CVE-2023-45236

CVE-2023-45236 affects EDK II’s Network Package, which is vulnerable to a predictable TCP Initial Sequence Number. Public descriptions in connected documents identify the affected component as EDK II’s Network Package and note that exploitation could lead to unauthorized access and potential loss...

PT-2024-1256

Name of the Vulnerable Software and Affected Versions EDK2 affected versions not specified Description The EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number, which can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of...

EDK2 Security Feature Issue Vulnerability

EDK2 is a cross-platform firmware development environment from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that stems from the Network Package being susceptible to predictable TCP initial sequence numbers...

AZL-44403 CVE-2024-23301 affecting package rear 2.4-7

Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root...

DEBIAN-CVE-2024-23301

Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root...

CVE-2023-29444

An uncontrolled search path element vulnerability DLL hijacking has been discovered that could allow a locally authenticated adversary to escalate privileges to SYSTEM. Alternatively, they could host a trojanized version of the software and trick victims into downloading and installing their...

Path traversal

An uncontrolled search path element vulnerability DLL hijacking has been discovered that could allow a locally authenticated adversary to escalate privileges to SYSTEM. Alternatively, they could host a trojanized version of the software and trick victims into downloading and installing their...

CVE-2023-29444 Uncontrolled Search Path Element in PTC's Kepware KEPServerEX

An uncontrolled search path element vulnerability DLL hijacking has been discovered that could allow a locally authenticated adversary to escalate privileges to SYSTEM. Alternatively, they could host a trojanized version of the software and trick victims into downloading and installing their...

CVE-2023-49238

In Gradle Enterprise before 2023.1, a remote attacker may be able to gain access to a new installation in certain installation scenarios because of a non-unique initial system user password. Although this password must be changed upon the first login, it is possible that an attacker logs in befor...

CVE-2023-49238

In Gradle Enterprise before 2023.1, a remote attacker may be able to gain access to a new installation in certain installation scenarios because of a non-unique initial system user password. Although this password must be changed upon the first login, it is possible that an attacker logs in befor...

Gradle Security Vulnerabilities

Gradle is a set of JVM-based project building tools from Gradle, Inc. that supports maven, Ivy repositories, and more. A security vulnerability exists in Gradle Enterprise versions prior to 2023.1, which stems from an initial system user password that is not unique and could allow a remote attack...

Microsoft disables ms-appinstaller after malicious use

In what might be conceived as one of Microsoft’s new year resolutions, it has disclosed that its turned off the ms-appinstaller protocol handler by default. The change is designed to make installing apps easier, but it also makes installing malware easier. Typically, an app needs to be on a devic...

Initial Access – search-ms URI Handler

Microsoft search protocol enables clients to initiate connections against an enterprise search service such as SharePoint or WebDav. During these search connections the protocol server… Continue reading - Initial Access - search-ms URI Handler...

New MetaStealer malvertising campaigns

MetaStealer is a popular piece of malware that came out in 2022, levering previous code base from RedLine. Stealers have become a very hot commodity in the criminal space, so much so that there is competition between various groups. Threat actors have primarily used malspam as an infection vector...

PT-2023-29314 · Silicon · Z/Ip Gateway

Name of the Vulnerable Software and Affected Versions: Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK versions prior to 7.18.3 Description: The first S0 encryption key is generated with an uninitialized PRNG, making the first S0 key generated at startup predictable. This potentially...

Malvertisers zoom in on cryptocurrencies and initial access

During the past month, we have observed an increase in the number of malicious ads on Google searches for "Zoom", the popular piece of video conferencing software. Threat actors have been alternating between different keywords for software downloads such as "Advanced IP Scanner" or "WinSCP"...

AZL-32071 CVE-2023-41913 affecting package strongswan for versions less than 5.9.10-3

strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKESAINIT message...

PT-2023-32637 · Unknown · Quarkus Cache Runtime

Name of the Vulnerable Software and Affected Versions: Quarkus Cache Runtime affected versions not specified Description: A flaw was found in the Quarkus Cache Runtime. When request processing utilizes a Uni cached using @CacheResult and the cached Uni reuses the initial "completion" context, the...

CISA Releases Advisory on Threat Actors Exploiting CVE-2023-26360 Vulnerability in Adobe ColdFusion

Today, CISA released a Cybersecurity Advisory CSA, Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers, to disseminate known indicators of compromise IOCs and tactics, techniques, and procedures TTPs. The vulnerability in ColdFusion CVE-2023-26360 presen...

Ddostf Botnet Resurfaces in DDoS Attacks Against MySQL and Docker Hosts

By Deeba Ahmed The Ddostf Botnet was initially identified in 2016. This is a post from HackRead.com Read the original post: Ddostf Botnet Resurfaces in DDoS Attacks Against MySQL and Docker Hosts...