An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echo_driver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by...
8AI Score
0.0004EPSS
Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks
Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet (formerly Storm-1789), that uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for its financial and...
7.7AI Score
Sensitive Information Disclosure
mautic/core is vulnerable to Sensitive Information Disclosure. The vulnerability is due to inadequate user permission settings. An attacker can access areas of the application that they should be prevented from accessing by exploiting these settings. This could potentially lead to the access of...
6.5AI Score
EPSS
Exploit for Incorrect Authorization in Ivanti Mobileiron Sentry
MobileIron Sentry CVE-2023-38035 information extraction...
9.2AI Score
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to make sure the shared irq handler should be able to handle the unexpected event after...
6.6AI Score
0.0004EPSS
The vulnerability exists in Syska SW100 Smartwatch due to an improper implementation and/or configuration of Nordic Device Firmware Update (DFU) which is used for performing Over-The-Air (OTA) firmware updates on the Bluetooth Low Energy (BLE) devices. An unauthenticated attacker could exploit...
8.1CVSS
8AI Score
0.0005EPSS
An issue was discovered in the GAEN (aka Google/Apple Exposure Notifications) protocol through 2020-10-05, as used in COVID-19 applications on Android and iOS. The encrypted metadata block with a TX value lacks a checksum, allowing bitflipping to amplify a contamination attack. This can cause...
5.9CVSS
0.028EPSS
Advance Auto Parts customer data posted for sale
A cybercriminal using the handle Sp1d3r is offering to sell 3 TB of data taken from Advance Auto Parts, Inc. Advance Auto Parts is a US automotive aftermarket parts provider that serves both professional installers and do it yourself customers. Allegedly the customer data includes: Names Email...
7.4AI Score
An issue was discovered in the GAEN (aka Google/Apple Exposure Notifications) protocol through 2020-10-05, as used in COVID-19 applications on Android and iOS. The encrypted metadata block with a TX value lacks a checksum, allowing bitflipping to amplify a contamination attack. This can cause...
5.9CVSS
5.7AI Score
0.028EPSS
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to make sure the shared irq handler should be able to handle the unexpected event after deregistration......
6.6AI Score
0.0004EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
log4j2-scan is a single binary...
10CVSS
9.6AI Score
0.976EPSS
Scammers tricked a company into believing they were dealing with a BBC presenter. They faked her voice, and accepted money intended for...
7.4AI Score
Beijing Shenzhou Green Alliance Technology Co., Ltd. is an enterprise mainly engaged in science and technology promotion and application services. A command execution vulnerability exists in the DAS Green Alliance database auditing system of Beijing Shenzhou Green Alliance Technology Co. Ltd,...
7.5AI Score
Gambio Online Webshop unauthenticated PHP Deserialization Vulnerability
A Remote Code Execution vulnerability in Gambio online webshop version 4.9.2.0 and lower allows remote attackers to run arbitrary commands via unauthenticated HTTP POST request. The identified vulnerability within Gambio pertains to an insecure deserialization flaw, which ultimately allows an...
9.8CVSS
9AI Score
0.374EPSS
I was looking through the settings of one of my sandboxed programs I use for testing and I noticed some weird behavior, when we go to any program's advanced vetting page hackerone.com/$handle/advanced_vetting, it loads up regardless of permission, granted no other confidential info is displayed...
7AI Score
JVN#00442488: Multiple vulnerabilities in Ricoh Streamline NX PC Client
Ricoh Streamline NX PC Client provided by RICOH COMPANY, LTD. contains multiple vulnerabilities listed below. Improper restriction of communication channel to intended endpoints (CWE-923) CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Base Score 6.3 CVE-2024-36252 ricoh-2024-000004 Use of...
7.5AI Score
0.0004EPSS
CVE-2024-1709 Authentication bypass using an alternate path or channel
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical...
10CVSS
9.5AI Score
0.946EPSS
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical...
Mautic Sensitive Data Exposure due to inadequate user permission settings
Impact Prior to the patched version, logged in users of Mautic are able to access areas of the application that they should be prevented from accessing. Users could potentially access sensitive data such as names and surnames, company names and stage names. Patches Update to 4.4.12 and 5.0.4...
6.9AI Score
EPSS
Mautic Sensitive Data Exposure due to inadequate user permission settings
Impact Prior to the patched version, logged in users of Mautic are able to access areas of the application that they should be prevented from accessing. Users could potentially access sensitive data such as names and surnames, company names and stage names. Patches Update to 4.4.12 and 5.0.4...
6.7AI Score
EPSS
CVE-2024-1709 Authentication bypass using an alternate path or channel
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical...
10CVSS
6.9AI Score
0.946EPSS
In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: # cat /sys/class/thermal/thermal_zone2/cdev0/type mlxsw_fan # cat...
6.4AI Score
0.0004EPSS
File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting system v.1.0 allows a local attacker to execute arbitrary code via the my_parser.php...
7.2AI Score
0.0004EPSS
File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting system v.1.0 allows a local attacker to execute arbitrary code via the my_parser.php...
7.5AI Score
0.0004EPSS
Personal AI Assistants and Privacy
Microsoft is trying to create a personal digital assistant: At a Build conference event on Monday, Microsoft revealed a new AI-powered feature called "Recall" for Copilot+ PCs that will allow Windows 11 users to search and retrieve their past activities on their PC. To make it work, Recall...
7AI Score
File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting system v.1.0 allows a local attacker to execute arbitrary code via the my_parser.php...
7.4AI Score
0.0004EPSS
Deriv.com: Mailgun subdomain takeover
Summary: I have found an unclaimed subdomain of deriv.cloud. Which is successfully claimable. Platform(s) Affected: email.mailgun.deriv.cloud Steps To Reproduce: You just need a mailgun account and the you can successfully claim this domain. Supporting Material/References:...
6.6AI Score
Operating System (OS) Detection (NTP)
Network Time Protocol (NTP) server based Operating System (OS) ...
7.3AI Score
ShotSpotter Keeps Listening for Gunfire After Contracts Expire
Internal emails suggest that the company continued to provide gunshot data to police in cities where its contracts had been...
7.2AI Score
TEMU sued for being “dangerous malware” by Arkansas Attorney General
Chinese online shopping giant Temu is facing a lawsuit filed by State of Arkansas Attorney General Tim Griffin, alleging that the retailer's mobile app spies on users. “Temu purports to be an online shopping platform, but it is dangerous malware, surreptitiously granting itself access to...
7.5AI Score
Sicheng Liu of Beijing DBSEC Technology Co., Ltd reports : Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV...
5.3CVSS
4.7AI Score
0.0004EPSS
Attackers are impersonating a road toll payment processor across the U.S. in phishing attacks
My wife (no stranger to weird types of scams) recently received a fake text message from someone claiming to be New Jersey's E-ZPass program saying that she had an outstanding balance from highway tolls that she owed, prompting her to visit a site so she could pay and avoid additional fines. There....
9.8CVSS
7.4AI Score
0.001EPSS
Active Exploits target Check Point Security Gateway Zero-Day Information Disclosure flaw Check Point Cybersecurity has issued hotfixes to address a zero-day vulnerability in its VPNs that has been exploited to gain remote access to firewalls and potentially infiltrate corporate networks. On...
8.6CVSS
6.3AI Score
0.945EPSS
Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flaw
Crypto exchange Kraken revealed that an unnamed security researcher exploited an "extremely critical" zero-day flaw in its platform to steal $3 million in digital assets and refused to return them. Details of the incident were shared by Kraken's Chief Security Officer, Nick Percoco, on X (formerly....
7.1AI Score
Web Application Scanning Consolidation / Info Reporting
The script consolidates and reports various information for web application (formerly...
7.1AI Score
Kaiser health insurance leaked patient data to advertisers
Health insurance giant Kaiser has announced it will notify millions of patients about a data breach after sharing patients’ data with advertisers. Kaiser said that an investigation led to the discovery that “certain online technologies, previously installed on its websites and mobile applications,....
7AI Score
CitySights NY Data Breach Exposes 110,000 Customers' Personal Information
CitySights NY, a company that organizes New York City tours on double-decker buses, has experienced a significant data breach. The personal information of 110,000 customers, including names, addresses, email addresses, credit card numbers, expiration dates, and Card Verification Value (CVV2)...
8AI Score
Foxit PDF Reader Code Execution Vulnerability (CNVD-2024-20601)
Foxit PDF Reader is China Foxit (Foxit) company a PDF reader. Foxit PDF Reader has a code execution vulnerability that stems from a post-release reuse problem when dealing with Doc objects, which can be exploited by an attacker to execute arbitrary code in the context of the current...
7.8CVSS
7.7AI Score
0.0005EPSS
Foxit PDF Reader Code Execution Vulnerability
Foxit PDF Reader is China Foxit (Foxit) company a PDF reader. Foxit PDF Reader has a code execution vulnerability that stems from a post-release reuse issue in the AcroForm module, which can be exploited by an attacker to execute arbitrary code in the context of the current...
7.8CVSS
7.8AI Score
0.0005EPSS
Nextcloud: Weak ssh algorithms and CVE-2023-48795 Discovered on various subdomains of nextcloud.com
Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could allow an attacker to downgrade the connection's security by breaking the integrity of the secure channel. Called Terrapin (CVE-2023-48795, CVSS...
5.9CVSS
7.4AI Score
0.963EPSS
Change Healthcare Finally Admits It Paid Ransomware Hackers—and Still Faces a Patient Data Leak
The company belatedly conceded both that it had paid the cybercriminals extorting it and that patient data nonetheless ended up on the dark...
7.3AI Score
Do not print on AppSocket and socketAPI printers
The host seems to be an AppSocket or socketAPI printer. Scanning it will waste paper. So ports 2000, 2501, 9100-9107, 9112-9116, 9200 and 10001...
7.3AI Score
UK PSTI? You’ll need a Vulnerability Disclosure Program!
If you are distributing or selling smart devices in to the UK market, your products will need to be compliant with the UK Product Security and Telecommunications Act. One of the three mandatory areas is that you have a vulnerability disclosure program (VDP) In the supporting materials for the Act,....
7.4AI Score
DocGo patient health data stolen in cyberattack
Medical health care provider DocGo has disclosed in a form 8-K that it experienced a cybersecurity incident involving some of the company’s systems. As part of the investigation of the incident, the company says it has determined that the attacker accessed and acquired data, including certain...
7.7AI Score
Exploit for Path Traversal in Aiohttp
poc-cve-2024-23334 This repository contains a proof of...
7.5CVSS
7.6AI Score
0.052EPSS
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability (CNVD-2024-19325)
Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. Microsoft Edge (Chromium-based) suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive...
6.5CVSS
6.3AI Score
0.0004EPSS
Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers
Arm is warning of a security vulnerability impacting Mali GPU Kernel Driver that it said has been actively exploited in the wild. Tracked as CVE-2024-4610, the use-after-free issue impacts the following products - Bifrost GPU Kernel Driver (all versions from r34p0 to r40p0) Valhall GPU Kernel...
8.8CVSS
7.6AI Score
0.712EPSS
Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability (CNVD-2024-19324)
Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. Microsoft Edge for Android (Chromium-based) suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive...
5.4CVSS
6.3AI Score
0.0005EPSS
Cybersecurity in the SMB space — a growing threat
Small and medium-sized businesses (SMBs) are increasingly targeted by cybercriminals. Despite adopting digital technology for remote work, production, and sales, SMBs often lack robust cybersecurity measures. SMBs face significant cybersecurity challenges due to limited resources and expertise....
7.3AI Score
Google will start deleting location history
Google announced that it will reduce the amount of personal data it is storing by automatically deleting old data from "Timeline"—the feature that, previously named "Location History," tracks user routes and trips based on a phone’s location, allowing people to revisit all the places they've been.....
6.7AI Score