SHQ Response Platform and Risk Centre to Enable Management and Analysts Alike
In the last decade, there has been a growing disconnect between front-line analysts and senior management in IT and Cybersecurity. Well-documented challenges facing modern analysts revolve around a high volume of alerts, false positives, poor visibility of technical environments, and analysts...
6.9AI Score
Amazon Linux 2023 : flatpak, flatpak-devel, flatpak-libs (ALAS2023-2024-611)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-611 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8, a malicious or compromised Flatpak app...
8.4CVSS
8.2AI Score
0.0004EPSS
RHEL 6 : httpd (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism (CVE-2022-31813) In Apache httpd...
10AI Score
0.959EPSS
RHEL 6 : webkitgtk (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution ...
10AI Score
0.961EPSS
RHEL 5 : httpd (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. httpd: mod_ssl NULL pointer dereference (CVE-2017-3169) httpd: Weak Digest auth nonce generation in...
8.6AI Score
0.974EPSS
RHEL 7 : jettison (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jettison: Uncontrolled Recursion in JSONArray (CVE-2023-1436) Those using Jettison to parse untrusted...
8.1AI Score
0.002EPSS
RHEL 5 : kernel (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c ...
8.8AI Score
EPSS
RHEL 5 : xen (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. xen: missing descriptor table limit checking in x86 PV emulation leading to privilege escalation ...
8.8AI Score
0.014EPSS
RHEL 6 : kernel (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: Buffer overflow due to unbounded strcpy in ISDN I4L driver (CVE-2017-12762) kernel: lack of port...
8.7AI Score
EPSS
RHEL 6 : mozilla (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Mozilla: Stack overflow due to incorrect parsing of SMTP server response codes (CVE-2020-26970) Mozilla:...
9.7AI Score
0.38EPSS
RHEL 7 : xstream (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. XStream: allow a remote attacker to load and execute arbitrary code from a remote host only by ...
9.2AI Score
0.901EPSS
CVE-2024-4129 Authentication bypass in Snow License Manager
Improper Authentication vulnerability in Snow Software AB Snow License Manager on Windows allows a networked attacker to perform an Authentication Bypass if Active Directory Authentication is enabled.This issue affects Snow License Manager: from 9.33.2 through...
8.8CVSS
8.9AI Score
0.0004EPSS
The Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's text effect widget in all versions up to, and including, 1.1.37 due to insufficient input sanitization.....
6.4CVSS
5.8AI Score
0.0004EPSS
The Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's text effect widget in all versions up to, and including, 1.1.37 due to insufficient input sanitization.....
6.4CVSS
6AI Score
0.0004EPSS
A new alert system from CISA seems to be effective — now we just need companies to sign up
One of the great cybersecurity challenges organizations currently face, especially smaller ones, is that they don't know what they don't know. It's tough to have your eyes on everything all the time, especially with so many pieces of software running and IoT devices extending the reach of networks....
9.8CVSS
8.9AI Score
0.001EPSS
Pipedream ICS malware toolkit is a nightmare
TL;DR Malware toolkit specifically designed for attacking ICS Modular and framework based Main features are enumeration, Modbus comms, and HTTP interactions Operational Technology (OT) network breaches are often due to connected Windows devices Off-network compromise assessments give a strategic...
7.6AI Score
7.4AI Score
EPSS
SUSE SLES15 Security Update : flatpak (SUSE-SU-2024:1547-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1547-1 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9, 1.12.9,...
8.4CVSS
7.5AI Score
0.0004EPSS
SUSE SLES12 Security Update : flatpak (SUSE-SU-2024:1548-1)
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1548-1 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9, 1.12.9,...
8.4CVSS
7.5AI Score
0.0004EPSS
SUSE SLES15 Security Update : flatpak (SUSE-SU-2024:1535-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1535-1 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9, 1.12.9,...
8.4CVSS
7.5AI Score
0.0004EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : flatpak (SUSE-SU-2024:1536-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1536-1 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux....
8.4CVSS
7.5AI Score
0.0004EPSS
7.4AI Score
Description The Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's text effect widget in all versions up to, and including, 1.1.37 due to insufficient input...
6.4CVSS
5.9AI Score
0.0004EPSS
Fedora 38 : stalld (2024-a047b1ca2d)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-a047b1ca2d advisory. address issues found in Static Application Security testing Fix a service startup issue Fix file open issue when kernel lockdown is in effect ...
7.2AI Score
Fedora 39 : stalld (2024-9205c35b11)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-9205c35b11 advisory. address issues found in Static Application Security testing Fix a service startup issue Fix file open issue when kernel lockdown is in effect ...
7.2AI Score
Fedora 40 : stalld (2024-d198253c42)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-d198253c42 advisory. address issues found in Static Application Security testing Fix a service startup issue Fix file open issue when kernel lockdown is in effect ...
7.2AI Score
What can we learn from the passwords used in brute-force attacks?
Brute force attacks are one of the most elementary cyber threats out there. Technically, anyone with a keyboard and some free time could launch one of them -- just try a bunch of different username and password combinations on the website of your choice until you get blocked. Nick Biasini and I...
7.6AI Score
Introducing Artifact Attestations–now in public beta
June 25, 2024 update: Artifact Attestations is now generally available! Get started today. There’s an increasing need across enterprises and the open source ecosystem to have a verifiable way to link software artifacts back to their source code and build instructions. And with more than 100M...
6.3AI Score
Watch out for tech support scams lurking in sponsored search results
This blog post was written based on research carried out by Jérôme Segura. A campaign using sponsored search results is targeting home users and taking them to tech support scams. Sponsored search results are the ones that are listed at the top of search results and are labelled "Sponsored"....
7.2AI Score
The UK is the first country to ban default passwords on IoT devices. On Monday, the United Kingdom became the first country in the world to ban default guessable usernames and passwords from these IoT devices. Unique passwords installed by default are still permitted. The Product Security and...
7.3AI Score
Universal Forwarder 8.2.0 < 8.2.12, 9.0.0 < 9.0.6, 9.1.0 < 9.1.1 (SVD-2023-0809)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0809 advisory. Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap...
9.8CVSS
8.8AI Score
0.1EPSS
[8.2.0-11] - kvm-coroutine-cap-per-thread-local-pool-size.patch [RHEL-28947] - kvm-coroutine-reserve-5-000-mappings.patch [RHEL-28947] - Resolves: RHEL-28947 (Qemu crashing with 'failed to set up stack guard page: Cannot allocate memory') [8.2.0-10] -...
7CVSS
7.8AI Score
0.002EPSS
Splunk Enterprise 8.2.0 < 8.2.12, 9.0.0 < 9.0.6, 9.1.0 < 9.1.1 (SVD-2023-0808)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0808 advisory. decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS. (CVE-2022-38900) The got package...
9.8CVSS
9AI Score
0.1EPSS
Exploit for Use After Free in Linux Linux Kernel
CVE-2024-1086 Universal local privilege escalation...
7.8CVSS
7.9AI Score
0.002EPSS
FBI warns online daters to avoid “free” online verification schemes that prove costly
The FBI has warned of fraudsters targeting users of dating websites and apps with “free” online verification service schemes that turn out to be very costly. Instead of being free, as advertised, the verification schemes involve steep monthly subscription fees, and will steal personal information.....
6.9AI Score
Fedora 40 : flatpak (2024-43ea98691e)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-43ea98691e advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9, 1.12.9, 1.14.6, and...
8.4CVSS
7.9AI Score
0.0004EPSS
The Anatomy of HTML Attachment Phishing
The Anatomy of HTML Attachment Phishing: One Code, Many Variants By Mathanraj Thangaraju, Niranjan Hegde, and Sijo Jacob · June 14, 2023 Introduction Phishing is the malevolent practise of pretending to be a reliable entity in electronic communication to steal sensitive data, such as login...
7.4AI Score
CentOS 9 : openssl-3.0.7-25.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the openssl-3.0.7-25.el9 build changelog. Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are...
7.5CVSS
7.7AI Score
0.004EPSS
The Rise of Large-Language-Model Optimization
The web has become so interwoven with everyday life that it is easy to forget what an extraordinary accomplishment and treasure it is. In just a few decades, much of human knowledge has been collectively written up and made available to anyone with an internet connection. But all of this is coming....
6.7AI Score
OpenMetadata vulnerable to a SpEL Injection in `PUT /api/v1/events/subscriptions` (`GHSL-2023-251`)
SpEL Injection in PUT /api/v1/events/subscriptions (GHSL-2023-251) Please note, only authenticated users have access to PUT / POST APIS for /api/v1/policies. Non authenticated users will not be able to access these APIs to exploit the vulnerability. A user must exist in OpenMetadata and have...
8.8CVSS
8AI Score
0.0004EPSS