Lucene search

K

SKYLARK HOLDINGS CO., LTD. Security Vulnerabilities

thn
thn

New 'Cuckoo' Persistent macOS Spyware Targeting Intel and Arm Macs

Cybersecurity researchers have discovered a new information stealer targeting Apple macOS systems that's designed to set up persistence on the infected hosts and act as a spyware. Dubbed Cuckoo by Kandji, the malware is a universal Mach-O binary that's capable of running on both Intel- and...

7.2AI Score

2024-05-06 07:48 AM
1
apple
apple

About the security content of iOS 17.5 and iPadOS 17.5

About the security content of iOS 17.5 and iPadOS 17.5 This document describes the security content of iOS 17.5 and iPadOS 17.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches...

5.5CVSS

9.1AI Score

0.001EPSS

2024-05-13 12:00 AM
10
securelist
securelist

Assessing the Y, and How, of the XZ Utils incident

High-end APT groups perform highly interesting social engineering campaigns in order to penetrate well-protected targets. For example, carefully constructed forum responses on precision targeted accounts and follow-up "out-of-band" interactions regarding underground rail system simulator software.....

7.6AI Score

2024-04-24 10:10 AM
15
cve
cve

CVE-2024-21805

Improper access control vulnerability exists in the specific folder of SKYSEA Client View versions from Ver.16.100 prior to Ver.19.2. If this vulnerability is exploited, an arbitrary file may be placed in the specific folder by a user who can log in to the PC where the product's Windows client is.....

7.1AI Score

0.0004EPSS

2024-03-12 08:15 AM
35
thn
thn

U.S. Dismantles World's Largest 911 S5 Botnet with 19 Million Infected Devices

The U.S. Department of Justice (DoJ) on Wednesday said it dismantled what it described as "likely the world's largest botnet ever," which consisted of an army of 19 million infected devices that was leased to other threat actors to commit a wide array of offenses. The botnet, which has a global...

7.5AI Score

2024-05-30 08:55 AM
1
nvd
nvd

CVE-2024-22475

Cross-site request forgery vulnerability in multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. allows a remote unauthenticated attacker to perform unintended operations on the affected product. As for the details of affected product names,...

6.5AI Score

0.0004EPSS

2024-03-18 08:15 AM
openvas
openvas

RedHat Update for kernel RHSA-2016:0185-01

The remote host is missing an update for...

6.2AI Score

0.002EPSS

2016-02-17 12:00 AM
14
cve
cve

CVE-2024-22475

Cross-site request forgery vulnerability in multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. allows a remote unauthenticated attacker to perform unintended operations on the affected product. As for the details of affected product names,...

6.7AI Score

0.0004EPSS

2024-03-18 08:15 AM
38
ubuntucve
ubuntucve

CVE-2021-47169

In the Linux kernel, the following vulnerability has been resolved: serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' In 'rp2_probe', the driver registers 'rp2_uart_interrupt' then calls 'rp2_fw_cb' through 'request_firmware_nowait'. In 'rp2_fw_cb', if the firmware don't...

6.5AI Score

0.0004EPSS

2024-03-25 12:00 AM
6
redhatcve
redhatcve

CVE-2019-18808

A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability. Mitigation In order to mitigate this issue it is possible...

5.5CVSS

1.1AI Score

0.0004EPSS

2019-12-28 10:00 AM
5
nvd
nvd

CVE-2024-21824

Improper authentication vulnerability in exists in multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. If this vulnerability is exploited, a network-adjacent user who can access the product may impersonate an administrative user. As for the...

6.5AI Score

0.0004EPSS

2024-03-18 08:15 AM
debiancve
debiancve

CVE-2021-47169

In the Linux kernel, the following vulnerability has been resolved: serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' In 'rp2_probe', the driver registers 'rp2_uart_interrupt' then calls 'rp2_fw_cb' through 'request_firmware_nowait'. In 'rp2_fw_cb', if the firmware don't...

7AI Score

0.0004EPSS

2024-03-25 10:15 AM
5
cvelist
cvelist

CVE-2024-22475

Cross-site request forgery vulnerability in multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. allows a remote unauthenticated attacker to perform unintended operations on the affected product. As for the details of affected product names,...

6.8AI Score

0.0004EPSS

2024-03-18 08:03 AM
cve
cve

CVE-2024-21824

Improper authentication vulnerability in exists in multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. If this vulnerability is exploited, a network-adjacent user who can access the product may impersonate an administrative user. As for the...

6.6AI Score

0.0004EPSS

2024-03-18 08:15 AM
32
thn
thn

U.S. Sentences 31-Year-Old to 10 Years for Laundering $4.5M in Email Scams

The U.S. Department of Justice (DoJ) has sentenced a 31-year-old man to 10 years in prison for laundering more than $4.5 million through business email compromise (BEC) schemes and romance scams. Malachi Mullings, 31, of Sandy Springs, Georgia pleaded guilty to the money laundering offenses in...

7.2AI Score

2024-05-29 11:50 AM
1
thn
thn

BlackByte Ransomware Abuses Vulnerable Windows Driver to Disable Security Solutions

In yet another case of bring your own vulnerable driver (BYOVD) attack, the operators of the BlackByte ransomware are leveraging a flaw in a legitimate Windows driver to bypass security solutions. "The evasion technique supports disabling a whopping list of over 1,000 drivers on which security...

7.8CVSS

8.5AI Score

0.002EPSS

2022-10-07 06:52 AM
271
cvelist
cvelist

CVE-2024-21824

Improper authentication vulnerability in exists in multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. If this vulnerability is exploited, a network-adjacent user who can access the product may impersonate an administrative user. As for the...

6.7AI Score

0.0004EPSS

2024-03-18 08:01 AM
thn
thn

FBI Seizes BreachForums Again, Urges Users to Report Criminal Activity

Law enforcement agencies have officially seized control of the notorious BreachForums platform, an online bazaar known for peddling stolen data, for the second time within a year. The website ("breachforums[.]st") has been replaced by a seizure banner stating the clearnet cybercrime forum is under....

6.9AI Score

2024-05-15 05:52 PM
2
zdt

4.3CVSS

7.4AI Score

0.001EPSS

2024-03-04 12:00 AM
101
zdi
zdi

(Pwn2Own) [Collision] VMWare Workstation VBluetoothHCI_PacketOut Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VMWare Workstation. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

9.3CVSS

7.5AI Score

0.001EPSS

2024-05-31 12:00 AM
3
thn
thn

Chinese Nationals Arrested for Laundering $73 Million in Pig Butchering Crypto Scam

The U.S. Department of Justice (DoJ) has charged two arrested Chinese nationals for allegedly orchestrating a pig butchering scam that laundered at least $73 million from victims through shell companies. The individuals, Daren Li, 41, and Yicheng Zhang, 38, were arrested in Atlanta and Los Angeles....

7.4AI Score

2024-05-19 09:46 AM
1
zdi
zdi

(Pwn2Own) VMware Workstation UrbBuf_getDataBuf Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within.....

7.1CVSS

6.7AI Score

0.001EPSS

2024-05-31 12:00 AM
2
exploitdb

4.3CVSS

4.8AI Score

0.001EPSS

2024-03-03 12:00 AM
76
cve
cve

CVE-2024-27440

The Toyoko Inn official App for iOS versions prior to 1.13.0 and Toyoko Inn official App for Android versions prior 1.3.14 don't properly verify server certificates, which allows a man-in-the-middle attacker to spoof servers and obtain sensitive information via a crafted...

5.7AI Score

0.0004EPSS

2024-03-13 06:15 AM
14
thn
thn

Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds

A forensic analysis of a graph dataset containing transactions on the Bitcoin blockchain has revealed clusters associated with illicit activity and money laundering, including detecting criminal proceeds sent to a crypto exchange and previously unknown wallets belonging to a Russian darknet...

6.9AI Score

2024-05-01 02:25 PM
1
prion
prion

Heap overflow

texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted TTF...

8AI Score

0.0004EPSS

2024-02-29 01:44 AM
24
thn
thn

Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks

Muhstik botnet exploits a critical Apache RocketMQ flaw (CVE-2023-33246) for remote code execution, targeting Linux servers and IoT devices for DDoS attacks and cryptocurrency mining. Infection involves executing a shell script from a remote IP, downloading the Muhstik malware binary ("pty3"), and....

9.8CVSS

8.3AI Score

0.972EPSS

2024-06-06 01:14 PM
1
oraclelinux
oraclelinux

systemd security update

[252-32.0.2] - Due to a new [Orabug: 36564551] filed on April 29 2024, reverting from back to - previous Tony Lam patch [Orabug: 25897792] until issue with [Orabug: 36564551] is resolved. - Re-Added 1001-Fix-missing-netdev-for-iscsi-entry-in-fstab.patch [Orabug: 25897792] - Removed the following,.....

5.9CVSS

7.7AI Score

0.001EPSS

2024-05-03 12:00 AM
2
cnvd
cnvd

Information leakage vulnerability in the electronic document security management system of Beijing Yisetong Technology Development Co., Ltd (CNVD-2024-10034)

Electronic document security management system is a controllable authorization of electronic document security sharing management system, using real-time dynamic encryption and decryption protection technology and real-time rights recovery mechanism, to provide all kinds of electronic documents...

6.8AI Score

2024-01-22 12:00 AM
6
nvd
nvd

CVE-2024-25972

Initialization of a resource with an insecure default vulnerability in OET-213H-BTS1 sold in Japan by Atsumi Electric Co., Ltd. allows a network-adjacent unauthenticated attacker to configure and control the affected...

6.6AI Score

0.0004EPSS

2024-03-01 10:15 AM
prion
prion

Cross site scripting

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shopfiles Ltd Ebook Store allows Stored XSS.This issue affects Ebook Store: from n/a through...

5.9CVSS

5.7AI Score

0.0004EPSS

2024-02-29 06:15 AM
13
jvn
jvn

JVN#40367518: SonicDICOM Media Viewer may insecurely load Dynamic Link Libraries

SonicDICOM Media Viewer provided by Fujidenolo Solutions Co., Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). ## Impact Arbitrary code may be executed with the privileges of the running application. ## Solution Update the...

7.2AI Score

0.0004EPSS

2024-03-27 12:00 AM
8
nessus
nessus

FreeBSD : taglib -- heap-based buffer over-read via a crafted audio file (d3f3e818-8d10-11ea-8668-e0d55e2a8bf9)

Webin security lab - dbapp security Ltd reports : The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio...

6.5CVSS

6.5AI Score

0.003EPSS

2020-05-04 12:00 AM
10
openvas
openvas

RedHat Update for gtk-vnc RHSA-2017:2258-01

The remote host is missing an update for...

9.8CVSS

8.8AI Score

0.005EPSS

2017-08-04 12:00 AM
11
openvas
openvas

RedHat Update for nettle RHSA-2016:2582-02

The remote host is missing an update for...

7.5CVSS

8.8AI Score

0.009EPSS

2016-11-04 12:00 AM
9
cnvd
cnvd

SQL Injection Vulnerability in Ruiyou Tianyi Application Virtualization System

Xi'an Ruiyou Information Technology Co., Ltd. is a professional virtualization and cloud computing solution provider. A SQL injection vulnerability exists in Ruiyou Skywing Application Virtualization System, which can be exploited by attackers to obtain database information and execute...

7.9AI Score

2024-01-17 12:00 AM
11
zdi
zdi

(Pwn2Own) QNAP TS-464 File Upload Directory Traversal Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of QNAP TS-464 NAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of file uploads. The issue results from the lack of proper...

8.7CVSS

6.7AI Score

0.001EPSS

2024-05-19 12:00 AM
5
cve
cve

CVE-2006-2980

SQL injection vulnerability in block_forum_topic_new.php in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, might allow remote attackers to execute arbitrary SQL commands via unknown vectors, probably involving the forum_id...

8.8AI Score

0.003EPSS

2006-06-12 10:02 PM
28
hackread
hackread

FakeUpdates Malware Campaign Targets WordPress – Millions of Sites at Risk

By Waqas The February 2024 Global Threat Index report released by Check Point Software Technologies Ltd. exposes the alarming vulnerability of cybersecurity worldwide. This is a post from HackRead.com Read the original post: FakeUpdates Malware Campaign Targets WordPress - Millions of Sites at...

7.3AI Score

2024-03-12 05:49 PM
8
openvas
openvas

RedHat Update for qt RHSA-2013:0669-01

The remote host is missing an update for...

6.4AI Score

0.0004EPSS

2013-03-22 12:00 AM
5
thn
thn

Researchers Warn of CatDDoS Botnet and DNSBomb DDoS Attack Technique

The threat actors behind the CatDDoS malware botnet have exploited over 80 known security flaws in various software over the past three months to infiltrate vulnerable devices and co-opt them into a botnet for conducting distributed denial-of-service (DDoS) attacks. "CatDDoS-related gangs' samples....

7.1AI Score

0.0004EPSS

2024-05-28 10:15 AM
1
cnvd
cnvd

Arbitrary File Download Vulnerability in DSS of Zhejiang Dahua Technology Co.(CNVD-2024-10023)

Zhejiang Dahua Technology Co., Ltd. is a supplier of surveillance products and solution service provider. Zhejiang Dahua Technology Co., Ltd DSS has an arbitrary file download vulnerability that can be exploited by attackers to obtain sensitive...

7AI Score

2024-01-22 12:00 AM
11
krebs
krebs

The Not-so-True People-Search Network from China

It's not unusual for the data brokers behind people-search websites to use pseudonyms in their day-to-day lives (you would, too). Some of these personal data purveyors even try to reinvent their online identities in a bid to hide their conflicts of interest. But it's not every day you run across a....

6.4AI Score

2024-03-21 03:18 AM
14
thn
thn

Russian Operator of BTC-e Crypto Exchange Pleads Guilty to Money Laundering

A Russian operator of a now-dismantled BTC-e cryptocurrency exchange has pleaded guilty to money laundering charges from 2011 to 2017. Alexander Vinnik, 44, was charged in January 2017 and taken into custody in Greece in July 2017. He was subsequently extradited to the U.S. in August 2022. Vinnik.....

7AI Score

2024-05-07 09:32 AM
1
trellix
trellix

The Anatomy of HTML Attachment Phishing

The Anatomy of HTML Attachment Phishing: One Code, Many Variants By Mathanraj Thangaraju, Niranjan Hegde, and Sijo Jacob · June 14, 2023 Introduction Phishing is the malevolent practise of pretending to be a reliable entity in electronic communication to steal sensitive data, such as login...

7.4AI Score

2024-04-29 12:00 AM
9
nessus
nessus

Debian dsa-5680 : affs-modules-6.1.0-21-4kc-malta-di - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5680 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a...

7.8CVSS

6.5AI Score

0.0004EPSS

2024-05-06 12:00 AM
12
nvd
nvd

CVE-2023-6241

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

6.2AI Score

0.0004EPSS

2024-03-04 01:15 PM
alpinelinux
alpinelinux

CVE-2023-51767

OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim...

7CVSS

7AI Score

0.001EPSS

2023-12-24 07:15 AM
35
cve
cve

CVE-2023-6241

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

6.4AI Score

0.0004EPSS

2024-03-04 01:15 PM
35
cvelist
cvelist

CVE-2023-6241 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing.....

6.5AI Score

0.0004EPSS

2024-03-04 12:15 PM
Total number of security vulnerabilities15425