CVE-2021-0978

In getSerialForPackage of DeviceIdentifiersPolicyService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2020-0978

A cross-site-scripting XSS vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0923, CVE-2020-0924, CVE-2020-0925...

CVE-2013-0978

The ARM prefetch abort handler in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not ensure that it has been invoked in an abort context, which makes it easier for local users to bypass the ASLR protection mechanism via crafted code...

Linux Distros Unpatched Vulnerability : CVE-2014-0978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line i...

Russian Hackers Exploit Firefox and Windows 0-Days to Deploy Backdoor

Watch out for the Russian hackers from the infamous RomRom group, also known as Storm-0978, Tropical Scorpius, or UNC2596, and their use of a custom backdoor...

RHEL 6 : graphviz (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - graphviz: stack-based buffer overflow in chkNum CVE-2014-1236 - graphviz: recursive function call in...

CVE-2024-0978

creationtimestamp| type| source ---|---|--- 2024-03-08 09:26:21+00:00| seen| https://t.me/ctinow/203169...

RHEL 7 : linux-firmware (RHSA-2024:0978)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0978 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: hw: amd: INVD...

WordPress My Private Site Plugin <= 3.0.14 is vulnerable to Broken Access Control

Software My Private Site Type Plugin Vulnerable versions = 3.0.14 Fixed in 3.1.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-0978 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 43919902c5ab Credits Francesco Carlucci Required...

Storm-0978 unleashes PEAPOD to target Women Political Leaders

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Storm-0978, a threat actor group, utilized a new variant of the RomCom backdoor, "ROMCOM 4.0" also referred to as PEAPOD, to target attendees of the Women Political Leaders WPL Summit in Brussels. This...

Operation Rusty Flag: Azerbaijan Targeted in New Rust-Based Malware Campaign

Targets located in Azerbaijan have been singled out as part of a new campaign that's designed to deploy Rust-based malware on compromised systems. Cybersecurity firm Deep Instinct is tracking the operation under the name Operation Rusty Flag. It has not been associated with any known threat actor...

The Tale of Two Exploits - Breaking Down CVE-2023-36884 and the Infection Chain

The Tale of Two Exploits - Breaking Down CVE-2023-36884 and the Infection Chain By Trellix · August 24, 2023 This blog was written by Chintan Shah Executive Summary On July 11 2023, Microsoft released a patch fixing multiple actively exploited RCE vulnerabilities and disclosed a phishing campaign...

The Bug Report - July 2023 Edition

The Bug Report – July 2023 Edition By Trellix · August 02, 2023 This story was also written by John Dunlap. A Storm is Brewing! Why am I here? Summer is now in full swing, and our July Bug Report is similarly coming out swinging. This month comes with a red-hot list of software vulnerabilities...

The Bug Report - July 2023 Edition

The Bug Report – July 2023 Edition By Trellix · August 02, 2023 This story was also written by John Dunlap. A Storm is Brewing! Why am I here? Summer is now in full swing, and our July Bug Report is similarly coming out swinging. This month comes with a red-hot list of software vulnerabilities...

Storm-0978 actively exploited the unpatched Office zero-day

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Storm-0978 is a Russian cybercriminal group that specializes in executing sophisticated phishing campaigns. Storm-0978 was found to be engaged in a new wave of attacks, leveraging the exploitation of...

Zero-day deploys remote code execution vulnerability via Word documents

An unpatched zero-day vulnerability is currently being abused in the wild, targeting those with an interest in Ukraine. Microsoft reports that CVE-2023-36884 is tied to reports of: …a series of remote code execution vulnerabilities impacting Windows and Office products. Microsoft is aware of...

Microsoft Releases Patches for 132 Vulnerabilities, Including 6 Under Active Attack

Microsoft on Tuesday released updates to address a total of 132 new security flaws spanning its software, including six zero-day flaws that it said have been actively exploited in the wild. Of the 132 vulnerabilities, nine are rated Critical, 122 are rated Important in severity, and one has been...

Apple & Microsoft Patch Tuesday, July 2023 Edition

Microsoft Corp. today released software updates to quash 130 security bugs in its Windows operating systems and related software, including at least five flaws that are already seeing active exploitation. Meanwhile, Apple customers have their own zero-day woes again this month: On Monday, Apple...

Patch Tuesday - July 2023

Microsoft is addressing 130 vulnerabilities this July Patch Tuesday, including five zero-day vulnerabilities, and eight further critical remote code execution RCE vulnerabilities. Overall, it’s safe to say that this is a busier Patch Tuesday than the past couple of months. Note that the total cou...

Storm-0978 attacks reveal financial and espionage motives

Microsoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a remote code execution vulnerability exploited before disclosu...