[SECURITY] [DLA 3639-1] distro-info-data database update

Debian LTS Advisory DLA-3639-1 [email protected] https://www.debian.org/lts/security/ Stefano Rivera October 30, 2023 https://wiki.debian.org/LTS Package : distro-info-data Version : 0.41+deb10u8 This is a routine update of the distro-info-data database for Debian LTS users. It includes...

CVE-2023-46149

creationtimestamp| type| source ---|---|--- 2023-10-22 02:44:12+00:00| published-proof-of-concept| https://t.me/codeb0ss/1267 2023-10-24 19:46:01+00:00| published-proof-of-concept| Telegram/WVZ9BmLdITCEGHwv5Sa3VoS7DPHcwW27tO-sX6j0-l8rvg 2023-12-20 20:29:22+00:00| seen| https://t.me/ctinow/157286...

CVE-2023-35813

creationtimestamp| type| source ---|---|--- 2023-09-26 15:23:42+00:00| published-proof-of-concept| https://t.me/thebugbountyhunter/7811 2023-12-31 05:27:05+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/6343 2024-01-01 05:39:46+00:00| seen| https://t.me/arpsyndicate/2298 2024-01-01...

CVE-2023-39677

creationtimestamp| type| source ---|---|--- 2023-09-21 00:30:43+00:00| seen| https://t.me/cibsecurity/70855 2023-09-25 06:38:16+00:00| published-proof-of-concept| https://t.me/codeb0ss/1192 2023-09-28 05:04:24+00:00| seen| Telegram/cJE2f1Ylibso8WfxExY7XnGGn9loSwHSSInb5Uh2BQYHEQ 2023-09-28...

PT-2023-8623 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions before 2.7.1 Description: The issue allows authenticated and DAG-view authorized users to modify some DAG run detail values when submitting notes, potentially altering details such as configuration parameters and start...

Apache Airflow 安全漏洞

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. Apache Airflow versions prior to 2.7.1 have an authorization issue vulnerability th...

PT-2023-25133 · WordPress · Woocommerce Pre-Orders

Name of the Vulnerable Software and Affected Versions: WooCommerce Pre-Orders WordPress plugin versions prior to 2.0.3 Description: The issue is related to a flawed CSRF check when processing tab actions. This could allow attackers to make logged-in admins perform unintended actions, such as...

CVE-2023-35078

creationtimestamp| type| source ---|---|--- 2023-07-25 05:48:54+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus12/2023 2023-07-25 05:55:59+00:00| seen| https://t.me/thehackernews/3640 2023-07-25 07:26:05+00:00| exploited| Telegram/qHzLqnpkQ6lkNyVJiJ3c0QdKbofQ14FsTmwbpCsMwHtLV...

CVE-2023-38646

creationtimestamp| type| source ---|---|--- 2023-07-21 18:23:35+00:00| seen| https://t.me/cibsecurity/67096 2023-07-28 08:03:20+00:00| seen| https://t.me/KomunitiSiber/561 2023-07-28 09:30:08+00:00| seen| https://t.me/thehackernews/3661 2023-07-28 09:56:43+00:00| seen|...

CVE-2023-29298

creationtimestamp| type| source ---|---|--- 2023-07-12 12:20:15+00:00| published-proof-of-concept| Telegram/LnxBMeCnuVAE5QweLhPpKzZNVyjKtx8yCZ6zDmYsY1VA 2023-07-12 17:15:14+00:00| published-proof-of-concept| https://t.me/ProgrammerTech/7305 2023-07-12 17:19:41+00:00| published-proof-of-concept|...

CVE-2023-3608

creationtimestamp| type| source ---|---|--- 2023-07-11 02:24:04+00:00| seen| https://t.me/cibsecurity/66318 2024-11-13 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-11-13 2024-11-14 00:00:00+00:00| exploited| The Shadowserver...

CVE-2023-21928

creationtimestamp| type| source ---|---|--- 2023-07-03 11:56:00+00:00| seen| https://www.jerrygamblin.com/2023/07/03/2023-first-half-cve-data-review/ 2024-01-03 14:41:02+00:00| seen| https://www.jerrygamblin.com/2024/01/03/2023-cve-data-review/...

CVE-2023-24488

creationtimestamp| type| source ---|---|--- 2023-07-01 17:36:04+00:00| published-proof-of-concept| Telegram/PfBDhyUlchQfTUwkRCz2h7RqM5ds-n-bVldH34W40cGxg 2023-07-01 19:39:26+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/4660 2023-07-02 08:27:32+00:00| published-proof-of-concept|...

CVE-2020-23064

creationtimestamp| type| source ---|---|--- 2023-06-26 22:11:14+00:00| seen| https://t.me/cibsecurity/65528 2023-11-25 00:45:50+00:00| seen| Telegram/8ZL5qt-1oGojxv22dU4510g677lxSwyLpoTxQkV3Y42k0 2024-05-13 09:59:52+00:00| seen| https://t.me/RipperSec/1940 2024-05-13 10:01:56+00:00| seen|...

SUSE-SU-2023:2608-1 Security update for ntp

This update for ntp fixes the following issues: - CVE-2023-26555: Fixed assertion failure on malformed RT-11 dates bsc1210390...

birdmom.nizform.com Cross Site Scripting vulnerability OBB-3451592

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2015-6175

creationtimestamp| type| source ---|---|--- 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-12-24 20:31:47+00:00| seen| https://feedsin.space/feed/CISAKevBot/items/2971607 2025-02-14 10:00:29+00:00| seen| Telegram/BQbOaeuxN9r73rXKUA0chOo7SqC0lmcmtGVTQABvGVu9Ci9...

CVE-2023-3079

creationtimestamp| type| source ---|---|--- 2023-06-06 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1034 2023-06-06 11:57:59+00:00| seen| https://t.me/informationsecuritychannel/50052 2023-06-06 12:57:36+00:00| exploited|...

CVE-2023-2951

creationtimestamp| type| source ---|---|--- 2023-05-28 13:24:45+00:00| seen| https://t.me/cibsecurity/64747 2023-11-25 06:45:07+00:00| seen| https://t.me/arpsyndicate/575 2023-12-10 13:02:53+00:00| seen| https://t.me/arpsyndicate/1623...

CVE-2023-2825

creationtimestamp| type| source ---|---|--- 2023-05-24 19:32:15+00:00| seen| https://t.me/alexmakus/5008 2023-05-24 20:51:37+00:00| seen| https://t.me/BleepingComputer/16751 2023-05-24 21:02:35+00:00| seen| https://t.me/BleepingComputer/16758 2023-05-25 14:26:59+00:00| seen|...