Lucene search
K

9 matches found

Information Security Automation
Information Security Automation
added 2025/01/20 3:2 p.m.34 views

I have finalized the list of trending vulnerabilities for 2024 according to Positive Technologies

I have finalized the list of trending vulnerabilities for 2024 according to Positive Technologies. Last year, 74 vulnerabilities were classified as trending to compare the scale, just over 40,000 were added to NVD in 2024. All trending vulnerabilities are found in Western commercial products and...

9.8CVSS9AI score0.99999EPSS
Exploits82
CISA
CISA
added 2023/08/29 12:0 p.m.60 views

CISA Releases IOCs Associated with Malicious Barracuda Activity

CISA has released additional indicators of compromise IOCs associated with exploitation of CVE-2023-2868. CVE-2023-2868 is a remote command injection vulnerability affecting Barracuda Email Security Gateway ESG Appliance, versions 5.1.3.001-9.2.0.006. Malicious threat actors exploited this...

9.8CVSS10AI score0.86956EPSS
In wildExploits3References6
The Hacker News
The Hacker News
added 2023/06/15 2:56 p.m.102 views

Chinese UNC4841 Group Exploits Zero-Day Flaw in Barracuda Email Security Gateway

A suspected China-nexus threat actor dubbed UNC4841 has been linked to the exploitation of a recently patched zero-day flaw in Barracuda Email Security Gateway ESG appliances since October 2022. "UNC4841 is an espionage actor behind this wide-ranging campaign in support of the People's Republic o...

9.8CVSS9.8AI score0.86956EPSS
Exploits3
Trellix
Trellix
added 2023/06/07 12:0 a.m.181 views

The Bug Report - May 2023 Edition

The Bug Report – May 2023 Edition By Mark Bereza · June 7, 2023 Why am I here? In the film The Number 23, Jim Carrey masterfully portrays Walter Sparrow, a man who finds himself obsessed with the number 23 after coming upon a book detailing the 23 enigma, and begins to see it everywhere he looks,...

7.2AI score0.99284EPSS
Exploits12
ATTACKERKB
ATTACKERKB
added 2023/05/24 7:15 p.m.57 views

CVE-2023-2868

A remote command injection vulnerability exists in the Barracuda Email Security Gateway appliance form factor only product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file tape archives. The vulnerability ste...

9.8CVSS7.5AI score0.98975EPSS
In wildExploits22References4Affected Software1
NVD
NVD
added 2023/05/24 7:15 p.m.25 views

CVE-2023-2868

A remote command injection vulnerability exists in the Barracuda Email Security Gateway appliance form factor only product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file tape archives. The vulnerability ste...

9.8CVSS9.8AI score0.86956EPSS
Exploits3References3
Prion
Prion
added 2023/05/24 7:15 p.m.26 views

Command injection

A remote command injection vulnerability exists in the Barracuda Email Security Gateway appliance form factor only product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file tape archives. The vulnerability ste...

7.5CVSS9.7AI score0.86956EPSS
Exploits3References2Affected Software5
Vulnrichment
Vulnrichment
added 2023/05/24 6:0 p.m.5 views

CVE-2023-2868 Remote Code injection in Barracuda Email Security Gateway

A remote command injection vulnerability exists in the Barracuda Email Security Gateway appliance form factor only product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file tape archives. The vulnerability ste...

9.4CVSS7.5AI score0.86956EPSS
Exploits3References2
CVE
CVE
added 2023/05/24 6:0 p.m.1126 views

CVE-2023-2868

CVE-2023-2868 affects Barracuda Email Security Gateway (ESG) Appliance versions 5.1.3.001–9.2.0.006. It is due to incomplete sanitization of a user-supplied .tar archive, enabling remote command execution via Perl's qx with the appliance privileges. Barracuda fixed it in patch BNSF-36456 (auto-ap...

9.8CVSS9.7AI score0.86956EPSS
In wildExploits3References3Affected Software1
Rows per page
Query Builder