The vulnerability of the sata_fsl component in the Linux operating system allows a hacker to gain elevated privileges within the system.

The vulnerability of the satafsl component in the Linux operating system’s kernel is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...

APT trends report Q3 2024

Kaspersky's Global Research and Analysis Team GReAT has been releasing quarterly summaries of advanced persistent threat APT activity for over seven years now. Based on our threat intelligence research, these summaries offer a representative overview of what we've published and discussed in more...

APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign

The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lure to deliver the SpyGlace backdoor. That's according to findings from JPCERT/CC, which said the intrusion leveraged legitimate services like Google...

CVE-2024-50514

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kevin Stover Ninja Forms ninja-forms allows Stored XSS.This issue affects Ninja Forms: from n/a through = 3.8.16...

CVE-2024-50515

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.16...

CVE-2024-50515

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kevin Stover Ninja Forms ninja-forms allows Stored XSS.This issue affects Ninja Forms: from n/a through = 3.8.16...

CVE-2024-50514

CVE-2024-50514 affects WordPress Ninja Forms plugin versions up to and including 3.8.16, with an improper neutralization of input during page generation leading to a stored XSS vulnerability. The issue is triggered in Ninja Forms’ web page generation flow and is classified with a low to moderate ...

CVE-2024-50515

CVE-2024-50515 affects the WordPress Ninja Forms plugin (versions ≤ 3.8.16). The issue is an improper neutralization of input during page generation, leading to a Stored XSS vulnerability in Ninja Forms. According to Patchstack, the vulnerability requires Administrator privileges and is classifie...

PT-2024-33129 · Abb · Abb Drive Composer

Name of the Vulnerable Software and Affected Versions: DotNetZip versions 1.16.0 and earlier ABB Drive Composer versions prior to 2.9.1 Description: The issue allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component. This affects products that are no...

Intel MAS 代码问题漏洞

Intel MAS is a drive management software with a Windows graphical user interface from Intel Corporation. A code issue vulnerability exists in Intel MAS versions prior to 2.5, which arises from an uncontrolled search path element. An attacker could exploit the vulnerability to elevate privileges...

New Stealer Uses Invalid Cert To Compromise Systems

New Stealer Uses Invalid Cert To Compromise Systems By Mohinder Gill, Mallikarjun Wali and Sangram Mohapatro · November 07, 2024 A new Stealer has been making the rounds. Its name: Fickle. Fickle Stealer is a new Rust-based information stealer that spreads through various attack vectors, includin...

PT-2025-11662

Name of the Vulnerable Software and Affected Versions Synology Drive Server versions prior to 3.0.4-12699 Synology Drive Server versions prior to 3.2.1-23280 Synology Drive Server versions prior to 3.5.0-26085 Synology Drive Server versions prior to 3.5.1-26102 Description The issue is related to...

MAL-2024-9444 Malicious code in google-drive-integration (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b852e689dbc27ffdc82219196cc1caf6535bfe509fb8fdf6fab98a642c019c6d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in google-drive-integration (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b852e689dbc27ffdc82219196cc1caf6535bfe509fb8fdf6fab98a642c019c6d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-49335

Cross-Site Request Forgery CSRF vulnerability in Edush Maxim GoogleDrive folder list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through 2.2.2...

PT-2024-33476 · Unknown · Edush Maxim Googledrive Folder List

Name of the Vulnerable Software and Affected Versions: Edush Maxim GoogleDrive folder list versions n/a through 2.2.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability in Edush Maxim GoogleDrive folder list, which allows Stored XSS. This can lead to Stored Cross Site...

WordPress GoogleDrive folder list plugin <= 2.2.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

CSRF to Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin GoogleDrive folder list versions = 2.2.2...

CVE-2024-45731

In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for...

CVE-2024-45731 Potential Remote Command Execution (RCE) through arbitrary file write to Windows system root directory when Splunk Enterprise for Windows is installed on a separate disk

In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for...

CVE-2024-45731

Summary: CVE-2024-45731 affects Splunk Enterprise for Windows prior to 9.3.1, 9.2.3, and 9.1.6. A low-privileged user (not admin/power roles) could write a file to the Windows system root (default System32 location) when Splunk is installed on a separate drive. Root cause / impact: arbitrary file...