CVE-2024-31866

Improper Encoding or Escaping of Output vulnerability in Apache Zeppelin. The attackers can execute shell scripts or malicious code by overriding configuration like ZEPPELININTPCLASSPATHOVERRIDES. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to...

CVE-2024-31866

CVE-2024-31866 is an Apache Zeppelin vulnerability: improper encoding/escaping of output allowing an attacker to override configuration (notably ZEPPELIN_INTP_CLASSPATH_OVERRIDES) to execute shell commands or malicious code. Affects Zeppelin releases from 0.8.2 up to but not including 0.11.1; upg...

CVE-2024-31866 Apache Zeppelin: Interpreter download command does not escape malicious code injection

Improper Encoding or Escaping of Output vulnerability in Apache Zeppelin. The attackers can execute shell scripts or malicious code by overriding configuration like ZEPPELININTPCLASSPATHOVERRIDES. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to...

CVE-2024-31866 Apache Zeppelin: Interpreter download command does not escape malicious code injection

Improper Encoding or Escaping of Output vulnerability in Apache Zeppelin. The attackers can execute shell scripts or malicious code by overriding configuration like ZEPPELININTPCLASSPATHOVERRIDES. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to...

Exposed Docker APIs Under Attack in 'Commando Cat' Cryptojacking Campaign

Exposed Docker API endpoints over the internet are under assault from a sophisticated cryptojacking campaign called Commando Cat. "The campaign deploys a benign container generated using the Commando project," Cado security researchers Nate Bill and Matt Muir said in a new report published today...

CVE-2023-39810

A flaw was found in the BusyBox tool. This issue occurs in the cpio command of BusyBox and may allow attackers to execute a directory traversal. If untrusted archives are extracted, this can result in files written outside of the destination directory or files being overwritten that contain...

Beware: New 'RustBucket' Malware Variant Targeting macOS Users

Researchers have pulled back the curtain on an updated version of an Apple macOS malware called RustBucket that comes with improved capabilities to establish persistence and avoid detection by security software. "This variant of RustBucket, a malware family that targets macOS systems, adds...

K26899353: libcurl vulnerability CVE-2016-8621

Security Advisory Description The curlgetdate function in curl before version 7.51.0 is vulnerable to an out of bounds read if it receives an input with one digit short. CVE-2016-8621 Impact Custom monitors or shell scripts using curl to download content with a malformed time stamp may be...

SUSE CVE-2021-46088

Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Execution RCE. Any user with the "Zabbix Admin" role is able to run custom shell script on the application server in the context of the application user...

CVE-2022-25168

Apache Hadoop's FileUtil.unTarFile, File API does not escape the input file name before being passed to the shell. An attacker can inject arbitrary commands. This is only used in Hadoop 3.3 InMemoryAliasMap.completeBootstrapTransfer, which is only ever run by a local user. It has been used in...

Gitbleed_Tools - For Extracting Data From Mirrorred Git Repositories

This repo contains shell scripts that can be used to download and analyze differences between cloned and mirror Git repositories. For more information about the underlying quirk in Git behavior, please visit read our blog post. What Do These Scripts Do? These scripts will clone a copy of the give...

Shlayer and Bundlore MacOS Malware Strains – How Uptycs EDR Detection Can Help

Adware strains Shlayer and Bundlore are the most common malware in macOS – although they have slight variations, they have long invaded and bypassed Xprotect, Notarization, Gatekeeper, and File Quarantine, all security features pre-built into macOS. The Uptycs threat research team has tracked the...

Cybercriminals Actively Target VMware vSphere with Cryptominers

Organizations running sophisticated virtual networks with VMware’s vSphere service are actively being targeted by cryptojackers, who have figured out how to inject the XMRig commercial cryptominer into the environment, undetected. Uptycs’ Siddharth Sharma has released research showing threat acto...

Kit_Hunter - A Basic Phishing Kit Scanner For Dedicated And Semi-Dedicated Hosting

Kit Hunter: A basic phishing kit detection tool Version 2.6.0 28 September 2021 Testing and development took place on Python 3.7.3 Linux What is Kit Hunter? Kit Hunter is a personal project to learn Python, and a basic scanning tool that will search directories and locate phishing kits based on...

Whispers - Identify Hardcoded Secrets In Static Structured Text

"My little birds are everywhere, even in the North, they whisper to me the strangest stories." - Lord Varys Whispers is a static code analysis tool designed for parsing various common data formats in search of hardcoded credentials and dangerous functions. Whispers can run in the CLI or you can...

Abcbot — A New Evolving Wormable Botnet Malware Targeting Linux

Researchers from Qihoo 360's Netlab security team have released details of a new evolving botnet called "Abcbot" that has been observed in the wild with worm-like propagation features to infect Linux systems and launch distributed denial-of-service DDoS attacks against targets. While the earliest...

CVE-2021-31599

An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. A reports .prpt file allows the inclusion of BeanShell scripts to ease the production of complex reports. An authenticated user can run arbitrary code...

CVE-2021-34409

It was discovered that the installation packages of the Zoom Client for Meetings for MacOS Standard and for IT Admin installation before version 5.2.0, Zoom Client Plugin for Sharing iPhone/iPad before version 5.2.0, and Zoom Rooms for Conference before version 5.1.0, copy pre- and post-...

CVE-2021-34409 Zoom Client Installer Local Privilege Escalation

It was discovered that the installation packages of the Zoom Client for Meetings for MacOS Standard and for IT Admin installation before version 5.2.0, Zoom Client Plugin for Sharing iPhone/iPad before version 5.2.0, and Zoom Rooms for Conference before version 5.1.0, copy pre- and post-...

PT-2022-1636 · Zabbix +1 · Zabbix +1

Name of the Vulnerable Software and Affected Versions: Zabbix versions 4.0 LTS through 5.0 LTS Description: The issue allows for Remote Code Execution RCE due to authorization errors. Any user with the Zabbix Admin role can run custom shell scripts on the application server in the context of the...