Lucene search
K

2294 matches found

The Hacker News
The Hacker News
added 2023/12/15 2:17 p.m.60 views

New KV-Botnet Targeting Cisco, DrayTek, and Fortinet Devices for Stealthy Attacks

A new botnet consisting of firewalls and routers from Cisco, DrayTek, Fortinet, and NETGEAR is being used as a covert data transfer network for advanced persistent threat actors, including the China-linked threat actor called Volt Typhoon. Dubbed KV-botnet by the Black Lotus Labs team at Lumen...

9.8CVSS9.5AI score0.85689EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2023/12/11 12:0 a.m.14 views

HTTP NTLM Information Disclosure

Windows New Technology LAN Manager NTLM is a suite of Microsoft security protocols designed to offer authentication, integrity and confidentiality to users. In Windows environments, NTLM authentication is often supported over HTTP in order to protect access to specific resources. During the...

7.2AI score
Exploits0References2
Prion
Prion
added 2023/12/07 6:15 a.m.13 views

Directory traversal

An issue was discovered in server.js in etcd-browser 87ae63d75260. By supplying a /../../../ Directory Traversal input to the URL's GET request while connecting to the remote server port specified during setup, an attacker can retrieve local operating system files from the remote system...

5CVSS7.1AI score0.01311EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/12/07 12:0 a.m.5 views

CVE-2023-46307

An issue was discovered in server.js in etcd-browser 87ae63d75260. By supplying a /../../../ Directory Traversal input to the URL's GET request while connecting to the remote server port specified during setup, an attacker can retrieve local operating system files from the remote system...

7.4AI score0.01311EPSS
Exploits0References4
CVE
CVE
added 2023/12/07 12:0 a.m.60 views

CVE-2023-46307

Summary: CVE-2023-46307 affects etcd-browser (build 87ae63d75260). The vulnerability is in server.js and enables a directory traversal by supplying a /../../../ path in the URL in a remote-connection context, allowing retrieval of local operating system files on the remote system. Impact: potenti...

7.5CVSS7.8AI score0.01311EPSS
Exploits0References4Affected Software1
Amazon
Amazon
added 2023/12/04 12:0 a.m.30 views

Important: squid

Issue Overview: Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a...

8.6CVSS8.2AI score0.04012EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/11/29 5:7 a.m.74 views

GoTitan Botnet Spotted Exploiting Recent Apache ActiveMQ Vulnerability

The recently disclosed critical security flaw impacting Apache ActiveMQ is being actively exploited by threat actors to distribute a new Go-based botnet called GoTitan as well as a .NET program known as PrCtrl Rat that's capable of remotely commandeering the infected hosts. The attacks involve th...

10CVSS8.1AI score0.99654EPSS
Exploits31
Tenable Nessus
Tenable Nessus
added 2023/11/25 12:0 a.m.22 views

GLSA-202311-12 : MiniDLNA: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202311-12 MiniDLNA: Multiple Vulnerabilities - A DNS rebinding issue in ReadyMedia formerly MiniDLNA before 1.3.1 allows a remote web server to exfiltrate media files. CVE-2022-26505 - ReadyMedia MiniDLNA versions from 1.1.15 up t...

9.8CVSS7.8AI score0.02061EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.39 views

Rocky Linux 8 : squid:4 (RLSA-2021:4292)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4292 advisory. - An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a...

7.5CVSS6.8AI score0.95785EPSS
Exploits5References15
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/06 2:17 p.m.44 views

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM WebSphere Remote Server (CVE-2023-31122)

Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

7.5CVSS7.5AI score0.02978EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2023/10/31 2:42 a.m.4 views

SUSE CVE-2017-7488

Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resulting in the leak of information about existing usernames...

4.3CVSS6.8AI score0.01445EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/30 8:55 p.m.59 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server

Summary IBM Db2 is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM Db2 have been published in a security bulletin CVE-2023-39976, CVE-2023-40373, CVE-2023-40372, CVE-2023-30987, CVE-2023-38719, CVE-2023-38740, CVE-2023-30991, CVE-2023-38720,...

9.8CVSS7.7AI score0.02474EPSS
Exploits1Affected Software1
OSV
OSV
added 2023/10/15 7:15 p.m.5 views

CVE-2023-38312

A directory traversal vulnerability in Valve Counter-Strike 8684 allows a client with remote control access to a game server to read arbitrary files from the underlying server via the motdfile console variable...

7.5CVSS5.9AI score0.00766EPSS
Exploits0References1
Snyk
Snyk
added 2023/10/11 9:0 p.m.2 views

Malicious Package

Overview ZendeskApi.Client.V2 is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the victim's...

9.8CVSS7.4AI score
Exploits0References2
Snyk
Snyk
added 2023/10/11 9:0 p.m.2 views

Malicious Package

Overview Kraken.Exchange is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the victim's machine,...

9.8CVSS7.4AI score
Exploits0References2
Snyk
Snyk
added 2023/10/11 9:0 p.m.1 views

Malicious Package

Overview Pathoschild.Stardew.Mod.BuildConfig is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on t...

9.8CVSS7.4AI score
Exploits0References2
Snyk
Snyk
added 2023/10/11 9:0 p.m.3 views

Malicious Package

Overview SolanaWallet is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the victim's machine, al...

9.8CVSS7.4AI score
Exploits0References2
Snyk
Snyk
added 2023/10/11 9:0 p.m.2 views

Malicious Package

Overview IAmRoot is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the victim's machine, all whi...

9.8CVSS7.4AI score
Exploits0References2
Snyk
Snyk
added 2023/10/11 9:0 p.m.1 views

Malicious Package

Overview Monero is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the victim's machine, all whil...

9.8CVSS7.4AI score
Exploits0References2
Snyk
Snyk
added 2023/10/11 9:0 p.m.2 views

Malicious Package

Overview DiscordsRpc is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the victim's machine, all...

9.8CVSS7.4AI score
Exploits0References2
Rows per page
Query Builder