacy Violations
The U.S. Federal Trade Commission (FTC) has ordered mental telehealth company Cerebral from using or disclosing personal medical data for advertising purposes. It has also been fined more than $7 million over charges that it revealed users' sensitive personal health information and other data to...
6.6AI Score
UsersWP < 1.2.6 - Cross-Site Request Forgery
Description The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.4. This is due to missing or incorrect nonce validation on an unknown.....
5.4CVSS
6.5AI Score
0.0004EPSS
Cross-site Scripting (XSS) possible due to improper sanitisation of `href` attributes on `<a>` tags
Summary There is a potential cross-site scripting (XSS) vulnerability that can be exploited via maliciously crafted user data. Our filter to detect and prevent the use of the javascript: URL scheme in the href attribute of an <a> tag could be bypassed with tab \t or newline \n characters between...
5.9AI Score
EPSS
A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft. This POC code is built for using this new BITB with Evilginx, and a Microsoft Enterprise phishlet. Before diving deep into this, I.....
6.7AI Score
Timing is Everything: The Role of Just-in-Time Privileged Access in Security Evolution
To minimize the risk of privilege misuse, a trend in the privileged access management (PAM) solution market involves implementing just-in-time (JIT) privileged access. This approach to privileged identity management aims to mitigate the risks associated with prolonged high-level access by granting....
7.3AI Score
The WP User Profile Avatar WordPress plugin through 1.0.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...
8AI Score
0.0004EPSS
The WP User Profile Avatar WordPress plugin through 1.0.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...
5.6AI Score
0.0004EPSS
CVE-2023-6067 WP User Profile Avatar <= 1.0.1 - Contributor+ Stored XSS
The WP User Profile Avatar WordPress plugin through 1.0.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...
5.8AI Score
0.0004EPSS
7.4AI Score
Xwiki is prone to a remote code execution (RCE) ...
9.9CVSS
7.9AI Score
0.0004EPSS
XWiki < 14.10.19, 15.0-rc-1 < 15.5.4, 15.6-rc-1 < 15.9-rc-1 RCE Vulnerability (GHSA-c2gg-4gq4-jv5j)
Xwiki is prone to a remote code execution (RCE) ...
9.9CVSS
7.9AI Score
0.0004EPSS
Xwiki is prone to a remote code execution (RCE) ...
9.9CVSS
7.9AI Score
0.0004EPSS
Description The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the profile_pic_remove function in versions up to, and including, 3.1.5. This makes it...
6.5CVSS
6.5AI Score
0.001EPSS
QIDs/CVEs When it comes to cybersecurity, speed is key in getting an edge over attackers. But when you consider that vulnerabilities weaponize 24 days faster than then they are remediated on average, cybersecurity stakeholders have a lot of catching up to do. While there are many ways defenders...
7AI Score
Summary IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is vulnerable to a denial of service due to jose4j. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability....
7AI Score
0.0004EPSS
Concrete CMS 9.2.7 Cross Site Scripting / Open Redirect Vulnerabilities
Concrete CMS version 9.2.7 suffers from information disclosure, open redirection, and persistent cross site scripting...
6.5AI Score
The internet is already scary enough without April Fool’s jokes
I feel like over the past several years, the "holiday" that is April Fool's Day has really died down. At this point, there are few headlines you can write that would be more ridiculous than something you'd find on a news site any day of the week. And there are so many more serious issues that are.....
7.3AI Score
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 1, 2024 to April 7, 2024)
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 193 vulnerabilities disclosed in 154...
9.9CVSS
9.8AI Score
0.082EPSS
Cross-Site Request Forgery (CSRF) vulnerability in AyeCode Ltd UsersWP.This issue affects UsersWP: from n/a before...
5.4CVSS
5.5AI Score
0.0004EPSS
Cross-Site Request Forgery (CSRF) vulnerability in AyeCode Ltd UsersWP.This issue affects UsersWP: from n/a before...
5.4CVSS
6.9AI Score
0.0004EPSS
CVE-2024-31936 WordPress UsersWP plugin < 1.2.6 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in AyeCode Ltd UsersWP.This issue affects UsersWP: from n/a before...
5.4CVSS
5.7AI Score
0.0004EPSS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....
7.5CVSS
7.7AI Score
0.963EPSS