| CVE | CVSS | EPSS | Posts | Repos | Nuclei | Updated | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-9537 | 9.8 | 0.10% | 16 | 0 | 2024-10-22T17:33:23.837000 | ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability invo | |
| CVE-2024-9674 | 5.4 | 0.05% | 4 | 0 | 2024-10-22T14:02:50.473000 | The Debrandify · Remove or Replace WordPress Branding plugin for WordPress is vu | |
| CVE-2024-9425 | 5.4 | 0.07% | 4 | 0 | 2024-10-22T13:55:04.537000 | The Advanced Category and Custom Taxonomy Image plugin for WordPress is vulnerab | |
| CVE-2024-8625 | 7.2 | 0.04% | 4 | 0 | 2024-10-21T21:31:52 | The TS Poll WordPress plugin before 2.4.0 does not sanitize and escape a parame | |
| CVE-2024-7994 | 7.8 | 0.06% | 2 | 0 | 2024-10-21T18:35:55.397000 | A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a | |
| CVE-2024-9593 | 8.3 | 0.05% | 6 | 1 | 2024-10-21T17:10:22.857000 | The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to | |
| CVE-2024-8305 | 6.5 | 0.04% | 4 | 0 | 2024-10-21T15:32:39 | prepareUnique index may cause secondaries to crash due to incorrect enforcement | |
| CVE-2024-6519 | 8.3 | 0.04% | 4 | 0 | 2024-10-21T15:32:39 | A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Ad | |
| CVE-2024-9897 | 6.4 | 0.07% | 4 | 0 | 2024-10-19T12:30:39 | The StreamWeasels Twitch Integration plugin for WordPress is vulnerable to Store | |
| CVE-2024-9889 | 4.3 | 0.04% | 4 | 0 | 2024-10-19T09:30:53 | The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Se | |
| CVE-2023-6243 | 4.3 | 0.05% | 4 | 0 | 2024-10-19T09:30:48 | The EventON PRO - WordPress Virtual Event Calendar Plugin plugin for WordPress i | |
| CVE-2024-9219 | 6.1 | 0.05% | 4 | 0 | 2024-10-19T06:30:39 | The WordPress Social Share Buttons plugin for WordPress is vulnerable to Reflect | |
| CVE-2024-37404 | 9.1 | 0.04% | 2 | 0 | 2024-10-19T00:32:04 | Improper Input Validation in the admin portal of Ivanti Connect Secure before 22 | |
| CVE-2024-7316 | 5.9 | 0.04% | 2 | 0 | 2024-10-18T12:52:33.507000 | Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi E | |
| CVE-2024-7755 | 8.2 | 0.04% | 4 | 0 | 2024-10-18T12:52:33.507000 | The EWON FLEXY 202 transmits credentials using a weak encoding method base64. An | |
| CVE-2024-40711 | 9.8 | 96.76% | 22 | 1 | 2024-10-18T12:51:11.257000 | A deserialization of untrusted data vulnerability with a malicious payload can a | |
| CVE-2024-4739 | 5.3 | 0.04% | 4 | 0 | 2024-10-18T09:31:27 | The lack of access restriction to a resource from unauthorized users makes MXsec | |
| CVE-2024-4740 | 5.3 | 0.05% | 4 | 0 | 2024-10-18T09:31:27 | MXsecurity software versions v1.1.0 and prior are vulnerable because of the use | |
| CVE-2024-9594 | 6.3 | 0.04% | 6 | 0 | 2024-10-17T20:28:43 | A security issue was discovered in the Kubernetes Image Builder versions <= v0.1 | |
| CVE-2024-9486 | 9.8 | 0.04% | 6 | 0 | 2024-10-17T20:28:18 | A security issue was discovered in the Kubernetes Image Builder versions <= v0.1 | |
| CVE-2024-45731 | 8.1 | 0.05% | 7 | 0 | 2024-10-17T15:32:17 | In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-p | |
| CVE-2024-45738 | 4.9 | 0.05% | 1 | 0 | 2024-10-17T15:32:16 | In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potent | |
| CVE-2024-45739 | 4.9 | 0.05% | 1 | 0 | 2024-10-17T15:32:16 | In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potent | |
| CVE-2024-21250 | 8.1 | 0.05% | 2 | 0 | 2024-10-17T15:31:09 | Vulnerability in the Oracle Process Manufacturing Product Development product of | |
| CVE-2024-21216 | 9.8 | 0.15% | 1 | 0 | 2024-10-17T15:31:09 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware | |
| CVE-2024-45713 | 5.1 | 0.04% | 1 | 0 | 2024-10-17T12:31:10 | SolarWinds Kiwi CatTools is susceptible to a sensitive data disclosure vulnerabi | |
| CVE-2024-9466 | 6.5 | 0.05% | 2 | 1 | 2024-10-17T06:31:37 | A cleartext storage of sensitive information vulnerability in Palo Alto Networks | |
| CVE-2024-9465 | 9.1 | 73.86% | 3 | 2 | template | 2024-10-17T06:30:32 | An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauth |
| CVE-2024-9473 | 7.8 | 0.04% | 1 | 0 | 2024-10-17T06:30:32 | A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app | |
| CVE-2024-9464 | 6.5 | 0.05% | 2 | 1 | 2024-10-17T06:30:32 | An OS command injection vulnerability in Palo Alto Networks Expedition allows an | |
| CVE-2024-7993 | 7.8 | 0.05% | 2 | 0 | 2024-10-17T00:32:47 | A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an | |
| CVE-2024-43532 | 8.8 | 0.05% | 2 | 0 | 2024-10-16T21:51:34.370000 | Remote Registry Service Elevation of Privilege Vulnerability | |
| CVE-2024-10004 | 9.1 | 0.04% | 2 | 0 | 2024-10-16T21:32:16 | Opening an external link to an HTTP website when Firefox iOS was previously clos | |
| CVE-2024-20461 | 6.0 | 0.04% | 3 | 0 | 2024-10-16T18:31:58 | A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter | |
| CVE-2024-45071 | 5.5 | 0.04% | 2 | 0 | 2024-10-16T18:31:58 | IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site | |
| CVE-2024-45072 | 5.5 | 0.05% | 2 | 0 | 2024-10-16T18:31:58 | IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External En | |
| CVE-2024-20463 | 5.4 | 0.04% | 3 | 0 | 2024-10-16T18:31:58 | A vulnerability in the web-based management interface of Cisco ATA 190 Series An | |
| CVE-2024-38814 | 8.8 | 0.05% | 5 | 0 | 2024-10-16T18:31:58 | An authenticated SQL injection vulnerability in VMware HCX was privately reporte | |
| CVE-2024-20512 | 6.1 | 0.04% | 3 | 0 | 2024-10-16T18:31:58 | A vulnerability in the web-based management interface of Cisco Unified Contact C | |
| CVE-2024-20462 | 5.5 | 0.04% | 3 | 0 | 2024-10-16T18:31:53 | A vulnerability in the web-based management interface of Cisco ATA 190 Series Mu | |
| CVE-2024-20421 | 7.1 | 0.04% | 3 | 0 | 2024-10-16T18:31:53 | A vulnerability in the web-based management interface of Cisco ATA 190 Series An | |
| CVE-2024-20458 | 8.2 | 0.04% | 5 | 0 | 2024-10-16T18:31:53 | A vulnerability in the web-based management interface of Cisco ATA 190 Series An | |
| CVE-2024-20459 | 6.5 | 0.04% | 3 | 0 | 2024-10-16T18:31:53 | A vulnerability in the web-based management interface of Cisco ATA 190 Multiplat | |
| CVE-2024-49265 | 6.5 | 0.04% | 2 | 1 | 2024-10-16T18:31:53 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site | |
| CVE-2024-20460 | 6.1 | 0.04% | 3 | 1 | 2024-10-16T18:31:47 | A vulnerability in the web-based management interface of Cisco ATA 190 Series An | |
| CVE-2024-20280 | 6.3 | 0.04% | 3 | 1 | 2024-10-16T18:31:46 | A vulnerability in the backup feature of Cisco UCS Central Software could allow | |
| CVE-2024-20420 | 5.4 | 0.04% | 3 | 1 | 2024-10-16T18:31:46 | A vulnerability in the web-based management interface of Cisco ATA 190 Series An | |
| CVE-2024-29155 | 4.3 | 0.04% | 2 | 1 | 2024-10-16T18:31:44 | On Microchip RN4870 devices, when more than one consecutive PairReqNoInputNoOutp | |
| CVE-2024-21258 | 5.3 | 0.05% | 2 | 0 | 2024-10-16T18:31:40 | Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (c | |
| CVE-2024-21259 | 7.6 | 0.05% | 2 | 0 | 2024-10-16T18:31:40 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (comp | |
| CVE-2024-21260 | 7.5 | 0.05% | 2 | 0 | 2024-10-16T18:31:40 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware | |
| CVE-2024-8977 | 8.1 | 0.07% | 1 | 0 | 2024-10-16T17:10:13.220000 | An issue has been discovered in GitLab EE affecting all versions starting from 1 | |
| CVE-2024-6530 | 5.4 | 0.04% | 1 | 0 | 2024-10-16T16:53:08.487000 | A cross-site scripting issue has been discovered in GitLab affecting all version | |
| CVE-2024-9893 | 9.8 | 0.06% | 4 | 0 | 2024-10-16T16:38:14.557000 | The Nextend Social Login Pro plugin for WordPress is vulnerable to authenticatio | |
| CVE-2024-45844 | 7.2 | 0.04% | 4 | 1 | 2024-10-16T15:32:19 | BIG-IP monitor functionality may allow an attacker to bypass access control rest | |
| CVE-2024-47139 | 6.8 | 0.04% | 1 | 0 | 2024-10-16T15:32:19 | A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page | |
| CVE-2024-9680 | 9.8 | 0.32% | 41 | 1 | 2024-10-16T15:07:36.123000 | An attacker was able to achieve code execution in the content process by exploit | |
| CVE-2024-28987 | 9.1 | 96.02% | 17 | 1 | 2024-10-16T13:05:08.363000 | The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credentia | |
| CVE-2024-45711 | 7.5 | 0.05% | 1 | 0 | 2024-10-16T09:30:39 | SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where r | |
| CVE-2024-9061 | 7.3 | 0.05% | 2 | 1 | 2024-10-16T09:30:38 | The The WP Popup Builder – Popup Forms and Marketing Lead Generation plugin for | |
| CVE-2024-45715 | 7.0 | 0.04% | 1 | 0 | 2024-10-16T09:30:38 | The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability | |
| CVE-2024-45710 | 7.8 | 0.04% | 1 | 0 | 2024-10-16T09:30:38 | SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local | |
| CVE-2024-45714 | 4.8 | 0.05% | 1 | 0 | 2024-10-16T09:30:38 | Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacke | |
| CVE-2024-30088 | 7.0 | 0.42% | 11 | 6 | 2024-10-16T01:00:01.723000 | Windows Kernel Elevation of Privilege Vulnerability | |
| CVE-2024-38204 | 7.5 | 0.09% | 3 | 0 | 2024-10-16T00:31:04 | Improper Access Control in Imagine Cup allows an authorized attacker to elevate | |
| CVE-2024-38139 | 8.7 | 0.05% | 3 | 0 | 2024-10-16T00:31:03 | Improper authentication in Microsoft Dataverse allows an authorized attacker to | |
| CVE-2024-38190 | 8.6 | 0.09% | 3 | 0 | 2024-10-16T00:31:03 | Missing authorization in Power Platform allows an unauthenticated attacker to vi | |
| CVE-2024-45085 | 5.9 | 0.05% | 2 | 0 | 2024-10-16T00:31:03 | IBM WebSphere Application Server 8.5 is vulnerable to a denial of service, under | |
| CVE-2024-21265 | 8.1 | 0.05% | 2 | 0 | 2024-10-16T00:30:58 | Vulnerability in the Oracle Site Hub product of Oracle E-Business Suite (compone | |
| CVE-2024-21266 | 8.1 | 0.05% | 2 | 0 | 2024-10-16T00:30:58 | Vulnerability in the Oracle Advanced Pricing product of Oracle E-Business Suite | |
| CVE-2024-9796 | 5.9 | 0.11% | 2 | 1 | 2024-10-15T21:31:40 | The WP-Advanced-Search WordPress plugin before 3.3.9.2 does not sanitize and esc | |
| CVE-2024-31955 | 4.9 | 0.04% | 2 | 0 | 2024-10-15T21:30:47 | An issue was discovered in Samsung eMMC with KLMAG2GE4A and KLM8G1WEMB firmware. | |
| CVE-2024-21255 | 8.8 | 0.05% | 2 | 0 | 2024-10-15T21:30:46 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleS | |
| CVE-2024-21257 | 3.0 | 0.04% | 2 | 0 | 2024-10-15T21:30:46 | Vulnerability in the Oracle Hyperion BI+ product of Oracle Hyperion (component: | |
| CVE-2024-21251 | 3.1 | 0.04% | 2 | 0 | 2024-10-15T21:30:46 | Vulnerability in the Java VM component of Oracle Database Server. Supported ver | |
| CVE-2024-21261 | 4.9 | 0.04% | 2 | 0 | 2024-10-15T21:30:46 | Vulnerability in Oracle Application Express (component: General). Supported ver | |
| CVE-2024-47874 | None | 0.04% | 1 | 0 | 2024-10-15T19:56:07 | ### Summary Starlette treats `multipart/form-data` parts without a `filename` as | |
| CVE-2024-47824 | None | 0.04% | 1 | 0 | 2024-10-15T19:56:06 | ### Impact matrix-react-sdk before 3.102.0 allows a malicious homeserver to pot | |
| CVE-2024-9471 | 4.7 | 0.04% | 1 | 0 | 2024-10-15T18:30:50 | A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks P | |
| CVE-2024-9469 | 5.5 | 0.04% | 1 | 0 | 2024-10-15T18:30:49 | A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent | |
| CVE-2024-42640 | 9.8 | 0.04% | 4 | 1 | 2024-10-15T17:35:04.623000 | angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote c | |
| CVE-2024-9467 | 6.1 | 0.05% | 1 | 0 | 2024-10-15T15:30:46 | A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution | |
| CVE-2024-9463 | 7.5 | 91.34% | 3 | 0 | template | 2024-10-15T15:30:45 | An OS command injection vulnerability in Palo Alto Networks Expedition allows an |
| CVE-2024-8048 | 7.8 | 0.05% | 2 | 0 | 2024-10-15T14:56:24.687000 | In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code ex | |
| CVE-2024-8014 | 8.8 | 0.05% | 2 | 0 | 2024-10-15T14:54:09.580000 | In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a code ex | |
| CVE-2024-45315 | 0 | 0.07% | 1 | 0 | 2024-10-15T12:58:51.050000 | The Improper link resolution before file access ('Link Following') vulnerability | |
| CVE-2024-45734 | 4.3 | 0.04% | 1 | 0 | 2024-10-14T18:30:37 | In Splunk Enterprise versions 9.3.0, 9.2.3, and 9.1.6, a low-privileged user tha | |
| CVE-2024-45741 | 5.4 | 0.04% | 1 | 0 | 2024-10-14T18:30:37 | In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform ve | |
| CVE-2024-45735 | 4.3 | 0.04% | 1 | 0 | 2024-10-14T18:30:37 | In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway v | |
| CVE-2024-45740 | 5.4 | 0.04% | 1 | 0 | 2024-10-14T18:30:37 | In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform ve | |
| CVE-2024-45736 | 6.5 | 0.04% | 1 | 0 | 2024-10-14T18:30:32 | In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Pla | |
| CVE-2024-45732 | 7.1 | 0.05% | 1 | 0 | 2024-10-14T18:30:32 | In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and S | |
| CVE-2024-45733 | 8.8 | 0.05% | 1 | 0 | 2024-10-14T18:30:32 | In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privilege | |
| CVE-2024-45737 | 4.3 | 0.04% | 1 | 0 | 2024-10-14T18:30:31 | In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Pla | |
| CVE-2024-9936 | None | 0.04% | 1 | 0 | 2024-10-14T15:30:54 | When manipulating the selection node cache, an attacker may have been able to ca | |
| CVE-2024-9821 | 8.8 | 0.05% | 2 | 1 | 2024-10-12T03:30:47 | The Bot for Telegram on WooCommerce plugin for WordPress is vulnerable to sensit | |
| CVE-2024-45316 | 7.8 | 0.07% | 1 | 0 | 2024-10-12T00:31:53 | The Improper link resolution before file access ('Link Following') vulnerability | |
| CVE-2024-9707 | 9.8 | 0.06% | 2 | 1 | 2024-10-11T15:30:45 | The Hunk Companion plugin for WordPress is vulnerable to unauthorized plugin ins | |
| CVE-2024-9234 | 9.8 | 0.04% | 2 | 1 | template | 2024-10-11T15:30:44 | The GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block |
| CVE-2024-9164 | 9.6 | 0.04% | 2 | 0 | 2024-10-11T15:30:44 | An issue was discovered in GitLab EE affecting all versions starting from 12.5 p | |
| CVE-2024-45317 | None | 0.04% | 1 | 0 | 2024-10-11T15:30:44 | A Server-Side Request Forgery (SSRF) vulnerability in SMA1000 appliance firmware | |
| CVE-2024-5005 | 4.3 | 0.04% | 1 | 0 | 2024-10-11T15:30:44 | An issue has been discovered discovered in GitLab EE/CE affecting all versions s | |
| CVE-2024-8970 | 8.2 | 0.04% | 1 | 0 | 2024-10-11T15:30:44 | An issue was discovered in GitLab CE/EE affecting all versions starting from 11. | |
| CVE-2024-9312 | 7.6 | 0.04% | 1 | 0 | 2024-10-11T02:30:30 | CVE description: Authd, through version 0.3.6, did not sufficiently randomize u | |
| CVE-2024-9487 | None | 0.04% | 1 | 0 | 2024-10-11T00:31:40 | An improper verification of cryptographic signature vulnerability was identified | |
| CVE-2024-9380 | 7.2 | 4.64% | 7 | 0 | 2024-10-10T18:32:16 | An OS command injection vulnerability in the admin web console of Ivanti CSA bef | |
| CVE-2024-9596 | 3.7 | 0.05% | 1 | 0 | 2024-10-10T12:31:19 | An issue has been discovered in GitLab EE affecting all versions starting from 1 | |
| CVE-2024-9623 | 4.9 | 0.05% | 1 | 0 | 2024-10-10T12:31:19 | An issue was discovered in GitLab CE/EE affecting all versions starting from 8.1 | |
| CVE-2024-45519 | 10.0 | 76.66% | 1 | 3 | template | 2024-10-10T00:32:08 | The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 |
| CVE-2024-38815 | 4.3 | 0.04% | 1 | 0 | 2024-10-09T21:31:14 | VMware NSX contains a content spoofing vulnerability. An unauthenticated malic | |
| CVE-2024-38818 | 6.7 | 0.04% | 1 | 0 | 2024-10-09T21:31:14 | VMware NSX contains a local privilege escalation vulnerability. An authenticat | |
| CVE-2024-38817 | 6.7 | 0.04% | 1 | 0 | 2024-10-09T21:31:14 | Mware NSX contains a command injection vulnerability. A malicious actor with a | |
| CVE-2024-9468 | None | 0.04% | 1 | 0 | 2024-10-09T18:31:50 | A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows a | |
| CVE-2024-9470 | None | 0.04% | 1 | 0 | 2024-10-09T18:31:50 | A vulnerability in Cortex XSOAR allows the disclosure of incident data to users | |
| CVE-2024-8015 | 9.1 | 0.05% | 2 | 0 | 2024-10-09T15:32:28 | In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a rem | |
| CVE-2024-43047 | 7.8 | 0.06% | 4 | 0 | 2024-10-09T14:39:06.540000 | Memory corruption while maintaining memory maps of HLOS memory. | |
| CVE-2024-43601 | 7.1 | 0.04% | 1 | 0 | 2024-10-08T18:33:29 | Visual Studio Code for Linux Remote Code Execution Vulnerability | |
| CVE-2024-9379 | 6.5 | 0.76% | 6 | 0 | 2024-10-08T18:33:24 | SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows | |
| CVE-2024-20659 | 7.1 | 0.05% | 2 | 0 | 2024-10-08T18:33:24 | Windows Hyper-V Security Feature Bypass Vulnerability | |
| CVE-2024-9381 | 7.2 | 0.05% | 7 | 0 | 2024-10-08T18:33:23 | Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated | |
| CVE-2024-9441 | 9.8 | 0.04% | 1 | 2 | 2024-10-04T13:50:43.727000 | The Linear eMerge e3-Series through version 1.00-07 is vulnerable to an OS comma | |
| CVE-2024-44193 | 8.4 | 0.04% | 1 | 1 | 2024-10-03T21:32:08 | A logic issue was addressed with improved restrictions. This issue is fixed in i | |
| CVE-2024-38813 | 7.5 | 0.09% | 4 | 0 | 2024-10-02T15:31:39 | The vCenter Server contains a privilege escalation vulnerability. A malicious ac | |
| CVE-2024-38812 | 9.8 | 0.09% | 15 | 0 | 2024-10-02T15:30:37 | The vCenter Server contains a heap-overflow vulnerability in the implementation | |
| CVE-2024-44133 | 5.5 | 0.04% | 11 | 0 | 2024-09-24T18:31:24 | This issue was addressed by removing the vulnerable code. This issue is fixed in | |
| CVE-2024-8260 | 6.1 | 0.04% | 2 | 0 | 2024-09-20T22:06:12 | A SMB force-authentication vulnerability exists in all versions of OPA for Windo | |
| CVE-2024-7254 | 0 | 0.04% | 3 | 0 | 2024-09-20T12:30:17.483000 | Any project that parses untrusted Protocol Buffers data containing an arbitrary | |
| CVE-2024-8698 | 7.7 | 0.90% | 1 | 1 | template | 2024-09-19T21:34:31 | A flaw exists in the SAML signature validation method within the Keycloak XMLSig |
| CVE-2024-8963 | 9.4 | 30.99% | 2 | 0 | 2024-09-19T18:30:58 | Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenti | |
| CVE-2024-45409 | 10.0 | 16.41% | 4 | 1 | 2024-09-16T15:29:27 | Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature | |
| CVE-2024-8529 | 10.0 | 0.09% | 2 | 1 | 2024-09-12T09:31:27 | The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL | |
| CVE-2024-8190 | 7.2 | 15.12% | 2 | 2 | 2024-09-10T21:31:40 | An OS command injection vulnerability in Ivanti Cloud Services Appliance version | |
| CVE-2024-43965 | 8.2 | 0.09% | 2 | 1 | 2024-08-29T18:31:42 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2019-7256 | 9.8 | 97.25% | 1 | 0 | template | 2024-08-13T19:20:23.200000 | Linear eMerge E3-Series devices allow Command Injections. |
| CVE-2024-38178 | 7.5 | 1.32% | 7 | 0 | 2024-08-13T18:31:21 | Scripting Engine Memory Corruption Vulnerability | |
| CVE-2024-21147 | 7.4 | 0.09% | 1 | 0 | 2024-08-13T03:32:22 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Ente | |
| CVE-2024-38200 | 7.5 | 0.56% | 1 | 1 | 2024-08-12T15:30:50 | Microsoft Office Spoofing Vulnerability | |
| CVE-2024-5910 | None | 0.90% | 1 | 0 | 2024-08-09T05:01:56 | Missing authentication for a critical function in Palo Alto Networks Expedition | |
| CVE-2024-6197 | 7.5 | 0.07% | 1 | 0 | 2024-08-01T15:33:14 | libcurl's ASN1 parser has this utf8asn1str() function used for parsing an ASN.1 | |
| CVE-2024-7135 | 6.5 | 0.10% | 2 | 1 | 2024-07-31T12:31:48 | The Tainacan plugin for WordPress is vulnerable to unauthorized access of data d | |
| CVE-2024-38094 | 7.2 | 0.09% | 2 | 0 | 2024-07-09T18:31:01 | Microsoft SharePoint Remote Code Execution Vulnerability | |
| CVE-2024-37383 | 6.1 | 0.04% | 2 | 0 | 2024-07-03T18:44:17 | Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate | |
| CVE-2024-29824 | 9.6 | 36.33% | 1 | 3 | template | 2024-07-03T18:43:59 | An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 |
| CVE-2024-30052 | 4.7 | 0.06% | 1 | 1 | 2024-07-02T14:20:55.230000 | Visual Studio Remote Code Execution Vulnerability | |
| CVE-2024-4577 | 9.8 | 96.32% | 1 | 53 | 2024-06-21T21:35:02 | In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, wh | |
| CVE-2024-4367 | None | 0.04% | 1 | 10 | 2024-06-10T20:18:19 | ### Impact If pdf.js is used to load a malicious PDF, and PDF.js is configured w | |
| CVE-2024-35219 | 8.3 | 0.04% | 2 | 0 | 2024-05-28T15:47:59 | ### Impact Attackers can exploit the vulnerability to read and delete files and | |
| CVE-2020-1472 | 5.5 | 52.41% | 1 | 1 | 2024-05-23T17:56:29.137000 | An elevation of privilege vulnerability exists when an attacker establishes a vu | |
| CVE-2024-29131 | 6.5 | 0.04% | 1 | 0 | 2024-05-02T18:47:15 | This Out-of-bounds Write vulnerability in Apache Commons Configuration affects A | |
| CVE-2023-2868 | 9.4 | 7.88% | 1 | 4 | 2024-04-04T05:46:09 | A remote command injection vulnerability exists in the Barracuda Email Security | |
| CVE-2023-7028 | 10.0 | 95.76% | 1 | 14 | template | 2024-03-14T05:02:56 | An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 pr |
| CVE-2024-23113 | 9.8 | 1.84% | 10 | 5 | 2024-02-15T15:30:37 | A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 | |
| CVE-1999-0113 | 0 | 1.58% | 2 | 0 | 2024-02-13T17:55:39.687000 | Some implementations of rlogin allow root access if given a -froot parameter. | |
| CVE-2022-24785 | 7.5 | 0.33% | 1 | 0 | 2023-11-29T22:04:56 | ### Impact This vulnerability impacts npm (server) users of moment.js, especiall | |
| CVE-2022-31129 | 7.5 | 0.76% | 1 | 0 | 2023-11-29T22:02:29 | ### Impact * using string-to-date parsing in moment (more specifically rfc2822 | |
| CVE-2022-31197 | 7.1 | 0.12% | 1 | 0 | 2023-10-30T13:06:31 | ### Impact _What kind of vulnerability is it? Who is impacted?_ The PGJDBC impl | |
| CVE-2022-41128 | 8.8 | 56.24% | 1 | 0 | 2023-05-28T05:01:06 | Windows Scripting Languages Remote Code Execution Vulnerability. This CVE ID is | |
| CVE-2022-40684 | 9.8 | 97.37% | 1 | 1 | template | 2023-03-27T18:30:24 | An authentication bypass using an alternate path or channel [CWE-288] in Fortine |
| CVE-2017-11882 | 7.8 | 97.44% | 1 | 34 | 2023-02-01T05:03:36 | Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Micr | |
| CVE-2020-1380 | 7.5 | 20.70% | 1 | 0 | 2023-01-29T05:03:44 | A remote code execution vulnerability exists in the way that the scripting engin | |
| CVE-2022-26134 | 9.8 | 97.40% | 2 | 75 | template | 2023-01-27T05:03:24 | In affected versions of Confluence Server and Data Center, an OGNL injection vul |
| CVE-2017-5715 | 5.6 | 97.52% | 2 | 20 | 2021-08-16T09:15:06.987000 | Systems with microprocessors utilizing speculative execution and indirect branch | |
| CVE-2024-9050 | 0 | 0.00% | 2 | 0 | N/A | ||
| CVE-2021-41277 | 0 | 95.15% | 2 | 13 | template | N/A | |
| CVE-2024-38819 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2024-28988 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2024-24919 | 0 | 94.03% | 1 | 53 | template | N/A | |
| CVE-2024-9631 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2024-9427 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2024-47176 | 0 | 0.06% | 1 | 13 | N/A |
updated 2024-10-22T17:33:23.837000
16 posts
CVE Alert: CVE-2024-9537 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9537/
##CVE Alert: CVE-2024-9537 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9537/
##CVE Alert: CVE-2024-9537 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9537/
##CVE Alert: CVE-2024-9537 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9537/
###CISA adds new entries to the KEV catalogue:
- ScienceLogic SL1 Unspecified Vulnerability CVE-2024-9537 https://www.cve.org/CVERecord?id=CVE-2024-9537
- Industrial Control Systems Advisory https://www.cisa.gov/news-events/alerts/2024/10/22/cisa-releases-one-industrial-control-systems-advisory @cisacyber #cybersecurity #Infosec
##CVE-2024-9537: CISA Warns of Unpatched ScienceLogic SL1 Exploit in Active Use https://thecyberexpress.com/cve-2024-9537-sciencelogic-sl1-exploit/ #CybersecurityandInfrastructureSecurityAgency #knownexploitedvulnerabilities #ScienceLogicSL1vulnerability #VulnerabilityManagement #TheCyberExpressNews #Vulnerabilities #ScienceLogicSL1 #TheCyberExpress #FirewallDaily #KEVCatalog #CyberNews #CISA
##CVE ID: CVE-2024-9537
Vendor: ScienceLogic
Product: SL1
Date Added: 2024-10-21
Vulnerability: ScienceLogic SL1 Unspecified Vulnerability
Notes: https://support.sciencelogic.com/s/article/15527 ; https://nvd.nist.gov/vuln/detail/CVE-2024-9537
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-9537
#CISA has added one entry to the KEV catalogue:
- ScienceLogic SL1 Unspecified Vulnerability CVE-2024-9537 https://www.cve.org/CVERecord?id=CVE-2024-9537 @cisacyber #cybersecurity #Infosec
##Aside from having one of the worst vulnerability disclosure processes from any vendor, ScienceLogic also now has a CVE allocated by... CISA.
Maybe they can make legal threats to the USG this time... or hire some security people. https://www.cve.org/CVERecord?id=CVE-2024-9537
##A CVE has been allocated for the ScienceLogic ‘third party application’ zero day that lead to the Rackspace breach. CVE-2024-9537
Patches have been made available finally.
The articles for it are all behind a paywall on ScienceLogic portal.
The vulnerability description is an “unspecified vulnerability”.
Friday night dump.
###CISA adds new entries to the KEV catalogue:
- ScienceLogic SL1 Unspecified Vulnerability CVE-2024-9537 https://www.cve.org/CVERecord?id=CVE-2024-9537
- Industrial Control Systems Advisory https://www.cisa.gov/news-events/alerts/2024/10/22/cisa-releases-one-industrial-control-systems-advisory @cisacyber #cybersecurity #Infosec
##CVE-2024-9537: CISA Warns of Unpatched ScienceLogic SL1 Exploit in Active Use https://thecyberexpress.com/cve-2024-9537-sciencelogic-sl1-exploit/ #CybersecurityandInfrastructureSecurityAgency #knownexploitedvulnerabilities #ScienceLogicSL1vulnerability #VulnerabilityManagement #TheCyberExpressNews #Vulnerabilities #ScienceLogicSL1 #TheCyberExpress #FirewallDaily #KEVCatalog #CyberNews #CISA
##CVE ID: CVE-2024-9537
Vendor: ScienceLogic
Product: SL1
Date Added: 2024-10-21
Vulnerability: ScienceLogic SL1 Unspecified Vulnerability
Notes: https://support.sciencelogic.com/s/article/15527 ; https://nvd.nist.gov/vuln/detail/CVE-2024-9537
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-9537
#CISA has added one entry to the KEV catalogue:
- ScienceLogic SL1 Unspecified Vulnerability CVE-2024-9537 https://www.cve.org/CVERecord?id=CVE-2024-9537 @cisacyber #cybersecurity #Infosec
##Aside from having one of the worst vulnerability disclosure processes from any vendor, ScienceLogic also now has a CVE allocated by... CISA.
Maybe they can make legal threats to the USG this time... or hire some security people. https://www.cve.org/CVERecord?id=CVE-2024-9537
##A CVE has been allocated for the ScienceLogic ‘third party application’ zero day that lead to the Rackspace breach. CVE-2024-9537
Patches have been made available finally.
The articles for it are all behind a paywall on ScienceLogic portal.
The vulnerability description is an “unspecified vulnerability”.
Friday night dump.
##updated 2024-10-22T14:02:50.473000
4 posts
CVE Alert: CVE-2024-9674 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9674/
##CVE Alert: CVE-2024-9674 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9674/
##CVE Alert: CVE-2024-9674 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9674/
##CVE Alert: CVE-2024-9674 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9674/
##updated 2024-10-22T13:55:04.537000
4 posts
CVE Alert: CVE-2024-9425 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9425/
##CVE Alert: CVE-2024-9425 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9425/
##CVE Alert: CVE-2024-9425 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9425/
##CVE Alert: CVE-2024-9425 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9425/
##updated 2024-10-21T21:31:52
4 posts
CVE Alert: CVE-2024-8625 - https://www.redpacketsecurity.com/cve_alert_cve-2024-8625/
##CVE Alert: CVE-2024-8625 - https://www.redpacketsecurity.com/cve_alert_cve-2024-8625/
##CVE Alert: CVE-2024-8625 - https://www.redpacketsecurity.com/cve_alert_cve-2024-8625/
##CVE Alert: CVE-2024-8625 - https://www.redpacketsecurity.com/cve_alert_cve-2024-8625/
##updated 2024-10-21T18:35:55.397000
2 posts
CVE Alert: CVE-2024-7994 - https://www.redpacketsecurity.com/cve_alert_cve-2024-7994/
##CVE Alert: CVE-2024-7994 - https://www.redpacketsecurity.com/cve_alert_cve-2024-7994/
##updated 2024-10-21T17:10:22.857000
6 posts
1 repos
CVE Alert: CVE-2024-9593 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9593/
##CVE Alert: CVE-2024-9593 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9593/
##CVE Alert: CVE-2024-9593 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9593/
##CVE Alert: CVE-2024-9593 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9593/
##updated 2024-10-21T15:32:39
4 posts
CVE Alert: CVE-2024-8305 - https://www.redpacketsecurity.com/cve_alert_cve-2024-8305/
##CVE Alert: CVE-2024-8305 - https://www.redpacketsecurity.com/cve_alert_cve-2024-8305/
##CVE Alert: CVE-2024-8305 - https://www.redpacketsecurity.com/cve_alert_cve-2024-8305/
##CVE Alert: CVE-2024-8305 - https://www.redpacketsecurity.com/cve_alert_cve-2024-8305/
##updated 2024-10-21T15:32:39
4 posts
CVE Alert: CVE-2024-6519 - https://www.redpacketsecurity.com/cve_alert_cve-2024-6519/
##CVE Alert: CVE-2024-6519 - https://www.redpacketsecurity.com/cve_alert_cve-2024-6519/
##CVE Alert: CVE-2024-6519 - https://www.redpacketsecurity.com/cve_alert_cve-2024-6519/
##CVE Alert: CVE-2024-6519 - https://www.redpacketsecurity.com/cve_alert_cve-2024-6519/
##updated 2024-10-19T12:30:39
4 posts
CVE Alert: CVE-2024-9897 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9897/
##CVE Alert: CVE-2024-9897 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9897/
##CVE Alert: CVE-2024-9897 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9897/
##CVE Alert: CVE-2024-9897 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9897/
##updated 2024-10-19T09:30:53
4 posts
CVE Alert: CVE-2024-9889 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9889/
##CVE Alert: CVE-2024-9889 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9889/
##CVE Alert: CVE-2024-9889 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9889/
##CVE Alert: CVE-2024-9889 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9889/
##updated 2024-10-19T09:30:48
4 posts
CVE Alert: CVE-2023-6243 - https://www.redpacketsecurity.com/cve_alert_cve-2023-6243/
##CVE Alert: CVE-2023-6243 - https://www.redpacketsecurity.com/cve_alert_cve-2023-6243/
##CVE Alert: CVE-2023-6243 - https://www.redpacketsecurity.com/cve_alert_cve-2023-6243/
##CVE Alert: CVE-2023-6243 - https://www.redpacketsecurity.com/cve_alert_cve-2023-6243/
##updated 2024-10-19T06:30:39
4 posts
CVE Alert: CVE-2024-9219 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9219/
##CVE Alert: CVE-2024-9219 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9219/
##CVE Alert: CVE-2024-9219 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9219/
##CVE Alert: CVE-2024-9219 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9219/
##updated 2024-10-19T00:32:04
2 posts
@cR0w did you see the AmberWolf blog? https://infosec.exchange/@screaminggoat/113278404949270225
Ivanti sat on the Connect Secure vulnerability CVE-2024-37404 for 90 days, then silently patched it.
##AmberWolf: Ivanti Connect Secure - Authenticated RCE via OpenSSL CRLF Injection (CVE-2024-37404)
Reference: CVE-2024-37404 (9.1 critical, disclosed 08 October 2024 by Ivanti) Improper Input Validation in the admin portal of Ivanti Connect Secure before 22.7R2.1 and 9.1R18.9, or Ivanti Policy Secure before 22.7R1.1 allows a remote authenticated attacker to achieve remote code execution.
Never heard of AmberWolf before this, and they don't mess around: They are the vulnerability reporters and they drop a same-day proof of concept for CVE-2024-37404. In bird culture, that would normally be considered a dick move. In their defense though, look at the timeline: Ivanti sat on the vulnerability for over 90 days, and then admitted that they silently patched it in ICS 22.7R2.1 after AmberWolf threatened to publish vulnerability details back on 16 September 2024. They agreed on a coordinated disclosure date of October's Patch Tuesday (8th).
So Ivanti Connect Secure versions prior to 22.7R2.1 and 22.7R2.2, and Ivanti Policy Secure versions prior to 22.7R1.1, contain a "Carriage Return Line Feed" (CRLF) injection vulnerability which could be exploited by an authenticated administrator to execute arbitrary code with root privileges. It is fixed by updating to ICS version 22.7R2.1, 22.7R2.2, or Ivanti Policy Secure 22.7R1.1. Their proof of concept is a POST request containing a CRLF and OpenSSL payload resulting in a reverse shell running under the root user.
Hilariously, they also confirm Eclypsium's findings that the Ivanti Connect Secure appliance is based on the 11 year old Linux CentOS 6.4.
#ivanti #vulnerability #CVE_2024_37404 #cve #proofofconcept #vulnerabilityanalysis #crlf
##updated 2024-10-18T12:52:33.507000
2 posts
CVE Alert: CVE-2024-7316 - https://www.redpacketsecurity.com/cve_alert_cve-2024-7316/
##CVE Alert: CVE-2024-7316 - https://www.redpacketsecurity.com/cve_alert_cve-2024-7316/
##updated 2024-10-18T12:52:33.507000
4 posts
CVE Alert: CVE-2024-7755 - https://www.redpacketsecurity.com/cve_alert_cve-2024-7755/
##CVE Alert: CVE-2024-7755 - https://www.redpacketsecurity.com/cve_alert_cve-2024-7755/
##CVE Alert: CVE-2024-7755 - https://www.redpacketsecurity.com/cve_alert_cve-2024-7755/
##CVE Alert: CVE-2024-7755 - https://www.redpacketsecurity.com/cve_alert_cve-2024-7755/
##updated 2024-10-18T12:51:11.257000
22 posts
1 repos
Critical Veeam Vulnerability CVE-2024-40711 Exploited by Ransomware Groups https://thecyberexpress.com/critical-veeam-vulnerability-2/ #remotecodeexecution #TheCyberExpressNews #Backup&Replication #Veeamvulnerability #Vulnerabilities #TheCyberExpress #FirewallDaily #Fogransomware #CVE202440711 #CyberNews #akira
##Critical Veeam Vulnerability CVE-2024-40711 Exploited by Ransomware Groups https://thecyberexpress.com/critical-veeam-vulnerability-2/ #remotecodeexecution #TheCyberExpressNews #Backup&Replication #Veeamvulnerability #Vulnerabilities #TheCyberExpress #FirewallDaily #Fogransomware #CVE202440711 #CyberNews #akira
##Critical Veeam Vulnerability CVE-2024-40711 Exploited by Ransomware Groups https://thecyberexpress.com/critical-veeam-vulnerability-2/ #remotecodeexecution #TheCyberExpressNews #Backup&Replication #Veeamvulnerability #Vulnerabilities #TheCyberExpress #FirewallDaily #Fogransomware #CVE202440711 #CyberNews #akira
##Critical Veeam Vulnerability CVE-2024-40711 Exploited by Ransomware Groups https://thecyberexpress.com/critical-veeam-vulnerability-2/ #remotecodeexecution #TheCyberExpressNews #Backup&Replication #Veeamvulnerability #Vulnerabilities #TheCyberExpress #FirewallDaily #Fogransomware #CVE202440711 #CyberNews #akira
##CISA confirms Veeam vulnerability is being used in ransomware attacks
CISA added CVE-2024-40711 to its Known Exploited Vulnerabilities database and specified that the bug in Veeam software products is being used to...
🔗️ [Therecord] https://link.is.it/n7tqri
##Update: CISA has added CVE-2024-40711: Veeam Backup and Replication Deserialization Vulnerability to its 'Known Exploited Vulnerabilities' catalog.
Link: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Veeam Backup and Replication Deserialization Vulnerability (CVE-2024-40711) https://fortiguard.fortinet.com/threat-signal-report/5559
##Unpatched Veeam and VPNs leveraged in recent ransomware attacks.
Veeam CVE-2024-40711 combined with vulnerable VPNs and remote access gateways equals ransomware attacks against a wide variety of organizations with limited IT resources.
http://thepacketrat.com/2024/10/17/unpatched-veeam-and-vpns-leveraged-in-recent-ransomware-attacks/
##CISA confirms Veeam vulnerability is being used in ransomware attacks
CISA added CVE-2024-40711 to its Known Exploited Vulnerabilities database and specified that the bug in Veeam software products is being used to...
🔗️ [Therecord] https://link.is.it/n7tqri
##Veeam Backup and Replication Deserialization Vulnerability (CVE-2024-40711) https://fortiguard.fortinet.com/threat-signal-report/5559
##Unpatched Veeam and VPNs leveraged in recent ransomware attacks.
Veeam CVE-2024-40711 combined with vulnerable VPNs and remote access gateways equals ransomware attacks against a wide variety of organizations with limited IT resources.
http://thepacketrat.com/2024/10/17/unpatched-veeam-and-vpns-leveraged-in-recent-ransomware-attacks/
###CISA has updated the KEV catalogue:
- CVE-2024-40711: #Veeam Backup and Replication Deserialization Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-40711
- Seven Industrial Control Systems Advisories https://www.cisa.gov/news-events/alerts/2024/10/17/cisa-releases-seven-industrial-control-systems-advisories @cisacyber #cybersecurity #infosec
##CVE ID: CVE-2024-40711
Vendor: Veeam
Product: Backup & Replication
Date Added: 2024-10-17
Vulnerability: Veeam Backup and Replication Deserialization Vulnerability
Notes: https://www.veeam.com/kb4649 ; https://nvd.nist.gov/vuln/detail/CVE-2024-40711
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-40711
Critical Veeam Vulnerability CVE-2024-40711 Exploited by Ransomware Groups
https://thecyberexpress.com/critical-veeam-vulnerability-2/?utm_source=flipboard&utm_medium=activitypub
Posted into Cybersecurity Today @cybersecurity-today-rhudaur
##CISA: CISA Adds One Known Exploited Vulnerability to Catalog
Hot off the press! CVE-2024-40711 (9.8 critical, disclosed 04 September 2024 by Veeam, has Proof of Concept and vulnerability details) Veeam Backup and Replication Deserialization Vulnerability
On 10 October 2024, @SophosXOps warned that Akira and Fog ransomware attacks were leveraging CVE-2024-40711 .
cc: @neurovagrant @ntkramer @iagox86
#CISA #KEV #CISAKEV #CVE_2024_40711 #veeam #vulnerability #cve #eitw #activeexploitation #ransomware #threatintel #infosec #cybersecurity #cyberthreatintelligence #CTI
##Critical Vulnerability in Veeam Products Exploited by Ransomware Gangs
CVE-2024-40711 in Veeam Backup & Replication, with a CVSS score of 9.8, is being exploited for ransomware attacks. Veeam issued a patch in version...
🔗️ [Cyble] https://link.is.it/5zqsxh
##Cybersecurity vendor Sophos said it has been tracking a series of attacks in the past month leveraging compromised VPN credentials and CVE-2024-40711 to create a local account and deploy the ransomware. https://thehackernews.com/2024/10/critical-veeam-vulnerability-exploited.html
##Cette faille critique dans Veeam Backup & Replication est exploitée par les ransomwares Akira et Fog ! https://www.it-connect.fr/faille-critique-veeam-ransomwares-akira-et-fog-cve-2024-40711/ #ActuCybersécurité
##@codewhitesec @frycos I'm sure you've already seen @SinSinology's assessment of CVE-2024-40711, particularly where he noted both the deserialization of untrusted data, but also an improper authentication bug that Veeam silently patched? https://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2/
##@SophosXOps warns that ransomware actors are leveraging compromised credentials (VPN gateways without multifactor authentication enabled) and a Veeam vulnerability CVE-2024-40711 to create an account and attempt to deploy ransomware. https://infosec.exchange/@SophosXOps/113284564225476186 Indicators in 4 cases overlap with earlier Akira and Fog ransomware attacks.
Reference: CVE-2024-40711 (9.8 critical, disclosed 04 September 2024 by Veeam, has Proof of Concept and vulnerability details) Veeam Backup & Replication Remote Code Execution Vulnerability (deserialization of untrusted data)
#fogransomware #akira #ransomware #CVE_2024_40711 #veeam #vulnerability #eitw #activeexploitation #threatintel #infosec #cybersecurity #cyberthreatintelligence #cti
##Hey @frycos @codewhitesec doesn't CVE-2024-40711 look familiar to you? Strange coincidence that I spot it in your public vulnerabilities list, and @SophosXOps warns of its exploitation minutes later.
##Sophos X-Ops MDR and Incident Response are tracking a series of attacks in the past month leveraging compromised credentials and a known vulnerability in Veeam (CVE-2024-40711) to create an account and attempt to deploy ransomware.
In one case, attackers dropped Fog ransomware. Another attack in the same timeframe attempted to deploy Akira ransomware. Indicators in all 4 cases overlap with earlier Akira and Fog ransomware attacks.
In each of the cases, attackers initially accessed targets using compromised VPN gateways without multifactor authentication enabled. Some of these VPNs were running unsupported software versions.
Each time, the attackers exploited VEEAM on the URI /trigger on port 8000, triggering the Veeam.Backup.MountService.exe to spawn net.exe. The exploit creates a local account, "point," adding it to the local Administrators and Remote Desktop Users groups.
In the Fog ransomware incident, the attacker deployed it to an unprotected Hyper-V server, then used the utility rclone to exfiltrate data. Sophos endpoint protection and MDR prevented ransomware deployments in the other cases.
These cases underline the importance of patching known vulnerabilities, updating/replacing out-of-support VPNs, and using multifactor authentication to control remote access. Sophos X-Ops continues to track this threat behavior.
##updated 2024-10-18T09:31:27
4 posts
CVE Alert: CVE-2024-4739 - https://www.redpacketsecurity.com/cve_alert_cve-2024-4739/
##CVE Alert: CVE-2024-4739 - https://www.redpacketsecurity.com/cve_alert_cve-2024-4739/
##CVE Alert: CVE-2024-4739 - https://www.redpacketsecurity.com/cve_alert_cve-2024-4739/
##CVE Alert: CVE-2024-4739 - https://www.redpacketsecurity.com/cve_alert_cve-2024-4739/
##updated 2024-10-18T09:31:27
4 posts
CVE Alert: CVE-2024-4740 - https://www.redpacketsecurity.com/cve_alert_cve-2024-4740/
##CVE Alert: CVE-2024-4740 - https://www.redpacketsecurity.com/cve_alert_cve-2024-4740/
##CVE Alert: CVE-2024-4740 - https://www.redpacketsecurity.com/cve_alert_cve-2024-4740/
##CVE Alert: CVE-2024-4740 - https://www.redpacketsecurity.com/cve_alert_cve-2024-4740/
##updated 2024-10-17T20:28:43
6 posts
CVE Alert: CVE-2024-9594 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9594/
##CVE Alert: CVE-2024-9594 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9594/
##CVE Alert: CVE-2024-9594 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9594/
##CVE Alert: CVE-2024-9594 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9594/
##CVE-2024-9486 :: CVSS Score 9.8
Kubernetes Image Builder vulnerability may allow root level of access to Virtual Machines.. #PatchNOW
https://github.com/kubernetes/kubernetes/issues/128006
#Kubernetes
#Linux
#ComputerSecurity
#hacked
#Cyberattack
#infosec
#informationsecurity
#CyberSecurityAwareness
#DataBreach
#cybersecurity
CVE-2024-9594 #SuggestedRead #devopsish https://github.com/kubernetes/kubernetes/issues/128007
##updated 2024-10-17T20:28:18
6 posts
CVE Alert: CVE-2024-9486 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9486/
##CVE Alert: CVE-2024-9486 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9486/
##CVE Alert: CVE-2024-9486 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9486/
##CVE Alert: CVE-2024-9486 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9486/
##CVE-2024-9486 :: CVSS Score 9.8
Kubernetes Image Builder vulnerability may allow root level of access to Virtual Machines.. #PatchNOW
https://github.com/kubernetes/kubernetes/issues/128006
#Kubernetes
#Linux
#ComputerSecurity
#hacked
#Cyberattack
#infosec
#informationsecurity
#CyberSecurityAwareness
#DataBreach
#cybersecurity
CVE-2024-9486 #SuggestedRead #devopsish https://github.com/kubernetes/kubernetes/issues/128006
##updated 2024-10-17T15:32:17
7 posts
Splunk’s Recent Security Advisory: Addressing Vulnerabilities in Splunk Enterprise https://thecyberexpress.com/splunk-vulnerabilities/ #vulnerabilitiesinSplunk #SplunkVulnerabilities #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202445731 #CyberNews
##Splunk’s Recent Security Advisory: Addressing Vulnerabilities in Splunk Enterprise https://thecyberexpress.com/splunk-vulnerabilities/ #vulnerabilitiesinSplunk #SplunkVulnerabilities #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202445731 #CyberNews
##Splunk’s Recent Security Advisory: Addressing Vulnerabilities in Splunk Enterprise https://thecyberexpress.com/splunk-vulnerabilities/ #vulnerabilitiesinSplunk #SplunkVulnerabilities #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202445731 #CyberNews
##Splunk’s Recent Security Advisory: Addressing Vulnerabilities in Splunk Enterprise https://thecyberexpress.com/splunk-vulnerabilities/ #vulnerabilitiesinSplunk #SplunkVulnerabilities #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202445731 #CyberNews
##CVE Alert: CVE-2024-45731 - https://www.redpacketsecurity.com/cve_alert_cve-2024-45731/
##CVE Alert: CVE-2024-45731 - https://www.redpacketsecurity.com/cve_alert_cve-2024-45731/
##Splunk Quarterly Update: Oh lord I forgot that Splunk does this.
No mention of exploitation, I haven't checked the third party package CVEs individually though.
##updated 2024-10-17T15:32:16
1 posts
Splunk Quarterly Update: Oh lord I forgot that Splunk does this.
No mention of exploitation, I haven't checked the third party package CVEs individually though.
##updated 2024-10-17T15:32:16
1 posts
Splunk Quarterly Update: Oh lord I forgot that Splunk does this.
No mention of exploitation, I haven't checked the third party package CVEs individually though.
##updated 2024-10-17T15:31:09
2 posts
CVE Alert: CVE-2024-21250 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21250/
##CVE Alert: CVE-2024-21250 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21250/
##updated 2024-10-17T15:31:09
1 posts
Critical: CVE-2024-21216 :: CVSS 9.8
Update your Oracle WebLogic Server NOW!!
Technical Details:
https://patchnow24x7.com/blog-1/f/cve-2024-21216-oracle-patches-an-easy-to-exploit-vulnerability
#PatchNOW
#Oracle
#Vulnerability
#ComputerSecurity
#hacked
#Cyberattack
#infosec
#informationsecurity
#CyberSecurityAwareness
#DataBreach
#cybersecurity
updated 2024-10-17T12:31:10
1 posts
SolarWinds multiple security advisories: SolarWinds Security Vulnerabilities
No mention of exploitation.
##updated 2024-10-17T06:31:37
2 posts
1 repos
Palo Alto Networks security advisory: PAN-SA-2024-0010 Expedition: Multiple Vulnerabilities Lead to Firewall Admin Account Takeover
See parent toot above for Horizon3 vulnerability details.
Palo Alto Networks is not aware of any malicious exploitation of these issues.
##Horizon3: Palo Alto Expedition: From N-Day to Full Compromise
References:
Daaaaaaaamn @hacks_zach, Zach Hanley at it again with the Palo Alto Networks vulnerabilities. In trying to find CVE2-2024-5910 in Expedition (a configuration migration tool from a supported vendor to Palo Alto Networks PAN-OS), he found CVE-2024-9464, CVE-2024-9465 and CVE-2024-9466. It appears that CVE-2024-9465 (unauth SQL injection) leads to leaking credentials via "users" and "devices" tables which contain password hashes and device API keys. This is the CVE-2024-9466.
#paloaltonetworks #expedition #vulnerability #CVE #vulnerabilityanalysis
##updated 2024-10-17T06:30:32
3 posts
2 repos
@Viss @mttaggart dinna worry, lads. Palo Alto’s less-than-one-year-old Precision AI™ will keep their customers safe from this past week's SQL injection (a 20+ year old weakness category) vulnerability (CVE-2024-9465) in their own widely-used products. 100%. Guaranteed¹.
¹THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
##Palo Alto Networks security advisory: PAN-SA-2024-0010 Expedition: Multiple Vulnerabilities Lead to Firewall Admin Account Takeover
See parent toot above for Horizon3 vulnerability details.
Palo Alto Networks is not aware of any malicious exploitation of these issues.
##Horizon3: Palo Alto Expedition: From N-Day to Full Compromise
References:
Daaaaaaaamn @hacks_zach, Zach Hanley at it again with the Palo Alto Networks vulnerabilities. In trying to find CVE2-2024-5910 in Expedition (a configuration migration tool from a supported vendor to Palo Alto Networks PAN-OS), he found CVE-2024-9464, CVE-2024-9465 and CVE-2024-9466. It appears that CVE-2024-9465 (unauth SQL injection) leads to leaking credentials via "users" and "devices" tables which contain password hashes and device API keys. This is the CVE-2024-9466.
#paloaltonetworks #expedition #vulnerability #CVE #vulnerabilityanalysis
##updated 2024-10-17T06:30:32
1 posts
Happy #PatchTuesday on a Wednesday from Palo Alto Networks (includes a zero-day)
Palo Alto Networks is not aware of any malicious exploitation of these issues.
##updated 2024-10-17T06:30:32
2 posts
1 repos
Palo Alto Networks security advisory: PAN-SA-2024-0010 Expedition: Multiple Vulnerabilities Lead to Firewall Admin Account Takeover
See parent toot above for Horizon3 vulnerability details.
Palo Alto Networks is not aware of any malicious exploitation of these issues.
##Horizon3: Palo Alto Expedition: From N-Day to Full Compromise
References:
Daaaaaaaamn @hacks_zach, Zach Hanley at it again with the Palo Alto Networks vulnerabilities. In trying to find CVE2-2024-5910 in Expedition (a configuration migration tool from a supported vendor to Palo Alto Networks PAN-OS), he found CVE-2024-9464, CVE-2024-9465 and CVE-2024-9466. It appears that CVE-2024-9465 (unauth SQL injection) leads to leaking credentials via "users" and "devices" tables which contain password hashes and device API keys. This is the CVE-2024-9466.
#paloaltonetworks #expedition #vulnerability #CVE #vulnerabilityanalysis
##updated 2024-10-17T00:32:47
2 posts
CVE Alert: CVE-2024-7993 - https://www.redpacketsecurity.com/cve_alert_cve-2024-7993/
##CVE Alert: CVE-2024-7993 - https://www.redpacketsecurity.com/cve_alert_cve-2024-7993/
##updated 2024-10-16T21:51:34.370000
2 posts
From yesterday.
Akamai: Call and Register — Relay Attack on WinReg RPC Client - CVE-2024-43532 https://www.akamai.com/blog/security-research/winreg-relay-vulnerability @akamai_research #cybersecurity #infoec #Microsoft #Windows
##From yesterday.
Akamai: Call and Register — Relay Attack on WinReg RPC Client - CVE-2024-43532 https://www.akamai.com/blog/security-research/winreg-relay-vulnerability @akamai_research #cybersecurity #infoec #Microsoft #Windows
##updated 2024-10-16T21:32:16
2 posts
A Firefox for iOS/iPadOS vulnerability that I reported months ago (https://infosec.exchange/@ErikvanStraten/113181487823109378) has finally been fixed in v131.2.
A thank you to Mozilla for fixing it; CVE-2024-10004 (https://www.mozilla.org/en-US/security/advisories/mfsa2024-54/) was assigned to this issue.
The vulnerability was that, under specific circumstances, Firefox would show a padlock without strikethrough for an http connection (see the images below).
To update Firefox for iOS/iPadOS, open https://apps.apple.com/app/firefox-private-safe-browser/id989804926; then double check that the Apple App Store app has opened, and that it is really the Firefox browser you're looking at (do not simply trust anyone, including me, who tells you to click on a link). Then tap the update button.
The update may also happen automatically, but that may take time.
@screaminggoat @mozilla
#Firefox #iOSFirefox #CVE_2024_10004 #Vulnerability #Phishing
Mozilla security advisory: 2024-54 Security Vulnerabilities fixed in Firefox for iOS 131.2
Nothing crazy, just one vulnerability: CVE-2024-10004 (moderate? I guess they mean medium) Opening external link to HTTP website could show an HTTPS padlock icon incorrectly
updated 2024-10-16T18:31:58
3 posts
CVE Alert: CVE-2024-20461 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20461/
##CVE Alert: CVE-2024-20461 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20461/
##Cisco multiple security advisories:
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
##updated 2024-10-16T18:31:58
2 posts
CVE Alert: CVE-2024-45071 - https://www.redpacketsecurity.com/cve_alert_cve-2024-45071/
##CVE Alert: CVE-2024-45071 - https://www.redpacketsecurity.com/cve_alert_cve-2024-45071/
##updated 2024-10-16T18:31:58
2 posts
CVE Alert: CVE-2024-45072 - https://www.redpacketsecurity.com/cve_alert_cve-2024-45072/
##CVE Alert: CVE-2024-45072 - https://www.redpacketsecurity.com/cve_alert_cve-2024-45072/
##updated 2024-10-16T18:31:58
3 posts
CVE Alert: CVE-2024-20463 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20463/
##CVE Alert: CVE-2024-20463 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20463/
##Cisco multiple security advisories:
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
##updated 2024-10-16T18:31:58
5 posts
CVE Alert: CVE-2024-38814 - https://www.redpacketsecurity.com/cve_alert_cve-2024-38814/
##CVE Alert: CVE-2024-38814 - https://www.redpacketsecurity.com/cve_alert_cve-2024-38814/
##CVE-2024-38814: SQL Injection vulnerability in VMWare HCX
Vulnerability Details: https://patchnow24x7.com/blog-1/f/cve-2024-38814-high-severity-sql-injection-flaw-in-vmware-hcx
#PatchNOW
#VMWare
#Vulnerability
#ComputerSecurity
#hacked
#Cyberattack
#infosec
#informationsecurity
#CyberSecurityAwareness
#DataBreach
#cybersecurity
VMware fixes high-severity SQL injection flaw CVE-2024-38814 in HCX – Source: securityaffairs.com https://ciso2ciso.com/vmware-fixes-high-severity-sql-injection-flaw-cve-2024-38814-in-hcx-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #VMwareHCX #Security #hacking
##VMware multiple security advisories:
No mention of exploitation.
##updated 2024-10-16T18:31:58
3 posts
CVE Alert: CVE-2024-20512 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20512/
##CVE Alert: CVE-2024-20512 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20512/
##Cisco multiple security advisories:
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
##updated 2024-10-16T18:31:53
3 posts
CVE Alert: CVE-2024-20462 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20462/
##CVE Alert: CVE-2024-20462 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20462/
##Cisco multiple security advisories:
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
##updated 2024-10-16T18:31:53
3 posts
CVE Alert: CVE-2024-20421 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20421/
##CVE Alert: CVE-2024-20421 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20421/
##Cisco multiple security advisories:
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
##updated 2024-10-16T18:31:53
5 posts
CVE Alert: CVE-2024-20458 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20458/
##CVE Alert: CVE-2024-20458 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20458/
##Impacting the web-based management interface of the firmware and tracked as CVE-2024-20458, the first bug exists because specific HTTP endpoints lack authentication. https://www.securityweek.com/cisco-patches-high-severity-vulnerabilities-in-analog-telephone-adapters/
##Impacting the web-based management interface of the firmware and tracked as CVE-2024-20458, the first bug exists because specific HTTP endpoints lack authentication. https://www.securityweek.com/cisco-patches-high-severity-vulnerabilities-in-analog-telephone-adapters/
##Cisco multiple security advisories:
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
##updated 2024-10-16T18:31:53
3 posts
CVE Alert: CVE-2024-20459 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20459/
##CVE Alert: CVE-2024-20459 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20459/
##Cisco multiple security advisories:
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
##updated 2024-10-16T18:31:53
2 posts
1 repos
CVE Alert: CVE-2024-49265 - https://www.redpacketsecurity.com/cve_alert_cve-2024-49265/
##CVE Alert: CVE-2024-49265 - https://www.redpacketsecurity.com/cve_alert_cve-2024-49265/
##updated 2024-10-16T18:31:47
3 posts
1 repos
CVE Alert: CVE-2024-20460 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20460/
##CVE Alert: CVE-2024-20460 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20460/
##Cisco multiple security advisories:
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
##updated 2024-10-16T18:31:46
3 posts
1 repos
CVE Alert: CVE-2024-20280 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20280/
##CVE Alert: CVE-2024-20280 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20280/
##Cisco multiple security advisories:
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
##updated 2024-10-16T18:31:46
3 posts
1 repos
CVE Alert: CVE-2024-20420 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20420/
##CVE Alert: CVE-2024-20420 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20420/
##Cisco multiple security advisories:
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
##updated 2024-10-16T18:31:44
2 posts
1 repos
CVE Alert: CVE-2024-29155 - https://www.redpacketsecurity.com/cve_alert_cve-2024-29155/
##CVE Alert: CVE-2024-29155 - https://www.redpacketsecurity.com/cve_alert_cve-2024-29155/
##updated 2024-10-16T18:31:40
2 posts
CVE Alert: CVE-2024-21258 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21258/
##CVE Alert: CVE-2024-21258 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21258/
##updated 2024-10-16T18:31:40
2 posts
CVE Alert: CVE-2024-21259 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21259/
##CVE Alert: CVE-2024-21259 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21259/
##updated 2024-10-16T18:31:40
2 posts
CVE Alert: CVE-2024-21260 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21260/
##CVE Alert: CVE-2024-21260 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21260/
##updated 2024-10-16T17:10:13.220000
1 posts
GitLab security advisory: GitLab Critical Patch Release: 17.4.2, 17.3.5, 17.2.9
No mention of exploitation
##updated 2024-10-16T16:53:08.487000
1 posts
GitLab security advisory: GitLab Critical Patch Release: 17.4.2, 17.3.5, 17.2.9
No mention of exploitation
##updated 2024-10-16T16:38:14.557000
4 posts
CVE Alert: CVE-2024-9893 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9893/
##CVE Alert: CVE-2024-9893 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9893/
##CVE Alert: CVE-2024-9893 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9893/
##CVE Alert: CVE-2024-9893 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9893/
##updated 2024-10-16T15:32:19
4 posts
1 repos
Updates released for BIG-IP address a high-severity security defect tracked as CVE-2024-45844. Affecting the appliance’s monitor functionality, the bug could allow authenticated attackers to elevate their privileges and make configuration changes. https://www.securityweek.com/f5-big-ip-updates-patch-high-severity-elevation-of-privilege-vulnerability/
##Updates released for BIG-IP address a high-severity security defect tracked as CVE-2024-45844. Affecting the appliance’s monitor functionality, the bug could allow authenticated attackers to elevate their privileges and make configuration changes. https://www.securityweek.com/f5-big-ip-updates-patch-high-severity-elevation-of-privilege-vulnerability/
##New article on F5! A write-up on CVE-2024-45844 a privilege escalation vulnerability in BIG-IP by team member @myst404
https://offsec.almond.consulting/privilege-escalation-f5-CVE-2024-45844.html
F5 multiple security advisories: K000141302: Quarterly Security Notification (October 2024)
No mention of exploitation.
##updated 2024-10-16T15:32:19
1 posts
F5 multiple security advisories: K000141302: Quarterly Security Notification (October 2024)
No mention of exploitation.
##updated 2024-10-16T15:07:36.123000
41 posts
1 repos
SolarWinds, Firefox, Windows Face Active Exploitation: CISA Issues Urgent Warning https://thecyberexpress.com/cisa-adds-3-known-exploited-vulnerabilities/ #knownexploitedvulnerabilities #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202428987 #CVE202430088 #CVE20249680 #CyberNews #CISA
##Tor Browser and Firefox users should update to fix actively exploited vulnerability https://www.malwarebytes.com/blog/news/2024/10/tor-browser-and-firefox-users-should-update-to-fix-actively-exploited-vulnerability #Exploitsandvulnerabilities #cve20249680 #Torbrowser #firefox #News
##Urcite odporucame uzivatelom aktualizovat prehliadac Firefox
https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/
##SolarWinds, Firefox, Windows Face Active Exploitation: CISA Issues Urgent Warning https://thecyberexpress.com/cisa-adds-3-known-exploited-vulnerabilities/ #knownexploitedvulnerabilities #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202428987 #CVE202430088 #CVE20249680 #CyberNews #CISA
##Tor Browser and Firefox users should update to fix actively exploited vulnerability https://www.malwarebytes.com/blog/news/2024/10/tor-browser-and-firefox-users-should-update-to-fix-actively-exploited-vulnerability #Exploitsandvulnerabilities #cve20249680 #Torbrowser #firefox #News
##CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
Hot off the press!
@hrbrmstr your bot missed these? KEV additions happen around 10am
#cisa #cisakev #kev #knownexploitedvulnerabilitiescatalog #vulnerability #cve #eitw #activeexploitation #zeroday #CVE_2024_30088 #CVE_2024_9680 #CVE_2024_28987 #solarwinds #mozilla #firefox #microsoft #windows #kernel
##Tor Project security advisory: New Release: Tails 6.8.1
Reference: CVE-2024-9680 (9.8 critical, disclosed 09 October 2024 by Firefox as an exploited zero-day) Use-after-free in Animation timeline (affects both Firefox and Thunderbird)
@torproject updated their security advisory, correcting their earlier statement that "Mozilla is aware of this attack being used in the wild against Tor Browser users":
#CVE_2024_9680 #Tor #firefox #thunderbird #zeroday #vulnerability #CVE #mozilla #tails
##Mozilla Foundation: Behind the Scenes: Fixing an In-the-Wild Firefox Exploit
h/t: @tomrittervg. Mozilla talks about how they scrambled a team of security, browser, compiler, and platform engineers to ship a fix for the exploited zero-day CVE-2024-9680. This blog post doesn't go into details, but it reveals that ESET alerted them to a Firefox exploit spotted in the wild, and that a fix was shipped in 25 hours. This dates the reporting to 07 October 2024.
The sample ESET sent us contained a full exploit chain that allowed remote code execution on a user's computer.
Note that CVE-2024-9680 isn't exclusive to Firefox. See parent toot above for details on backporting the patch for Thunderbird email client.
#zeroday #vulnerability #CVE_2024_9680 #cve #eitw #activeexploitation #firefox #thunderbird #mozilla
##Mozilla Foundation Security Advisory: 2024-52 Security Vulnerability fixed in Thunderbird 131.0.1, Thunderbird 128.3.1, Thunderbird 115.16.0
Reference: CVE-2024-9680 (9.8 critical, disclosed 09 October 2024 by Firefox as an exploited zero-day) Use-after-free in Animation timeline
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild.
The Mozilla Firefox zero-day is present in the Thunderbird email client as well.
#zeroday #vulnerability #CVE_2024_9680 #cve #eitw #activeexploitation #firefox #thunderbird #mozilla
##CVE Alert: CVE-2024-9680 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9680/
##Mozilla fixes critical Firefox bug exploited in the wild
#CVE_2024_9680
https://therecord.media/mozilla-fixes-critical-firefox-bug-exploited-by-hackers
#TorBrowser users should update their browser immediately as they're also affected by the #CVE_2024_9680 #useafterfree #vulnerability - https://forum.torproject.org/t/new-release-tor-browser-13-5-7/15087
##Mozilla fixes Firefox zero-day actively exploited in attacks
https://www.bleepingcomputer.com/news/security/mozilla-fixes-firefox-zero-day-actively-exploited-in-attacks/
#ycombinator #computers #windows #linux #mac #support #tech_support #spyware #malware #virus #security #Actively_Exploited #CVE_2024_9680 #Firefox #Use_After_Free #Vulnerability #Zero_Day #virus_removal #malware_removal #computer_help #technical_support
Mozilla Firefox exploited zero-day: Security Advisory 2024-51 Security Vulnerability fixed in Firefox 131.0.2, Firefox ESR 128.3.1, Firefox ESR 115.16.1
CVE-2024-9680 (9.8 critical) Use-after-free in Animation timeline
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild.
See related @BleepingComputer reporting: Mozilla fixes Firefox zero-day actively exploited in attacks
The Canadian Centre for Cyber Security (CCCS) has a useless Mozilla security advisory (AV24-576) which doesn't indicate that this is an actively exploited zero-day. What's the point in an advisory when it doesn't provide the biz?
#zeroday #vulnerability #firefox #mozilla #cve #CVE_2024_9680
##CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
Hot off the press!
@hrbrmstr your bot missed these? KEV additions happen around 10am
#cisa #cisakev #kev #knownexploitedvulnerabilitiescatalog #vulnerability #cve #eitw #activeexploitation #zeroday #CVE_2024_30088 #CVE_2024_9680 #CVE_2024_28987 #solarwinds #mozilla #firefox #microsoft #windows #kernel
##Tor Project security advisory: New Release: Tails 6.8.1
Reference: CVE-2024-9680 (9.8 critical, disclosed 09 October 2024 by Firefox as an exploited zero-day) Use-after-free in Animation timeline (affects both Firefox and Thunderbird)
@torproject updated their security advisory, correcting their earlier statement that "Mozilla is aware of this attack being used in the wild against Tor Browser users":
#CVE_2024_9680 #Tor #firefox #thunderbird #zeroday #vulnerability #CVE #mozilla #tails
##Mozilla Foundation: Behind the Scenes: Fixing an In-the-Wild Firefox Exploit
h/t: @tomrittervg. Mozilla talks about how they scrambled a team of security, browser, compiler, and platform engineers to ship a fix for the exploited zero-day CVE-2024-9680. This blog post doesn't go into details, but it reveals that ESET alerted them to a Firefox exploit spotted in the wild, and that a fix was shipped in 25 hours. This dates the reporting to 07 October 2024.
The sample ESET sent us contained a full exploit chain that allowed remote code execution on a user's computer.
Note that CVE-2024-9680 isn't exclusive to Firefox. See parent toot above for details on backporting the patch for Thunderbird email client.
#zeroday #vulnerability #CVE_2024_9680 #cve #eitw #activeexploitation #firefox #thunderbird #mozilla
##Mozilla Foundation Security Advisory: 2024-52 Security Vulnerability fixed in Thunderbird 131.0.1, Thunderbird 128.3.1, Thunderbird 115.16.0
Reference: CVE-2024-9680 (9.8 critical, disclosed 09 October 2024 by Firefox as an exploited zero-day) Use-after-free in Animation timeline
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild.
The Mozilla Firefox zero-day is present in the Thunderbird email client as well.
#zeroday #vulnerability #CVE_2024_9680 #cve #eitw #activeexploitation #firefox #thunderbird #mozilla
##CVE Alert: CVE-2024-9680 - https://www.redpacketsecurity.com/cve_alert_cve-2024-9680/
###TorBrowser users should update their browser immediately as they're also affected by the #CVE_2024_9680 #useafterfree #vulnerability - https://forum.torproject.org/t/new-release-tor-browser-13-5-7/15087
##Mozilla fixes Firefox zero-day actively exploited in attacks
https://www.bleepingcomputer.com/news/security/mozilla-fixes-firefox-zero-day-actively-exploited-in-attacks/
#ycombinator #computers #windows #linux #mac #support #tech_support #spyware #malware #virus #security #Actively_Exploited #CVE_2024_9680 #Firefox #Use_After_Free #Vulnerability #Zero_Day #virus_removal #malware_removal #computer_help #technical_support
Mozilla Firefox exploited zero-day: Security Advisory 2024-51 Security Vulnerability fixed in Firefox 131.0.2, Firefox ESR 128.3.1, Firefox ESR 115.16.1
CVE-2024-9680 (9.8 critical) Use-after-free in Animation timeline
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild.
See related @BleepingComputer reporting: Mozilla fixes Firefox zero-day actively exploited in attacks
The Canadian Centre for Cyber Security (CCCS) has a useless Mozilla security advisory (AV24-576) which doesn't indicate that this is an actively exploited zero-day. What's the point in an advisory when it doesn't provide the biz?
#zeroday #vulnerability #firefox #mozilla #cve #CVE_2024_9680
##SolarWinds, Firefox, Windows Face Active Exploitation: CISA Issues Urgent Warning https://thecyberexpress.com/cisa-adds-3-known-exploited-vulnerabilities/ #knownexploitedvulnerabilities #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202428987 #CVE202430088 #CVE20249680 #CyberNews #CISA
##Tor Browser and Firefox users should update to fix actively exploited vulnerability https://www.malwarebytes.com/blog/news/2024/10/tor-browser-and-firefox-users-should-update-to-fix-actively-exploited-vulnerability #Exploitsandvulnerabilities #cve20249680 #Torbrowser #firefox #News
##Urcite odporucame uzivatelom aktualizovat prehliadac Firefox
https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/
##SolarWinds, Firefox, Windows Face Active Exploitation: CISA Issues Urgent Warning https://thecyberexpress.com/cisa-adds-3-known-exploited-vulnerabilities/ #knownexploitedvulnerabilities #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202428987 #CVE202430088 #CVE20249680 #CyberNews #CISA
##Tor Browser and Firefox users should update to fix actively exploited vulnerability https://www.malwarebytes.com/blog/news/2024/10/tor-browser-and-firefox-users-should-update-to-fix-actively-exploited-vulnerability #Exploitsandvulnerabilities #cve20249680 #Torbrowser #firefox #News
##@gsuberland
#postoftheweek (season 1):
Mozilla has issued an emergency security update for the Firefox browser to address a critical use-after-free vulnerability that is currently exploited in attacks.
The vulnerability, tracked as CVE-2024-9680, and discovered by ESET researcher Damien Schaeffer, is a use-after-free in Animation timelines.
This type of flaw occurs when memory that has been freed is still used by the program, allowing malicious actors to add their own malicious data.
##CVE ID: CVE-2024-9680
Vendor: Mozilla
Product: Firefox
Date Added: 2024-10-15
Vulnerability: Mozilla Firefox Use-After-Free Vulnerability
Notes: https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/ ; https://nvd.nist.gov/vuln/detail/CVE-2024-9680
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-9680
Tracked as CVE-2024-9680, the exploited bug is described as a high-severity use-after-free issue in Firefox’s Animation timeline that could lead to the execution of arbitrary code. https://www.securityweek.com/recent-firefox-zero-day-exploited-against-tor-browser-users/
##⚠️ Mozilla released an emergency update for Firefox due to a critical Web Animations API flaw (CVE-2024-9680) allowing code execution. Users should update to the latest versions immediately https://alternativeto.net/news/2024/10/mozilla-issues-emergency-security-update-for-critical-firefox-vulnerability-cve-2024-9680/
##@j3j5
#postoftheweek (season 1):
Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2024-9680 (CVSS score: 9.8), has been described as a use-after-free bug in the Animation timeline component.
"An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines."
##Can anyone confirm if dom.animations-api.timelines.enabled=false fixes CVE-2024-9680?
###Mozilla fixes #Firefox zero-day actively exploited in attacks
Tracked as CVE-2024-9680. A use-after-free vulnerability in part of Firefox’s Web Animations API, which could give the attacker code execution abilities.
Exploited in the wild, but not a lot of information on how users are targeted.
Mozilla has released a fix - users should update ASAP as upgrading is the best defense here against potential exploitation.
##Time to patch your Firefox https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/#CVE-2024-9680
##Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680) https://www.helpnetsecurity.com/2024/10/10/cve-2024-9680/ #securityupdate #vulnerability #Don'tmiss #Hotstuff #Firefox #News #ESET #CVE #Tor
###Mozilla fixes #Firefox #zeroday actively exploited in attacks
Given the active exploitation status for CVE-2024-9680 and the lack of any information on how people are targeted, upgrading to the latest versions is essential.
https://www.bleepingcomputer.com/news/security/mozilla-fixes-firefox-zero-day-actively-exploited-in-attacks/ #0day
Mozilla said CVE-2024-9680 is a use-after-free issue in Animation timelines – the pane within the Firefox browser's Page Inspector that depicts how a given element's animation progresses. https://www.theregister.com/2024/10/10/firefixed_mozilla_patches_critical_firefox/
##@immae Bien sûr, il s’agit de la CVE-2024-9680, considérée comme critique par Mozilla.
https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/
Bleeping Computer en parle :
https://www.bleepingcomputer.com/news/security/mozilla-fixes-firefox-zero-day-actively-exploited-in-attacks/
Firefox : une faille de sécurité zero-day déjà exploitée a été corrigée en urgence par Mozilla ! https://www.it-connect.fr/mozilla-firefox-zero-day-cve-2024-9680/ #ActuCybersécurité #Cybersécurité #Logiciel-OS #Firefox
##an actively exploited RCE in firefox -- you know the drill https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/#CVE-2024-9680
##updated 2024-10-16T13:05:08.363000
17 posts
1 repos
"The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data."
It is 2024 and this is happening? REALLY???
https://cve.threatint.com/CVE/CVE-2024-28987
#solarwinds #fail #cybersecurity #software #vulnerability #cve_2024_28987
##CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
Hot off the press!
@hrbrmstr your bot missed these? KEV additions happen around 10am
#cisa #cisakev #kev #knownexploitedvulnerabilitiescatalog #vulnerability #cve #eitw #activeexploitation #zeroday #CVE_2024_30088 #CVE_2024_9680 #CVE_2024_28987 #solarwinds #mozilla #firefox #microsoft #windows #kernel
##"The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data."
It is 2024 and this is happening? REALLY???
https://cve.threatint.com/CVE/CVE-2024-28987
#solarwinds #fail #cybersecurity #software #vulnerability #cve_2024_28987
##CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
Hot off the press!
@hrbrmstr your bot missed these? KEV additions happen around 10am
#cisa #cisakev #kev #knownexploitedvulnerabilitiescatalog #vulnerability #cve #eitw #activeexploitation #zeroday #CVE_2024_30088 #CVE_2024_9680 #CVE_2024_28987 #solarwinds #mozilla #firefox #microsoft #windows #kernel
##SolarWinds, Firefox, Windows Face Active Exploitation: CISA Issues Urgent Warning https://thecyberexpress.com/cisa-adds-3-known-exploited-vulnerabilities/ #knownexploitedvulnerabilities #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202428987 #CVE202430088 #CVE20249680 #CyberNews #CISA
##CISA Issues Urgent Advisory on Vulnerabilities Affecting Multiple Products https://cyble.com/blog/cisa-issues-urgent-advisory-on-vulnerabilities-affecting-multiple-products/ #Vulnerability #CVE202428987 #CISA
##SolarWinds, Firefox, Windows Face Active Exploitation: CISA Issues Urgent Warning https://thecyberexpress.com/cisa-adds-3-known-exploited-vulnerabilities/ #knownexploitedvulnerabilities #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202428987 #CVE202430088 #CVE20249680 #CyberNews #CISA
##CISA Issues Urgent Advisory on Vulnerabilities Affecting Multiple Products https://cyble.com/blog/cisa-issues-urgent-advisory-on-vulnerabilities-affecting-multiple-products/ #Vulnerability #CVE202428987 #CISA
##SolarWinds, Firefox, Windows Face Active Exploitation: CISA Issues Urgent Warning https://thecyberexpress.com/cisa-adds-3-known-exploited-vulnerabilities/ #knownexploitedvulnerabilities #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202428987 #CVE202430088 #CVE20249680 #CyberNews #CISA
##CISA Issues Urgent Advisory on Vulnerabilities Affecting Multiple Products https://cyble.com/blog/cisa-issues-urgent-advisory-on-vulnerabilities-affecting-multiple-products/ #Vulnerability #CVE202428987 #CISA
##SolarWinds, Firefox, Windows Face Active Exploitation: CISA Issues Urgent Warning https://thecyberexpress.com/cisa-adds-3-known-exploited-vulnerabilities/ #knownexploitedvulnerabilities #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202428987 #CVE202430088 #CVE20249680 #CyberNews #CISA
##CISA Issues Urgent Advisory on Vulnerabilities Affecting Multiple Products https://cyble.com/blog/cisa-issues-urgent-advisory-on-vulnerabilities-affecting-multiple-products/ #Vulnerability #CVE202428987 #CISA
#### SolarWinds Web Help Desk Flaw Under Active Attack! 🚨
CISA warns of critical vulnerability (CVE-2024-28987) allowing remote code execution, urging immediate patching. #SolarWinds #Cybersecurity #CVE #Vulnerability
https://malware.news/t/solarwinds-web-help-desk-flaw-added-to-cisa-vulnerabilities-catalog/87537
https://www.flagthis.com/?pid=5406
https://go.twuai.com/ping/7426913793390541024 SolarWinds enfrenta una crisis de seguridad tras la identificación de la vulnerabilidad CVE-2024-28987 en su software Web Help Desk (WHD). A pesar de haber lanzado correcciones, las credenciales codificadas en el sistema permiten accesos no autorizados, generando preocupaciones sobre la integridad de datos en sectores críticos.
Detalles Relevantes:
- Descripción de la Vulnerabilidad: - CVE-2024-28987 permite a usuarios no autenticados
##"(...) affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data."
It is 2024 and this is happening? REALLY???
https://cve.threatint.com/CVE/CVE-2024-28987
#cve-2024-28987 #solarwinds #fail #cybersecurity #software #vulnerability
##The flaw, tracked as CVE-2024-28987 (CVSS score of 9.1), is described as a hardcoded credential issue that allows remote, unauthenticated attackers to access internal WHD functionality and modify data. https://www.securityweek.com/organizations-warned-of-exploited-solarwinds-web-help-desk-vulnerability/
##CVE ID: CVE-2024-28987
Vendor: SolarWinds
Product: Web Help Desk
Date Added: 2024-10-15
Vulnerability: SolarWinds Web Help Desk Hardcoded Credential Vulnerability
Notes: https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28987 ; https://nvd.nist.gov/vuln/detail/CVE-2024-28987
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-28987
updated 2024-10-16T09:30:39
1 posts
SolarWinds multiple security advisories: SolarWinds Security Vulnerabilities
No mention of exploitation.
##updated 2024-10-16T09:30:38
2 posts
1 repos
updated 2024-10-16T09:30:38
1 posts
SolarWinds multiple security advisories: SolarWinds Security Vulnerabilities
No mention of exploitation.
##updated 2024-10-16T09:30:38
1 posts
SolarWinds multiple security advisories: SolarWinds Security Vulnerabilities
No mention of exploitation.
##updated 2024-10-16T09:30:38
1 posts
SolarWinds multiple security advisories: SolarWinds Security Vulnerabilities
No mention of exploitation.
##updated 2024-10-16T01:00:01.723000
11 posts
6 repos
https://github.com/Zombie-Kaiser/CVE-2024-30088-Windows-poc
https://github.com/tykawaii98/CVE-2024-30088
https://github.com/Justintroup85/exploits-forsale-collateral-damage
https://github.com/Admin9961/CVE-2024-30088
SolarWinds, Firefox, Windows Face Active Exploitation: CISA Issues Urgent Warning https://thecyberexpress.com/cisa-adds-3-known-exploited-vulnerabilities/ #knownexploitedvulnerabilities #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202428987 #CVE202430088 #CVE20249680 #CyberNews #CISA
##SolarWinds, Firefox, Windows Face Active Exploitation: CISA Issues Urgent Warning https://thecyberexpress.com/cisa-adds-3-known-exploited-vulnerabilities/ #knownexploitedvulnerabilities #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202428987 #CVE202430088 #CVE20249680 #CyberNews #CISA
##CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
Hot off the press!
@hrbrmstr your bot missed these? KEV additions happen around 10am
#cisa #cisakev #kev #knownexploitedvulnerabilitiescatalog #vulnerability #cve #eitw #activeexploitation #zeroday #CVE_2024_30088 #CVE_2024_9680 #CVE_2024_28987 #solarwinds #mozilla #firefox #microsoft #windows #kernel
##Trend Micro: Earth Simnavaz (aka APT34) Levies Advanced Cyberattacks Against UAE and Gulf Regions
Reference: CVE-2024-30088 (7.0 high, disclosed 11 June 2024 by Microsoft) Windows Kernel Elevation of Privilege Vulnerability
APT34, aka OilRig (Trend Micro calls them Earth Simnavaz 🤡) is an Iranian state-sponsored APT that is attributed to the Ministry of Intelligence and Security (MOIS) by Microsoft. They were observed by Trend Micro actively targeting governmental entities in the UAE and the broader Gulf region. They deployed a backdoor that leverages Microsoft Exchange servers for credentials theft, and exploiting vulnerabilities like CVE-2024-30088 for privilege escalation. They use a combination of customized .NET tools, PowerShell scripts, and IIS-based malware for defense evasion and blending in with network traffic. Trend Micro assesses that APT34 is focused on abusing vulnerabilities in key infrastructure of geopolitically sensitive regions. They also seek to establish a persistent foothold in compromised entities, so these can be weaponized to launch attacks on additional targets. Trend Micro describes the attack chain, observations of tools and techniques, exploitation of CVE-2024-30088, abuse of dropped password filter policy, and data exfiltration via legitimate mail traffic. Indicators of compromise provided.
#APT34 #OilRig #earthsimnavaz #cyberespionage #CVE_2024_30088 #microsoft #vulnerability #CVE #eitw #activeexploitation #IOC #threatintel #infosec #cybersecurity #cyberthreatintelligence #CTI
##CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
Hot off the press!
@hrbrmstr your bot missed these? KEV additions happen around 10am
#cisa #cisakev #kev #knownexploitedvulnerabilitiescatalog #vulnerability #cve #eitw #activeexploitation #zeroday #CVE_2024_30088 #CVE_2024_9680 #CVE_2024_28987 #solarwinds #mozilla #firefox #microsoft #windows #kernel
##Trend Micro: Earth Simnavaz (aka APT34) Levies Advanced Cyberattacks Against UAE and Gulf Regions
Reference: CVE-2024-30088 (7.0 high, disclosed 11 June 2024 by Microsoft) Windows Kernel Elevation of Privilege Vulnerability
APT34, aka OilRig (Trend Micro calls them Earth Simnavaz 🤡) is an Iranian state-sponsored APT that is attributed to the Ministry of Intelligence and Security (MOIS) by Microsoft. They were observed by Trend Micro actively targeting governmental entities in the UAE and the broader Gulf region. They deployed a backdoor that leverages Microsoft Exchange servers for credentials theft, and exploiting vulnerabilities like CVE-2024-30088 for privilege escalation. They use a combination of customized .NET tools, PowerShell scripts, and IIS-based malware for defense evasion and blending in with network traffic. Trend Micro assesses that APT34 is focused on abusing vulnerabilities in key infrastructure of geopolitically sensitive regions. They also seek to establish a persistent foothold in compromised entities, so these can be weaponized to launch attacks on additional targets. Trend Micro describes the attack chain, observations of tools and techniques, exploitation of CVE-2024-30088, abuse of dropped password filter policy, and data exfiltration via legitimate mail traffic. Indicators of compromise provided.
#APT34 #OilRig #earthsimnavaz #cyberespionage #CVE_2024_30088 #microsoft #vulnerability #CVE #eitw #activeexploitation #IOC #threatintel #infosec #cybersecurity #cyberthreatintelligence #CTI
##SolarWinds, Firefox, Windows Face Active Exploitation: CISA Issues Urgent Warning https://thecyberexpress.com/cisa-adds-3-known-exploited-vulnerabilities/ #knownexploitedvulnerabilities #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202428987 #CVE202430088 #CVE20249680 #CyberNews #CISA
##SolarWinds, Firefox, Windows Face Active Exploitation: CISA Issues Urgent Warning https://thecyberexpress.com/cisa-adds-3-known-exploited-vulnerabilities/ #knownexploitedvulnerabilities #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202428987 #CVE202430088 #CVE20249680 #CyberNews #CISA
##CVE ID: CVE-2024-30088
Vendor: Microsoft
Product: Windows
Date Added: 2024-10-15
Vulnerability: Microsoft Windows Kernel TOCTOU Race Condition Vulnerability
Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-30088 ; https://nvd.nist.gov/vuln/detail/CVE-2024-30088
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-30088
In these attacks, spotted by Trend Micro researchers, OilRig deployed a novel backdoor, targeting Microsoft Exchange servers to steal credentials, and also exploited the Windows CVE-2024-30088 flaw to elevate their privileges on compromised devices. https://www.bleepingcomputer.com/news/security/oilrig-hackers-now-exploit-windows-flaw-to-elevate-privileges/
##OilRig sfrutta una falla nel kernel di Windows in una campagna di spionaggio che prende di mira gli Emirati Arabi Uniti e il Golfo
"Il gruppo utilizza tattiche sofisticate che includono l'implementazione di una backdoor che sfrutta i server Microsoft Exchange per il furto di credenziali e lo sfruttamento di vulnerabilità come CVE-2024-30088 per l'escalation dei privilegi"
@informatica
https://thehackernews.com/2024/10/oilrig-exploits-windows-kernel-flaw-in.html
updated 2024-10-16T00:31:04
3 posts
CVE Alert: CVE-2024-38204 - https://www.redpacketsecurity.com/cve_alert_cve-2024-38204/
##CVE Alert: CVE-2024-38204 - https://www.redpacketsecurity.com/cve_alert_cve-2024-38204/
##wake up babe, new after-hours Microsoft Security Response Center (MSRC) advisories:
The vulnerability documented by this CVE requires no customer action to resolve
Forget understanding the vulnerabilities, I'm trying to figure out what these products are in the first place. Not exploited or publicly disclosed, and a weird mixture of Exploitability assessments to include a blank.
#microsoft #vulnerability #CVE #PowerPlatform #Dataverse #ImagineCup
##updated 2024-10-16T00:31:03
3 posts
CVE Alert: CVE-2024-38139 - https://www.redpacketsecurity.com/cve_alert_cve-2024-38139/
##CVE Alert: CVE-2024-38139 - https://www.redpacketsecurity.com/cve_alert_cve-2024-38139/
##wake up babe, new after-hours Microsoft Security Response Center (MSRC) advisories:
The vulnerability documented by this CVE requires no customer action to resolve
Forget understanding the vulnerabilities, I'm trying to figure out what these products are in the first place. Not exploited or publicly disclosed, and a weird mixture of Exploitability assessments to include a blank.
#microsoft #vulnerability #CVE #PowerPlatform #Dataverse #ImagineCup
##updated 2024-10-16T00:31:03
3 posts
CVE Alert: CVE-2024-38190 - https://www.redpacketsecurity.com/cve_alert_cve-2024-38190/
##CVE Alert: CVE-2024-38190 - https://www.redpacketsecurity.com/cve_alert_cve-2024-38190/
##wake up babe, new after-hours Microsoft Security Response Center (MSRC) advisories:
The vulnerability documented by this CVE requires no customer action to resolve
Forget understanding the vulnerabilities, I'm trying to figure out what these products are in the first place. Not exploited or publicly disclosed, and a weird mixture of Exploitability assessments to include a blank.
#microsoft #vulnerability #CVE #PowerPlatform #Dataverse #ImagineCup
##updated 2024-10-16T00:31:03
2 posts
CVE Alert: CVE-2024-45085 - https://www.redpacketsecurity.com/cve_alert_cve-2024-45085/
##CVE Alert: CVE-2024-45085 - https://www.redpacketsecurity.com/cve_alert_cve-2024-45085/
##updated 2024-10-16T00:30:58
2 posts
CVE Alert: CVE-2024-21265 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21265/
##CVE Alert: CVE-2024-21265 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21265/
##updated 2024-10-16T00:30:58
2 posts
CVE Alert: CVE-2024-21266 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21266/
##CVE Alert: CVE-2024-21266 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21266/
##updated 2024-10-15T21:31:40
2 posts
1 repos
updated 2024-10-15T21:30:47
2 posts
CVE Alert: CVE-2024-31955 - https://www.redpacketsecurity.com/cve_alert_cve-2024-31955/
##CVE Alert: CVE-2024-31955 - https://www.redpacketsecurity.com/cve_alert_cve-2024-31955/
##updated 2024-10-15T21:30:46
2 posts
CVE Alert: CVE-2024-21255 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21255/
##CVE Alert: CVE-2024-21255 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21255/
##updated 2024-10-15T21:30:46
2 posts
CVE Alert: CVE-2024-21257 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21257/
##CVE Alert: CVE-2024-21257 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21257/
##updated 2024-10-15T21:30:46
2 posts
CVE Alert: CVE-2024-21251 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21251/
##CVE Alert: CVE-2024-21251 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21251/
##updated 2024-10-15T21:30:46
2 posts
CVE Alert: CVE-2024-21261 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21261/
##CVE Alert: CVE-2024-21261 - https://www.redpacketsecurity.com/cve_alert_cve-2024-21261/
##updated 2024-10-15T19:56:07
1 posts
I'm finally allowed to speak about this nice little DoS vulnerability I found in #starlette (and #FastAPI).
#CVE https://www.cve.org/CVERecord?id=CVE-2024-47874
#GHSA https://github.com/encode/starlette/security/advisories/GHSA-f96h-pmfr-66vw
updated 2024-10-15T19:56:06
1 posts
Security disclosure for #matrix-js-sdk (#CVE-2024-47080) and matrix-react-sdk (CVE-2024-47824)
https://matrix.org/blog/2024/10/security-disclosure-matrix-js-sdk-and-matrix-react-sdk/
##updated 2024-10-15T18:30:50
1 posts
Happy #PatchTuesday on a Wednesday from Palo Alto Networks (includes a zero-day)
Palo Alto Networks is not aware of any malicious exploitation of these issues.
##updated 2024-10-15T18:30:49
1 posts
Happy #PatchTuesday on a Wednesday from Palo Alto Networks (includes a zero-day)
Palo Alto Networks is not aware of any malicious exploitation of these issues.
##updated 2024-10-15T17:35:04.623000
4 posts
1 repos
🚨CVE-2024-42640: Unauthenticated Remote Code Execution via Angular-Base64-Upload Library
##🚨CVE-2024-42640: Unauthenticated Remote Code Execution via Angular-Base64-Upload Library
##Angular-base64-update Demo Script Exploited (CVE-2024-42640) https://isc.sans.edu/diary/31354
##🚨CVE-2024-42640 PoC: Unauthenticated Remote Code Execution via Angular-Base64-Upload Library
##updated 2024-10-15T15:30:46
1 posts
Palo Alto Networks security advisory: PAN-SA-2024-0010 Expedition: Multiple Vulnerabilities Lead to Firewall Admin Account Takeover
See parent toot above for Horizon3 vulnerability details.
Palo Alto Networks is not aware of any malicious exploitation of these issues.
##updated 2024-10-15T15:30:45
3 posts
I love it when companies put their name in the PoC, it makes it so much easier to track down what I'm seeing when it gets sprayed out on the internet. Thanks watchTowr!
(This is Palo Alto Expedition - CVE-2024-9463)
##I love it when companies put their name in the PoC, it makes it so much easier to track down what I'm seeing when it gets sprayed out on the internet. Thanks watchTowr!
(This is Palo Alto Expedition - CVE-2024-9463)
##Palo Alto Networks security advisory: PAN-SA-2024-0010 Expedition: Multiple Vulnerabilities Lead to Firewall Admin Account Takeover
See parent toot above for Horizon3 vulnerability details.
Palo Alto Networks is not aware of any malicious exploitation of these issues.
##updated 2024-10-15T14:56:24.687000
2 posts
Progress Telerik security advisories:
discovered by @codewhitesec
##Using Telerik Reporting or Report Server? Patch now to fix 3 RCEs @mwulftange found (CVE-2024-8015, CVE-2024-8014, CVE-2024-8048). Telerik vulns have a history of being exploited by threat actors according to #CISA Details at https://code-white.com/public-vulnerability-list/
##updated 2024-10-15T14:54:09.580000
2 posts
Progress Telerik security advisories:
discovered by @codewhitesec
##Using Telerik Reporting or Report Server? Patch now to fix 3 RCEs @mwulftange found (CVE-2024-8015, CVE-2024-8014, CVE-2024-8048). Telerik vulns have a history of being exploited by threat actors according to #CISA Details at https://code-white.com/public-vulnerability-list/
##updated 2024-10-15T12:58:51.050000
1 posts
SonicWall security advisory: SonicWall SSL-VPN SMA1000 and Connect Tunnel Windows Client Affected By Multiple Vulnerabilities
There is no evidence that these vulnerabilities are being exploited in the wild and SonicWall SSL VPN SMA 100 series products are not affected by these vulnerabilities. Affected products are SMA1000 Connect Tunnel Windows (32 and 64-bit) Client 12.4.3.271 and earlier versions, SMA1000 Appliance firmware 12.4.3-02676 and earlier versions (Note: This vulnerability does not affect Connect Tunnel Linux and Mac client versions.) Vulnerabilities are patched in SMA1000 Connect Tunnel Windows (32 and 64-bit) Client 12.4.3.281 version and higher, along with SMA1000 Platform Hotfix - 12.4.3-02758. SonicWall strongly advises SSLVPN SMA 1000 series product and Connect Tunnel client users to upgrade to the mentioned fixed-release version.
##updated 2024-10-14T18:30:37
1 posts
Splunk Quarterly Update: Oh lord I forgot that Splunk does this.
No mention of exploitation, I haven't checked the third party package CVEs individually though.
##updated 2024-10-14T18:30:37
1 posts
Splunk Quarterly Update: Oh lord I forgot that Splunk does this.
No mention of exploitation, I haven't checked the third party package CVEs individually though.
##updated 2024-10-14T18:30:37
1 posts
Splunk Quarterly Update: Oh lord I forgot that Splunk does this.
No mention of exploitation, I haven't checked the third party package CVEs individually though.
##updated 2024-10-14T18:30:37
1 posts
Splunk Quarterly Update: Oh lord I forgot that Splunk does this.
No mention of exploitation, I haven't checked the third party package CVEs individually though.
##updated 2024-10-14T18:30:32
1 posts
Splunk Quarterly Update: Oh lord I forgot that Splunk does this.
No mention of exploitation, I haven't checked the third party package CVEs individually though.
##updated 2024-10-14T18:30:32
1 posts
Splunk Quarterly Update: Oh lord I forgot that Splunk does this.
No mention of exploitation, I haven't checked the third party package CVEs individually though.
##updated 2024-10-14T18:30:32
1 posts
Splunk Quarterly Update: Oh lord I forgot that Splunk does this.
No mention of exploitation, I haven't checked the third party package CVEs individually though.
##updated 2024-10-14T18:30:31
1 posts
Splunk Quarterly Update: Oh lord I forgot that Splunk does this.
No mention of exploitation, I haven't checked the third party package CVEs individually though.
##updated 2024-10-14T15:30:54
1 posts
Mozilla Foundation security advisory: 2024-53: Security Vulnerability fixed in Firefox 131.0.3
Alright this is my day off so don't expect me to try hard. After the exploited zero-day in Firefox last week, this unexpected Firefox advisory this week contains a single vulnerability: CVE-2024-9936 (high severity) Undefined behavior in selection node cache. No mention of exploitation.
updated 2024-10-12T03:30:47
2 posts
1 repos
updated 2024-10-12T00:31:53
1 posts
SonicWall security advisory: SonicWall SSL-VPN SMA1000 and Connect Tunnel Windows Client Affected By Multiple Vulnerabilities
There is no evidence that these vulnerabilities are being exploited in the wild and SonicWall SSL VPN SMA 100 series products are not affected by these vulnerabilities. Affected products are SMA1000 Connect Tunnel Windows (32 and 64-bit) Client 12.4.3.271 and earlier versions, SMA1000 Appliance firmware 12.4.3-02676 and earlier versions (Note: This vulnerability does not affect Connect Tunnel Linux and Mac client versions.) Vulnerabilities are patched in SMA1000 Connect Tunnel Windows (32 and 64-bit) Client 12.4.3.281 version and higher, along with SMA1000 Platform Hotfix - 12.4.3-02758. SonicWall strongly advises SSLVPN SMA 1000 series product and Connect Tunnel client users to upgrade to the mentioned fixed-release version.
##updated 2024-10-11T15:30:45
2 posts
1 repos
updated 2024-10-11T15:30:44
2 posts
1 repos
updated 2024-10-11T15:30:44
2 posts
cve-2024-9164 - Missing Authentication for Critical Function in GitLab
##GitLab security advisory: GitLab Critical Patch Release: 17.4.2, 17.3.5, 17.2.9
No mention of exploitation
##updated 2024-10-11T15:30:44
1 posts
SonicWall security advisory: SonicWall SSL-VPN SMA1000 and Connect Tunnel Windows Client Affected By Multiple Vulnerabilities
There is no evidence that these vulnerabilities are being exploited in the wild and SonicWall SSL VPN SMA 100 series products are not affected by these vulnerabilities. Affected products are SMA1000 Connect Tunnel Windows (32 and 64-bit) Client 12.4.3.271 and earlier versions, SMA1000 Appliance firmware 12.4.3-02676 and earlier versions (Note: This vulnerability does not affect Connect Tunnel Linux and Mac client versions.) Vulnerabilities are patched in SMA1000 Connect Tunnel Windows (32 and 64-bit) Client 12.4.3.281 version and higher, along with SMA1000 Platform Hotfix - 12.4.3-02758. SonicWall strongly advises SSLVPN SMA 1000 series product and Connect Tunnel client users to upgrade to the mentioned fixed-release version.
##updated 2024-10-11T15:30:44
1 posts
GitLab security advisory: GitLab Critical Patch Release: 17.4.2, 17.3.5, 17.2.9
No mention of exploitation
##updated 2024-10-11T15:30:44
1 posts
GitLab security advisory: GitLab Critical Patch Release: 17.4.2, 17.3.5, 17.2.9
No mention of exploitation
##updated 2024-10-11T02:30:30
1 posts
CVE-2024-9312: Ubuntu Authd Flaw Allows User ID Spoofing https://securityonline.info/cve-2024-9312-ubuntu-authd-flaw-allows-user-id-spoofing/
##updated 2024-10-11T00:31:40
1 posts
The vulnerability, tracked as CVE-2024-9487, carries a CVS score of 9.5 out of a maximum of 10.0 https://thehackernews.com/2024/10/github-patches-critical-flaw-in.html
##updated 2024-10-10T18:32:16
7 posts
Fortinet: Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA
Fortinet describes their incident response for clients who had their Ivanti Cloud Services Appliance (CSA) devices exploited using zero-days CVE-2024-8190, and CVE-2024-8963 (and one other unspecified command injection vulnerability). See the references below for info on those vulnerabilities. This is extremely interesting, as the threat actor, who was still active in the customer's network, actually patched the CVE-2024-8190 vulnerability, which Fortinet assesses was to prevent anyone else from interfering with their attack operations. Indicators of compromise listed.
Okay so what concerns me about this article is that Fortinet doesn't specifically identify the "A publicly unknown command injection vulnerability affecting the resource reports.php." This is very likely CVE-2024-9380 Ivanti CSA OS Command Injection Vulnerability, due to the Threat Signal Report that Fortinet links to in this article. Also missing is CVE-2024-9379 Ivanti CSA SQL Injection and CVE-2024-9381 Ivanti CSA path traversal.
References:
#threatintel #zeroday #ivanti #vulnerability #infosec #cybersecurity #cyberthreatintelligence #CTI #IOC #cyberespionage #ivanticsa #cloudservicesappliance #eitw #activeexploitation #CVE_2024_8190 #CVE_2024_8963 #CVE_2024_29824
##In vulnerability-lookup, we’ve introduced bundles to group multiple vulnerabilities together, making it especially useful for managing Ivanti-related issues.
"An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution."
##@flagthis check the security advisory again: only two are being exploited https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381?language=en_US
Ivanti updated their pages to say only CVE-2024-9379 and CVE-2024-9380 https://www.ivanti.com/blog/october-2024-security-update
##Ivanti Security Advisory: Ivanti CSA (Cloud Services Application) (CVE-2024-9379, CVE-2024-9380, CVE-2024-9381)
Very sneaky of Ivanti to quietly update the security advisory without a changelog: They removed CVE-2024-9381 (CVSSv3: 7.2 high) Path traversal in Ivanti CSA before version 5.0.2 from the exploitation announcement:
We have observed limited exploitation of CSA 4.6 when CVE-2024-9379 or CVE-2024-9380 are chained with CVE-2024-8963, present in CSA 4.6 patch 518 and below, it could lead to unauthenticated remote code execution. We have not observed these vulnerabilities being exploited in CSA 5.0.
See parent toot above for the original wording. cc: @cR0w @reverseics
#ivanti #patchtuesday #zeroday #vulnerability #cve #activeexploitation #ivanticsa #cloudservicesappliance #eitw
##CVE ID: CVE-2024-9379
Vendor: Ivanti
Product: Cloud Services Appliance (CSA)
Date Added: 2024-10-09
Vulnerability: Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability
Notes: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381 ; https://nvd.nist.gov/vuln/detail/CVE-2024-9379
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-9379
CVE ID: CVE-2024-9380
Vendor: Ivanti
Product: Cloud Services Appliance (CSA)
Date Added: 2024-10-09
Vulnerability: Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability
Notes: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381 ; https://nvd.nist.gov/vuln/detail/CVE-2024-9380
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-9380
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
Hot off the press! CISA only adds two of the Ivanti exploited zero-day vulnerabilities, and a Fortinet vulnerability to the KEV Catalog:
#cisa #cisakev #kev #knownexploitedvulnerabilitiescatalog #vulnerability #cve #eitw #activeexploitation #zeroday
##updated 2024-10-10T12:31:19
1 posts
GitLab security advisory: GitLab Critical Patch Release: 17.4.2, 17.3.5, 17.2.9
No mention of exploitation
##updated 2024-10-10T12:31:19
1 posts
GitLab security advisory: GitLab Critical Patch Release: 17.4.2, 17.3.5, 17.2.9
No mention of exploitation
##updated 2024-10-10T00:32:08
1 posts
3 repos
https://github.com/Chocapikk/CVE-2024-45519
CVE-2024-45519 - Zimbra unauthenticated RCE https://github.com/Chocapikk/CVE-2024-45519
##updated 2024-10-09T21:31:14
1 posts
VMware multiple security advisories:
No mention of exploitation.
##updated 2024-10-09T21:31:14
1 posts
VMware multiple security advisories:
No mention of exploitation.
##updated 2024-10-09T21:31:14
1 posts
VMware multiple security advisories:
No mention of exploitation.
##updated 2024-10-09T18:31:50
1 posts
Happy #PatchTuesday on a Wednesday from Palo Alto Networks (includes a zero-day)
Palo Alto Networks is not aware of any malicious exploitation of these issues.
##updated 2024-10-09T18:31:50
1 posts
Happy #PatchTuesday on a Wednesday from Palo Alto Networks (includes a zero-day)
Palo Alto Networks is not aware of any malicious exploitation of these issues.
##updated 2024-10-09T15:32:28
2 posts
Progress Telerik security advisories:
discovered by @codewhitesec
##Using Telerik Reporting or Report Server? Patch now to fix 3 RCEs @mwulftange found (CVE-2024-8015, CVE-2024-8014, CVE-2024-8048). Telerik vulns have a history of being exploited by threat actors according to #CISA Details at https://code-white.com/public-vulnerability-list/
##updated 2024-10-09T14:39:06.540000
4 posts
Hackers targeted #Android users by exploiting zero-day bug in #Qualcomm chips
Zero-day vulnerability (CVE-2024-43047), a use after free in Qualcomm chips under limited, targeted exploitation in the wild. (No info on threat actor, but my guess is nation-state activity.)
While Qualcomm has released a fix for this vulnerability as of September 2024, Android OEMs still have to incorporate it and then roll out updates to users.
https://techcrunch.com/2024/10/09/hackers-were-targeting-android-users-with-qualcomm-zero-day/
##Android 0Day : ODay en los chipsets de Qualcomm 🆘
Qualcomm anunció el descubrimiento de una vulnerabilidad de día cero en varios de sus conjuntos de chips, que se utilizó para ataques dirigidos a usuarios de dispositivos Android. La vulnerabilidad afecta a 64 conjuntos de chips, incluidos modelos de gama alta como Snapdragon 8 Gen 1, Snapdragon 888+, así como módems y módulos FastConnect.
🖥 Esta vulnerabilidad fue identificada por investigadores de Google Project Zero y confirmada por Google TAG y el Laboratorio de Seguridad de Amnistía Internacional. Se sabe preliminarmente que los ataques estaban dirigidos a ☠️ usuarios individuales y no estaban generalizados. Los informes indican que la vulnerabilidad puede haber sido objeto de una explotación limitada y selectiva.
Por el momento, no hay información detallada sobre quién estuvo detrás de los ataques y quiénes fueron exactamente los afectados.
🥷 CVE-2024-43047 se describe como un problema grave de uso después de la liberación de memoria en el servicio DSP y fue revelado por el investigador Seth Jenkins de Google Project Zero. El error podría provocar daños en la memoria si lo explotan con éxito atacantes locales con pocos privilegios.
La vulnerabilidad de día cero, oficialmente designada CVE-2024-43047, "puede estar sujeta a una explotación dirigida limitada".
- afirma Qualcomm, refiriéndose a Google TAG.
Según Qualcomm, la compañía ya desarrolló y distribuyó un parche a los fabricantes de dispositivos (OEM) para eliminar la vulnerabilidad, pero su integración llevará algún tiempo. Entre los fabricantes cuyos dispositivos pueden ser susceptibles a esta amenaza se encuentran Samsung, Motorola, Oppo, Xiaomi, ZTE y OnePlus.
La lista de chipsets vulnerables incluye tanto modelos emblemáticos como soluciones de gama media como Snapdragon 660 y Snapdragon 680, así como módems 5G, como el Snapdragon X55 5G, que se utiliza en algunos modelos de iPhone 12 por el momento. No hay información exacta sobre si los dispositivos basados en iOS fueron atacados.
😷 Millones de usuarios de Android en todo el mundo siguen siendo vulnerables hasta que los fabricantes publiquen actualizaciones para sus dispositivos.
##OEMs Are Urged to Address Vulnerabilities in Device Communication
Qualcomm's 2024 Security Bulletin reveals critical vulnerabilities, including CVE-2024-43047, linked to the FASTRPC driver, urging OEMs to...
🔗️ [Cyble] https://link.is.it/wevr0r
##That vulnerability, CVE-2024-43047, carries a CVSS 7.8-out-of-10 severity rating, and was notably reported by both Google's Project Zero team and Amnesty International's code testers. https://www.theregister.com/2024/10/08/qualcomm_patch_spyware/
##updated 2024-10-08T18:33:29
1 posts
Visual Studio Code for Linux Remote Code Execution Vulnerability CVE-2024-43601 https://github.com/microsoft/vscode/security/advisories/GHSA-g56j-w527-8x6f
##updated 2024-10-08T18:33:24
6 posts
Fortinet: Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA
Fortinet describes their incident response for clients who had their Ivanti Cloud Services Appliance (CSA) devices exploited using zero-days CVE-2024-8190, and CVE-2024-8963 (and one other unspecified command injection vulnerability). See the references below for info on those vulnerabilities. This is extremely interesting, as the threat actor, who was still active in the customer's network, actually patched the CVE-2024-8190 vulnerability, which Fortinet assesses was to prevent anyone else from interfering with their attack operations. Indicators of compromise listed.
Okay so what concerns me about this article is that Fortinet doesn't specifically identify the "A publicly unknown command injection vulnerability affecting the resource reports.php." This is very likely CVE-2024-9380 Ivanti CSA OS Command Injection Vulnerability, due to the Threat Signal Report that Fortinet links to in this article. Also missing is CVE-2024-9379 Ivanti CSA SQL Injection and CVE-2024-9381 Ivanti CSA path traversal.
References:
#threatintel #zeroday #ivanti #vulnerability #infosec #cybersecurity #cyberthreatintelligence #CTI #IOC #cyberespionage #ivanticsa #cloudservicesappliance #eitw #activeexploitation #CVE_2024_8190 #CVE_2024_8963 #CVE_2024_29824
##@flagthis check the security advisory again: only two are being exploited https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381?language=en_US
Ivanti updated their pages to say only CVE-2024-9379 and CVE-2024-9380 https://www.ivanti.com/blog/october-2024-security-update
##Ivanti Security Advisory: Ivanti CSA (Cloud Services Application) (CVE-2024-9379, CVE-2024-9380, CVE-2024-9381)
Very sneaky of Ivanti to quietly update the security advisory without a changelog: They removed CVE-2024-9381 (CVSSv3: 7.2 high) Path traversal in Ivanti CSA before version 5.0.2 from the exploitation announcement:
We have observed limited exploitation of CSA 4.6 when CVE-2024-9379 or CVE-2024-9380 are chained with CVE-2024-8963, present in CSA 4.6 patch 518 and below, it could lead to unauthenticated remote code execution. We have not observed these vulnerabilities being exploited in CSA 5.0.
See parent toot above for the original wording. cc: @cR0w @reverseics
#ivanti #patchtuesday #zeroday #vulnerability #cve #activeexploitation #ivanticsa #cloudservicesappliance #eitw
##CVE ID: CVE-2024-9379
Vendor: Ivanti
Product: Cloud Services Appliance (CSA)
Date Added: 2024-10-09
Vulnerability: Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability
Notes: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381 ; https://nvd.nist.gov/vuln/detail/CVE-2024-9379
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-9379
CVE ID: CVE-2024-9380
Vendor: Ivanti
Product: Cloud Services Appliance (CSA)
Date Added: 2024-10-09
Vulnerability: Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability
Notes: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381 ; https://nvd.nist.gov/vuln/detail/CVE-2024-9380
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-9380
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
Hot off the press! CISA only adds two of the Ivanti exploited zero-day vulnerabilities, and a Fortinet vulnerability to the KEV Catalog:
#cisa #cisakev #kev #knownexploitedvulnerabilitiescatalog #vulnerability #cve #eitw #activeexploitation #zeroday
##updated 2024-10-08T18:33:24
2 posts
@froge oh its definetelly one or several of the PixieFail vulns. MSRC send notice out of the blue that they would credit us for CVE-2024-20659 but they did not say what it fixes.
The CVE they assigned is not one of 9 originally assigned to PixieFaul bugs 🤷♂️
https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
This reads like RCE from the local broadcast domain to me but I am not in the MSRC hive mind so no idea why they call it "security feature bypass"
Perhaps UEFI is considered a security feature that can be bypassed?
🤔
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20659
updated 2024-10-08T18:33:23
7 posts
CVE-2024-9381 – Ivanti CSA Security Vulnerability – October 2024 – Source: securityboulevard.com https://ciso2ciso.com/cve-2024-9381-ivanti-csa-security-vulnerability-october-2024-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #CyberSecurityNews #SecurityBoulevard #SecurityResearch #Cybersecurity #Vulnerability #CVE
##CVE-2024-9381 – Ivanti CSA Security Vulnerability – October 2024 – Source: securityboulevard.com https://ciso2ciso.com/cve-2024-9381-ivanti-csa-security-vulnerability-october-2024-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #CyberSecurityNews #SecurityBoulevard #SecurityResearch #Cybersecurity #Vulnerability #CVE
##Fortinet: Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA
Fortinet describes their incident response for clients who had their Ivanti Cloud Services Appliance (CSA) devices exploited using zero-days CVE-2024-8190, and CVE-2024-8963 (and one other unspecified command injection vulnerability). See the references below for info on those vulnerabilities. This is extremely interesting, as the threat actor, who was still active in the customer's network, actually patched the CVE-2024-8190 vulnerability, which Fortinet assesses was to prevent anyone else from interfering with their attack operations. Indicators of compromise listed.
Okay so what concerns me about this article is that Fortinet doesn't specifically identify the "A publicly unknown command injection vulnerability affecting the resource reports.php." This is very likely CVE-2024-9380 Ivanti CSA OS Command Injection Vulnerability, due to the Threat Signal Report that Fortinet links to in this article. Also missing is CVE-2024-9379 Ivanti CSA SQL Injection and CVE-2024-9381 Ivanti CSA path traversal.
References:
#threatintel #zeroday #ivanti #vulnerability #infosec #cybersecurity #cyberthreatintelligence #CTI #IOC #cyberespionage #ivanticsa #cloudservicesappliance #eitw #activeexploitation #CVE_2024_8190 #CVE_2024_8963 #CVE_2024_29824
##@flagthis check the security advisory again: only two are being exploited https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381?language=en_US
Ivanti updated their pages to say only CVE-2024-9379 and CVE-2024-9380 https://www.ivanti.com/blog/october-2024-security-update
##Ivanti Security Advisory: Ivanti CSA (Cloud Services Application) (CVE-2024-9379, CVE-2024-9380, CVE-2024-9381)
Very sneaky of Ivanti to quietly update the security advisory without a changelog: They removed CVE-2024-9381 (CVSSv3: 7.2 high) Path traversal in Ivanti CSA before version 5.0.2 from the exploitation announcement:
We have observed limited exploitation of CSA 4.6 when CVE-2024-9379 or CVE-2024-9380 are chained with CVE-2024-8963, present in CSA 4.6 patch 518 and below, it could lead to unauthenticated remote code execution. We have not observed these vulnerabilities being exploited in CSA 5.0.
See parent toot above for the original wording. cc: @cR0w @reverseics
#ivanti #patchtuesday #zeroday #vulnerability #cve #activeexploitation #ivanticsa #cloudservicesappliance #eitw
##CVE ID: CVE-2024-9379
Vendor: Ivanti
Product: Cloud Services Appliance (CSA)
Date Added: 2024-10-09
Vulnerability: Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability
Notes: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381 ; https://nvd.nist.gov/vuln/detail/CVE-2024-9379
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-9379
CVE ID: CVE-2024-9380
Vendor: Ivanti
Product: Cloud Services Appliance (CSA)
Date Added: 2024-10-09
Vulnerability: Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability
Notes: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381 ; https://nvd.nist.gov/vuln/detail/CVE-2024-9380
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-9380
updated 2024-10-04T13:50:43.727000
1 posts
2 repos
VulnCheck: Following the Trail of Flax Typhoon to Uncover Newly Discovered Vulnerabilities in Linear Emerge Access Control Devices
References:
VulnCheck warns that Linear eMerge E3 has an unpatched OS command injection vulnerability in Linear eMerge E3-Series devices and multiple people are creating proofs of concept for it. CVE-2019-7256, which is a similar vulnerability on the same model device, was reported by FBI (PDF) to be exploited by Flax Typhoon's botnet. Flax Typhoon, a PRC state-sponsored APT, is publicly attributed to the Chinese company Integrity Tech by the U.S. Government. It is likely that Flax Typhoon would incorporate proof of concept exploit code for an unpatched vulnerability to their arsenal.
#linear #emerge #vulnerability #flaxtyphoon #china #cyberespionage #proofofconcept #cve
##updated 2024-10-03T21:32:08
1 posts
1 repos
Hacking Windows through iTunes - Local Privilege Escalation 0-day https://github.com/mbog14/CVE-2024-44193
##updated 2024-10-02T15:31:39
4 posts
Broadcom patched this yesterday, if you missed it:
#VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities CVE-2024-38812 and CVE-2024-38813, both critical https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968
More: https://thehackernews.com/2024/10/vmware-releases-vcenter-server-update.html @thehackernews #cybersecurity #Infosec
##VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) https://www.helpnetsecurity.com/2024/10/22/cve-2024-38812-cve-2024-38813-fixed-again/ #securityupdate #virtualization #vulnerability #Don'tmiss #Hotstuff #Broadcom #VMware #News #CVE
##Broadcom patched this yesterday, if you missed it:
#VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities CVE-2024-38812 and CVE-2024-38813, both critical https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968
More: https://thehackernews.com/2024/10/vmware-releases-vcenter-server-update.html @thehackernews #cybersecurity #Infosec
##VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) https://www.helpnetsecurity.com/2024/10/22/cve-2024-38812-cve-2024-38813-fixed-again/ #securityupdate #virtualization #vulnerability #Don'tmiss #Hotstuff #Broadcom #VMware #News #CVE
##updated 2024-10-02T15:30:37
15 posts
VMware fixes bad patch for critical vCenter Server RCE flaw
VMware has released another security update for CVE-2024-38812, a critical VMware vCenter Server remote code execution vulnerability that was not...
🔗️ [Bleepingcomputer] https://link.is.it/bzq846
##Broadcom patched this yesterday, if you missed it:
#VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities CVE-2024-38812 and CVE-2024-38813, both critical https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968
More: https://thehackernews.com/2024/10/vmware-releases-vcenter-server-update.html @thehackernews #cybersecurity #Infosec
##VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) https://www.helpnetsecurity.com/2024/10/22/cve-2024-38812-cve-2024-38813-fixed-again/ #securityupdate #virtualization #vulnerability #Don'tmiss #Hotstuff #Broadcom #VMware #News #CVE
##The vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), concerns a case of heap-overflow vulnerability in the implementation of the DCE/RPC protocol. https://thehackernews.com/2024/10/vmware-releases-vcenter-server-update.html
##VMware issues second patch for CVE-2024-38812 vCenter Server flaw
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/vmware-issues-second-patch-for-cve-2024-38812-vcenter-server-flaw-o-c-i-x-0/gD2P6Ple2L
VMware vCenter : un second patch pour cette faille de sécurité critique déjà corrigée en septembre dernier ! https://www.it-connect.fr/vmware-vcenter-second-patch-pour-faille-cve-2024-38812/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #VMware
##🛑 MAJ 22 octobre 2024 :
#Broadcom a annoncé que les correctifs #VMware #vCenter publiés le 17 sept. 2024 ne couvraient pas complètement la vulnérabilité CVE-2024-38812. Il est important pour tous les clients d’appliquer les derniers correctifs disponibles dans la matrice de réponse. Les patches pour la version 8.0 U2 sont également disponibles.
Produits impactés :
Update on CVE-2024-38812: Heap-Buffer Overflow vulnerability in VMWare vCenter: VMware has determined that the vCenter patches released previously did not completely mitigate the vulnerability. Refer attached image for the UPDATED response matrix.
##VMware fixes bad patch for critical vCenter Server RCE flaw
VMware has released another security update for CVE-2024-38812, a critical VMware vCenter Server remote code execution vulnerability that was not...
🔗️ [Bleepingcomputer] https://link.is.it/bzq846
##Broadcom patched this yesterday, if you missed it:
#VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities CVE-2024-38812 and CVE-2024-38813, both critical https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968
More: https://thehackernews.com/2024/10/vmware-releases-vcenter-server-update.html @thehackernews #cybersecurity #Infosec
##VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) https://www.helpnetsecurity.com/2024/10/22/cve-2024-38812-cve-2024-38813-fixed-again/ #securityupdate #virtualization #vulnerability #Don'tmiss #Hotstuff #Broadcom #VMware #News #CVE
##The vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), concerns a case of heap-overflow vulnerability in the implementation of the DCE/RPC protocol. https://thehackernews.com/2024/10/vmware-releases-vcenter-server-update.html
##VMware issues second patch for CVE-2024-38812 vCenter Server flaw
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/vmware-issues-second-patch-for-cve-2024-38812-vcenter-server-flaw-o-c-i-x-0/gD2P6Ple2L
VMware vCenter : un second patch pour cette faille de sécurité critique déjà corrigée en septembre dernier ! https://www.it-connect.fr/vmware-vcenter-second-patch-pour-faille-cve-2024-38812/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #VMware
##🛑 MAJ 22 octobre 2024 :
#Broadcom a annoncé que les correctifs #VMware #vCenter publiés le 17 sept. 2024 ne couvraient pas complètement la vulnérabilité CVE-2024-38812. Il est important pour tous les clients d’appliquer les derniers correctifs disponibles dans la matrice de réponse. Les patches pour la version 8.0 U2 sont également disponibles.
Produits impactés :
updated 2024-09-24T18:31:24
11 posts
📬 macOS-Schwachstelle umgeht Datenschutzkontrollen im Safari-Browser
#ITSicherheit #CVE202444133 #HMSurf #macOS #powerdir #Safari #Shrootless https://sc.tarnkappe.info/d1e190
📬 macOS-Schwachstelle umgeht Datenschutzkontrollen im Safari-Browser
#ITSicherheit #CVE202444133 #HMSurf #macOS #powerdir #Safari #Shrootless https://sc.tarnkappe.info/d1e190
📬 macOS-Schwachstelle umgeht Datenschutzkontrollen im Safari-Browser
#ITSicherheit #CVE202444133 #HMSurf #macOS #powerdir #Safari #Shrootless https://sc.tarnkappe.info/d1e190
📬 macOS-Schwachstelle umgeht Datenschutzkontrollen im Safari-Browser
#ITSicherheit #CVE202444133 #HMSurf #macOS #powerdir #Safari #Shrootless https://sc.tarnkappe.info/d1e190
New Episode: ISC StormCast for Tuesday, October 22nd, 2024
Shownotes:
A Network Nerd's Take on Emergency Preparedness
https://isc.sans.edu/diary/A%20Network%20Nerd%27s%20Take%20on%20Emergency%20Preparedness/31356
HM Surf Vulnerability Access to Camera Exploited CVE-2024-44133
https://www.microsoft.com/en-us/
AntennaPod | Anytime Player | Apple Podcasts | Castamatic | CurioCaster | Fountain | gPodder | Overcast | Pocket Casts | Podcast Addict | Podcast Guru | Podnews | Podverse | Truefans
Or Listen right here.
##Microsoft: #macOS HM Surf vulnerability CVE-2024-44133 might already be under exploit by major #malware family https:/www.theregister.com/2024/10/21/microsoft_macos_hm_surf/ @theregister #Microsoft #cybersecurity #Apple #infosec
##🚨 Microsoft discovered a #macOS vulnerability, “HM Surf” (CVE-2024-44133), which bypasses TCC protections, allowing unauthorised access to sensitive data like camera and microphone.
#CyberSecurity #vulnerability #Apple #Microsoft
Read: https://hackread.com/hm-surf-macos-flaw-attackers-access-camera-mic/
##The shortcoming, codenamed HM Surf by the tech giant, is tracked as CVE-2024-44133. It was addressed by Apple as part of macOS Sequoia 15 by removing the vulnerable code. https://thehackernews.com/2024/10/microsoft-reveals-macos-vulnerability.html
##Microsoft: #macOS HM Surf vulnerability CVE-2024-44133 might already be under exploit by major #malware family https:/www.theregister.com/2024/10/21/microsoft_macos_hm_surf/ @theregister #Microsoft #cybersecurity #Apple #infosec
##🚨 Microsoft discovered a #macOS vulnerability, “HM Surf” (CVE-2024-44133), which bypasses TCC protections, allowing unauthorised access to sensitive data like camera and microphone.
#CyberSecurity #vulnerability #Apple #Microsoft
Read: https://hackread.com/hm-surf-macos-flaw-attackers-access-camera-mic/
##The shortcoming, codenamed HM Surf by the tech giant, is tracked as CVE-2024-44133. It was addressed by Apple as part of macOS Sequoia 15 by removing the vulnerable code. https://thehackernews.com/2024/10/microsoft-reveals-macos-vulnerability.html
##updated 2024-09-20T22:06:12
2 posts
Tenable: CVE-2024-8260: SMB Force-Authentication Vulnerability in OPA Could Lead to Credential Leakage https://www.tenable.com/blog/cve-2024-8260-smb-force-authentication-vulnerability-in-opa-could-lead-to-credential-leakage @tenable #cybersecurity #infosec
##Tenable: CVE-2024-8260: SMB Force-Authentication Vulnerability in OPA Could Lead to Credential Leakage https://www.tenable.com/blog/cve-2024-8260-smb-force-authentication-vulnerability-in-opa-could-lead-to-credential-leakage @tenable #cybersecurity #infosec
##updated 2024-09-20T12:30:17.483000
3 posts
sbt 1.10.3 is released, featuring
- CVE-2024-7254 fix by updating protobuf-java to 3.25.5
- updates metabuild Scala version to 2.12.20
- fix for the spurious “illegal reflective access operation” error on JDK 11
- revert of the invalidation of circular-dependent sources
sbt 1.10.3 is released, featuring
- CVE-2024-7254 fix by updating protobuf-java to 3.25.5
- updates metabuild Scala version to 2.12.20
- fix for the spurious “illegal reflective access operation” error on JDK 11
- revert of the invalidation of circular-dependent sources
Atlassian multiple security advisories: Security Bulletin - October 15 2024
No mention of exploitation that I can see.
##updated 2024-09-19T21:34:31
1 posts
1 repos
This Keycloak #cve looks interesting: https://huydoppa.hashnode.dev/analyst-cve-2024-8698-keycloak-with-zero-knowledge-about-keycloak
##updated 2024-09-19T18:30:58
2 posts
Fortinet: Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA
Fortinet describes their incident response for clients who had their Ivanti Cloud Services Appliance (CSA) devices exploited using zero-days CVE-2024-8190, and CVE-2024-8963 (and one other unspecified command injection vulnerability). See the references below for info on those vulnerabilities. This is extremely interesting, as the threat actor, who was still active in the customer's network, actually patched the CVE-2024-8190 vulnerability, which Fortinet assesses was to prevent anyone else from interfering with their attack operations. Indicators of compromise listed.
Okay so what concerns me about this article is that Fortinet doesn't specifically identify the "A publicly unknown command injection vulnerability affecting the resource reports.php." This is very likely CVE-2024-9380 Ivanti CSA OS Command Injection Vulnerability, due to the Threat Signal Report that Fortinet links to in this article. Also missing is CVE-2024-9379 Ivanti CSA SQL Injection and CVE-2024-9381 Ivanti CSA path traversal.
References:
#threatintel #zeroday #ivanti #vulnerability #infosec #cybersecurity #cyberthreatintelligence #CTI #IOC #cyberespionage #ivanticsa #cloudservicesappliance #eitw #activeexploitation #CVE_2024_8190 #CVE_2024_8963 #CVE_2024_29824
##Ivanti Security Advisory: Ivanti CSA (Cloud Services Application) (CVE-2024-9379, CVE-2024-9380, CVE-2024-9381)
Very sneaky of Ivanti to quietly update the security advisory without a changelog: They removed CVE-2024-9381 (CVSSv3: 7.2 high) Path traversal in Ivanti CSA before version 5.0.2 from the exploitation announcement:
We have observed limited exploitation of CSA 4.6 when CVE-2024-9379 or CVE-2024-9380 are chained with CVE-2024-8963, present in CSA 4.6 patch 518 and below, it could lead to unauthenticated remote code execution. We have not observed these vulnerabilities being exploited in CSA 5.0.
See parent toot above for the original wording. cc: @cR0w @reverseics
#ivanti #patchtuesday #zeroday #vulnerability #cve #activeexploitation #ivanticsa #cloudservicesappliance #eitw
##updated 2024-09-16T15:29:27
4 posts
1 repos
Active Exploitation of SAML Vulnerability CVE-2024-45409 Detected by Cyble Sensors – Source:cyble.com https://ciso2ciso.com/active-exploitation-of-saml-vulnerability-cve-2024-45409-detected-by-cyble-sensors-sourcecyble-com/ #Vulnerability #CybleBlog #Exploit #'Cyber
##Active Exploitation of SAML Vulnerability CVE-2024-45409 Detected by Cyble Sensors https://cyble.com/blog/active-exploitation-of-saml-vulnerability-cve-2024-45409-detected-by-cyble-sensors/ #Vulnerability #Exploit
##Active Exploitation of SAML Vulnerability CVE-2024-45409 Detected by Cyble Sensors
Cyble's Global Sensor Intelligence Network detects the active exploitation of CVE-2024-45409, a critical SAML vulnerability affecting GitLab, which...
🔗️ [Cyble] https://link.is.it/b3r1pm
##Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) https://www.helpnetsecurity.com/2024/10/09/exploit-cve-2024-45409/ #ProjectDiscovery #authentication #securityupdate #vulnerability #Don'tmiss #Hotstuff #Synactiv #exploit #GitLab #News #PoC
##updated 2024-09-12T09:31:27
2 posts
1 repos
updated 2024-09-10T21:31:40
2 posts
2 repos
💣 Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA
— FortiGuard Labs
「 During the investigation, FGIR came across an adversary who had gained access to the customer’s network by exploiting the CVE-2024-8190 and two previously unknown vulnerabilities affecting the PHP front end of the Ivanti CSA appliance 」
##Fortinet: Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA
Fortinet describes their incident response for clients who had their Ivanti Cloud Services Appliance (CSA) devices exploited using zero-days CVE-2024-8190, and CVE-2024-8963 (and one other unspecified command injection vulnerability). See the references below for info on those vulnerabilities. This is extremely interesting, as the threat actor, who was still active in the customer's network, actually patched the CVE-2024-8190 vulnerability, which Fortinet assesses was to prevent anyone else from interfering with their attack operations. Indicators of compromise listed.
Okay so what concerns me about this article is that Fortinet doesn't specifically identify the "A publicly unknown command injection vulnerability affecting the resource reports.php." This is very likely CVE-2024-9380 Ivanti CSA OS Command Injection Vulnerability, due to the Threat Signal Report that Fortinet links to in this article. Also missing is CVE-2024-9379 Ivanti CSA SQL Injection and CVE-2024-9381 Ivanti CSA path traversal.
References:
#threatintel #zeroday #ivanti #vulnerability #infosec #cybersecurity #cyberthreatintelligence #CTI #IOC #cyberespionage #ivanticsa #cloudservicesappliance #eitw #activeexploitation #CVE_2024_8190 #CVE_2024_8963 #CVE_2024_29824
##updated 2024-08-29T18:31:42
2 posts
1 repos
updated 2024-08-13T19:20:23.200000
1 posts
VulnCheck: Following the Trail of Flax Typhoon to Uncover Newly Discovered Vulnerabilities in Linear Emerge Access Control Devices
References:
VulnCheck warns that Linear eMerge E3 has an unpatched OS command injection vulnerability in Linear eMerge E3-Series devices and multiple people are creating proofs of concept for it. CVE-2019-7256, which is a similar vulnerability on the same model device, was reported by FBI (PDF) to be exploited by Flax Typhoon's botnet. Flax Typhoon, a PRC state-sponsored APT, is publicly attributed to the Chinese company Integrity Tech by the U.S. Government. It is likely that Flax Typhoon would incorporate proof of concept exploit code for an unpatched vulnerability to their arsenal.
#linear #emerge #vulnerability #flaxtyphoon #china #cyberespionage #proofofconcept #cve
##updated 2024-08-13T18:31:21
7 posts
anyone read Korean? ASEC: ASEC and NCSC Release Joint Report on Microsoft Zero-Day Browser Vulnerability (CVE-2024-38178)
See parent toot for information on CVE-2024-38178. AhnLab SEcurity intelligence Center (ASEC) and Korea's National Cyber Security Center (NCSC) published a joint report "Operation Code on Toast by TA-RedAnt" confirming that the DPRK actor known as Scarcruft (APT37) exploited CVE-2024-38178 as a zero-day:
#northkorea #apt #scarcruft #cyberespionage #CVE_2024_38178 #asec #zeroday #vulnerability #CVE #eitw #cisakev #kev #KnownExploitedVulnerabilitiesCatalog #activeexploitation
##anyone read Korean? ASEC: ASEC and NCSC Release Joint Report on Microsoft Zero-Day Browser Vulnerability (CVE-2024-38178)
See parent toot for information on CVE-2024-38178. AhnLab SEcurity intelligence Center (ASEC) and Korea's National Cyber Security Center (NCSC) published a joint report "Operation Code on Toast by TA-RedAnt" confirming that the DPRK actor known as Scarcruft (APT37) exploited CVE-2024-38178 as a zero-day:
#northkorea #apt #scarcruft #cyberespionage #CVE_2024_38178 #asec #zeroday #vulnerability #CVE #eitw #cisakev #kev #KnownExploitedVulnerabilitiesCatalog #activeexploitation
##A North Korean threat actor has exploited a recent Internet Explorer zero-day vulnerability in a supply chain attack, threat intelligence firm AhnLab and South Korea’s National Cyber Security Center (NCSC) say.
Tracked as CVE-2024-38178, the security defect is described as a scripting engine memory corruption issue that allows remote attackers to execute arbitrary code on target systems that use Edge in Internet Explorer Mode.
fuck Windows, use Linux!
##Malicious ads exploited Internet Explorer zero day to drop #malware
Yes, Internet Explorer has been officially EOL since 2022, but it’s still included in Windows. Some older software may also use Internet explorer components.
Nation-state APT compromised servers of an ad agency to push malicious toast ads, which exploit CVE-2024-38178 to achieve code execution privileges. The attackers then drop RokRAT, which can exfil data and files from the infected machine.
Microsoft has apparently fixed this flaw, but this does not guarantee older software using outdated Internet Explorer components will also update.
##Malicious ads exploited Internet Explorer zero day to drop #malware
Yes, Internet Explorer has been officially EOL since 2022, but it’s still included in Windows. Some older software may also use Internet explorer components.
Nation-state APT compromised servers of an ad agency to push malicious toast ads, which exploit CVE-2024-38178 to achieve code execution privileges. The attackers then drop RokRAT, which can exfil data and files from the infected machine.
Microsoft has apparently fixed this flaw, but this does not guarantee older software using outdated Internet Explorer components will also update.
##AhnLab and NCSC Release Joint Report on Microsoft Zero-Day Browser Vulnerability (CVE-2024-38178) https://asec.ahnlab.com/en/83877/
More: North Korean #ScarCruft Exploits #Windows Zero-Day to Spread #RokRAT Malware https://thehackernews.com/2024/10/north-korean-scarcruft-exploits-windows.html @thehackernews #cybersecurity #infosec #Microsoft #zeroday
##Notes for myself based on the 33 page PDF
updated 2024-08-13T03:32:22
1 posts
Atlassian multiple security advisories: Security Bulletin - October 15 2024
No mention of exploitation that I can see.
##updated 2024-08-12T15:30:50
1 posts
1 repos
Microsoft Office NTLMv2 Disclosure Vulnerability https://github.com/passtheticket/CVE-2024-38200
##updated 2024-08-09T05:01:56
1 posts
Horizon3: Palo Alto Expedition: From N-Day to Full Compromise
References:
Daaaaaaaamn @hacks_zach, Zach Hanley at it again with the Palo Alto Networks vulnerabilities. In trying to find CVE2-2024-5910 in Expedition (a configuration migration tool from a supported vendor to Palo Alto Networks PAN-OS), he found CVE-2024-9464, CVE-2024-9465 and CVE-2024-9466. It appears that CVE-2024-9465 (unauth SQL injection) leads to leaking credentials via "users" and "devices" tables which contain password hashes and device API keys. This is the CVE-2024-9466.
#paloaltonetworks #expedition #vulnerability #CVE #vulnerabilityanalysis
##updated 2024-08-01T15:33:14
1 posts
Microsoft Security Response Center (MSRC) updated the title of the publicly disclosed vulnerability CVE-2024-6197 to be "Hackerone: CVE-2024-6197 Freeing stack buffer in utf8asn1str" (original was "Open Source Curl Remote Code Execution Vulnerability")
##Version: 1.1; Revision Date: Oct 10, 2024. Description: "Updated CVE title. This is an informational change only."
updated 2024-07-31T12:31:48
2 posts
1 repos
updated 2024-07-09T18:31:01
2 posts
CVE ID: CVE-2024-38094
Vendor: Microsoft
Product: SharePoint
Date Added: 2024-10-22
Vulnerability: Microsoft SharePoint Deserialization Vulnerability
Notes: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094 ; https://nvd.nist.gov/vuln/detail/CVE-2024-38094
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-38094
CVE ID: CVE-2024-38094
Vendor: Microsoft
Product: SharePoint
Date Added: 2024-10-22
Vulnerability: Microsoft SharePoint Deserialization Vulnerability
Notes: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094 ; https://nvd.nist.gov/vuln/detail/CVE-2024-38094
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-38094
updated 2024-07-03T18:44:17
2 posts
Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383) https://www.helpnetsecurity.com/2024/10/22/cve-2024-37383-exploited/ #PositiveTechnologies #vulnerability #Don'tmiss #Roundcube #Hotstuff #exploit #News #CVE
##Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383) https://www.helpnetsecurity.com/2024/10/22/cve-2024-37383-exploited/ #PositiveTechnologies #vulnerability #Don'tmiss #Roundcube #Hotstuff #exploit #News #CVE
##updated 2024-07-03T18:43:59
1 posts
3 repos
https://github.com/horizon3ai/CVE-2024-29824
Fortinet: Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA
Fortinet describes their incident response for clients who had their Ivanti Cloud Services Appliance (CSA) devices exploited using zero-days CVE-2024-8190, and CVE-2024-8963 (and one other unspecified command injection vulnerability). See the references below for info on those vulnerabilities. This is extremely interesting, as the threat actor, who was still active in the customer's network, actually patched the CVE-2024-8190 vulnerability, which Fortinet assesses was to prevent anyone else from interfering with their attack operations. Indicators of compromise listed.
Okay so what concerns me about this article is that Fortinet doesn't specifically identify the "A publicly unknown command injection vulnerability affecting the resource reports.php." This is very likely CVE-2024-9380 Ivanti CSA OS Command Injection Vulnerability, due to the Threat Signal Report that Fortinet links to in this article. Also missing is CVE-2024-9379 Ivanti CSA SQL Injection and CVE-2024-9381 Ivanti CSA path traversal.
References:
#threatintel #zeroday #ivanti #vulnerability #infosec #cybersecurity #cyberthreatintelligence #CTI #IOC #cyberespionage #ivanticsa #cloudservicesappliance #eitw #activeexploitation #CVE_2024_8190 #CVE_2024_8963 #CVE_2024_29824
##updated 2024-07-02T14:20:55.230000
1 posts
1 repos
Exploiting Visual Studio via dump files - CVE-2024-30052: https://ynwarcs.github.io/exploiting-vs-dump-files
##updated 2024-06-21T21:35:02
1 posts
53 repos
https://github.com/WanLiChangChengWanLiChang/CVE-2024-4577-RCE-EXP
https://github.com/Junp0/CVE-2024-4577
https://github.com/bl4cksku11/CVE-2024-4577
https://github.com/11whoami99/CVE-2024-4577
https://github.com/Chocapikk/CVE-2024-4577
https://github.com/phirojshah/CVE-2024-4577
https://github.com/K3ysTr0K3R/CVE-2024-4577-EXPLOIT
https://github.com/Entropt/CVE-2024-4577_Analysis
https://github.com/Sh0ckFR/CVE-2024-4577
https://github.com/0x20c/CVE-2024-4577-nuclei
https://github.com/taida957789/CVE-2024-4577
https://github.com/fa-rrel/CVE-2024-4577-RCE
https://github.com/VictorShem/CVE-2024-4577
https://github.com/JeninSutradhar/CVE-2024-4577-checker
https://github.com/nNoSuger/CVE-2024-4577
https://github.com/PhinehasNarh/CVE-2024-4577-LetsDefend-walkthrough
https://github.com/hexedbyte/cve-2024-4577
https://github.com/watchtowrlabs/CVE-2024-4577
https://github.com/AlperenY-cs/CVE-2024-4577
https://github.com/longhoangth18/CVE-2024-4577
https://github.com/a-roshbaik/CVE-2024-4577
https://github.com/olebris/CVE-2024-4577
https://github.com/l0n3m4n/CVE-2024-4577-RCE
https://github.com/TAM-K592/CVE-2024-4577
https://github.com/codeb0ss/CVEploiterv2
https://github.com/princew88/CVE-2024-4577
https://github.com/zomasec/CVE-2024-4577
https://github.com/a-roshbaik/CVE-2024-4577-PHP-RCE
https://github.com/ohhhh693/CVE-2024-4577
https://github.com/Jcccccx/CVE-2024-4577
https://github.com/nemu1k5ma/CVE-2024-4577
https://github.com/manuelinfosec/CVE-2024-4577
https://github.com/zjhzjhhh/CVE-2024-4577
https://github.com/huseyinstif/CVE-2024-4577-Nuclei-Template
https://github.com/aaddmin1122345/cve-2024-4577
https://github.com/bibo318/CVE-2024-4577-RCE-ATTACK
https://github.com/gotr00t0day/CVE-2024-4577
https://github.com/bughuntar/CVE-2024-4577
https://github.com/jakabakos/CVE-2024-4577-PHP-CGI-argument-injection-RCE
https://github.com/waived/CVE-2024-4577-PHP-RCE
https://github.com/Wh02m1/CVE-2024-4577
https://github.com/xcanwin/CVE-2024-4577-PHP-RCE
https://github.com/ggfzx/CVE-2024-4577
https://github.com/ZephrFish/CVE-2024-4577-PHP-RCE
https://github.com/dbyMelina/CVE-2024-4577
https://github.com/it-t4mpan/check_cve_2024_4577.sh
https://github.com/BitMEXResearch/CVE-2024-4577
https://github.com/ywChen-NTUST/PHP-CGI-RCE-Scanner
https://github.com/charis3306/CVE-2024-4577
https://github.com/XiangDongCJC/CVE-2024-4577-PHP-CGI-RCE
🚨CVE-2024-4577: PHP CGI Argument Injection Scanner and Exploit
https://darkwebinformer.com/cve-2024-4577-php-cgi-argument-injection-scanner-and-exploit/
##updated 2024-06-10T20:18:19
1 posts
10 repos
https://github.com/UnHackerEnCapital/PDFernetRemotelo
https://github.com/Masamuneee/CVE-2024-4367-Analysis
https://github.com/LOURC0D3/CVE-2024-4367-PoC
https://github.com/clarkio/pdfjs-vuln-demo
https://github.com/avalahEE/pdfjs_disable_eval
https://github.com/Zombie-Kaiser/cve-2024-4367-PoC-fixed
https://github.com/s4vvysec/CVE-2024-4367-POC
https://github.com/snyk-labs/pdfjs-vuln-demo
Atlassian multiple security advisories: Security Bulletin - October 15 2024
No mention of exploitation that I can see.
##updated 2024-05-28T15:47:59
2 posts
CVE-2024-35219: Arbitrary File Read and Delete in OpenAPI Generator
Check out our latest blog post, in which we explain how SonarCloud unveiled the complex taint flow behind this critical vulnerability in OpenAPI Generator:
##CVE-2024-35219: Arbitrary File Read and Delete in OpenAPI Generator
Check out our latest blog post, in which we explain how SonarCloud unveiled the complex taint flow behind this critical vulnerability in OpenAPI Generator:
##updated 2024-05-23T17:56:29.137000
1 posts
1 repos
Кратко разбираем Zerologon на практике и смотрим его артефакты
Привет! В этой статье мы кратко рассмотрим уязвимость CVE-2020-1472 aka Zerologon со стороны красных и синих: на практическом примере научимся эксплуатировать уязвимость, используя разные векторы, а также отметим основные артефакты атаки.
https://habr.com/ru/articles/851428/
#zerologon #activedirectory #active_directory #kali #python #cve20201472
##updated 2024-05-02T18:47:15
1 posts
Atlassian multiple security advisories: Security Bulletin - October 15 2024
No mention of exploitation that I can see.
##updated 2024-04-04T05:46:09
1 posts
4 repos
https://github.com/cashapp323232/CVE-2023-2868CVE-2023-2868
https://github.com/getdrive/PoC
Another thing to note is that Fortinet states "Suspected Nation-State Adversary" but doesn't include any mention of a country, or even attribution. If they did a little research, they'd point out that 51.91.79[.]17 was previously identified by Mandiant in Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868) on 29 August 2023. It was a network indicator for UNC4841, a China-nexus espionage threat actor group.
The first hit is free, you have to pay me to continue working on a Friday night before a three day weekend. Peace out 🤙
#threatintel #zeroday #ivanti #vulnerability #infosec #cybersecurity #cyberthreatintelligence #CTI #IOC #cyberespionage #ivanticsa #cloudservicesappliance #eitw #activeexploitation #CVE_2024_8190 #CVE_2024_8963 #CVE_2024_29824
##updated 2024-03-14T05:02:56
1 posts
14 repos
https://github.com/Shimon03/CVE-2023-7028-Account-Take-Over-Gitlab
https://github.com/soltanali0/CVE-2023-7028
https://github.com/Esonhugh/gitlab_honeypot
https://github.com/hackeremmen/gitlab-exploit
https://github.com/yoryio/CVE-2023-7028
https://github.com/mochammadrafi/CVE-2023-7028
https://github.com/duy-31/CVE-2023-7028
https://github.com/googlei1996/CVE-2023-7028
https://github.com/Trackflaw/CVE-2023-7028-Docker
https://github.com/fa-rrel/CVE-2023-7028
https://github.com/RandomRobbieBF/CVE-2023-7028
https://github.com/Vozec/CVE-2023-7028
@mttaggart CISA added the CVE-2023-7028 (perfect 10.0 critical🥳 cc: @cR0w) GitLab Community and Enterprise Editions Improper Access Control Vulnerability to the KEV Catalog on 01 May 2024
##updated 2024-02-15T15:30:37
10 posts
5 repos
https://github.com/OxLmahdi/cve-2024-23113
https://github.com/HazeLook/CVE-2024-23113
https://github.com/p33d/CVE-2024-23113
Fortinet FortiGate CVE-2024-23113 - A Super Complex Vulnerability In A Super Secure Appliance In 2024 - watchTowr Labs: https://labs.watchtowr.com/fortinet-fortigate-cve-2024-23113-a-super-complex-vulnerability-in-a-super-secure-appliance-in-2024/
##Fortinet FortiGate CVE-2024-23113 - A Super Complex Vulnerability In A Super Secure Appliance In 2024 - watchTowr Labs: https://labs.watchtowr.com/fortinet-fortigate-cve-2024-23113-a-super-complex-vulnerability-in-a-super-secure-appliance-in-2024/
##87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) https://www.helpnetsecurity.com/2024/10/15/cve-2024-23113/ #vulnerability #Shadowserver #enterprise #Don'tmiss #WatchTowr #Hotstuff #Fortinet #FortiOS #News #CVE
##lol at this Watchtowr write up - it’s on the money. Vulns from 1998.
Wait until they see the new FortiManager zero day, I wanna see their write up.
##watchTowr: Fortinet FortiGate CVE-2024-23113 - A Super Complex Vulnerability In A Super Secure Appliance In 2024
Reference: CVE-2024-23113 (9.8 critical, disclosed 08 February 2024 by Fortinet, added to CISA KEV Catalog 09 October 2024) Fortinet Multiple Products Format String Vulnerability
I personally love the snark that watchTowr brings to the infosec community. If you didn't already grasp it from all the memes, you'll understand once you start reading this blog post. watchTowr covers locating the vulnerability CVE-2024-23113 and finding the root cause. I know the term rabbit hole is used often, but in this case, each vulnerable/patched version of their firmware provides different behavior to exploitation attempts and these are explained. No one's safe from watchTowr: they even include a dis for Check Point:
I mean, it's one up from Checkpoint's 'buy another Checkpoint device to put infront of your vulnerable Checkpoint device'
#CVE_2024_23113 #fortinet #vulnerability #eitw #vulnerabilityanalysis #cybersecurity #infosec #cve #activeexploitation #kev
##Fortinet is behind the curve, as they update their security advisory FG-IR-24-029 CVE-2024-23113 (9.8 critical, disclosed 08 February 2024) Format String Bug in fgfmd 3 days later to say "A third-party report is indicating this may be exploited in the wild."
See parent toot above for the CISA announcement that CVE-2024-23113 was added to the Known Exploited Vulnerabilities Catalog on 08 October 2024.
#cisa #cisakev #kev #knownexploitedvulnerabilitiescatalog #CVE_2024_23113 #fortinet #fortios #vulnerability #eitw #activeexploitation
##The vulnerability, tracked as CVE-2024-23113 (CVSS score: 9.8), relates to cases of remote code execution that affects FortiOS, FortiPAM, FortiProxy, and FortiWeb. https://thehackernews.com/2024/10/cisa-warns-of-critical-fortinet-flaw-as.html
##Fortinet : la faille de sécurité critique CVE-2024-23113 est exploitée dans des cyberattaques, alerte la CISA ! https://www.it-connect.fr/fortinet-faille-securite-critique-cve-2024-23113-cyberattaques/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #Fortinet
##CVE ID: CVE-2024-23113
Vendor: Fortinet
Product: Multiple Products
Date Added: 2024-10-09
Vulnerability: Fortinet Multiple Products Format String Vulnerability
Notes: https://www.fortiguard.com/psirt/FG-IR-24-029 ; https://nvd.nist.gov/vuln/detail/CVE-2024-23113
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-23113
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
Hot off the press! CISA only adds two of the Ivanti exploited zero-day vulnerabilities, and a Fortinet vulnerability to the KEV Catalog:
#cisa #cisakev #kev #knownexploitedvulnerabilitiescatalog #vulnerability #cve #eitw #activeexploitation #zeroday
##updated 2024-02-13T17:55:39.687000
2 posts
@cks @jschauma the non-BSD implementation was more fun, with rlogind passing a “trust me, this user is in the rhosts” flag, leading to the AIX & Linux -froot security hole (CVE-1999-0113), one of the easier to understand remote exploits.
##@cks @jschauma the non-BSD implementation was more fun, with rlogind passing a “trust me, this user is in the rhosts” flag, leading to the AIX & Linux -froot security hole (CVE-1999-0113), one of the easier to understand remote exploits.
##updated 2023-11-29T22:04:56
1 posts
Atlassian multiple security advisories: Security Bulletin - October 15 2024
No mention of exploitation that I can see.
##updated 2023-11-29T22:02:29
1 posts
Atlassian multiple security advisories: Security Bulletin - October 15 2024
No mention of exploitation that I can see.
##updated 2023-10-30T13:06:31
1 posts
Few things make me hate the security industry as much as the dumb ass CVSS scores so many CVE receive. Take CVE-2022-31197. It literally requires you to have a column with a “;” in the name.
I mean yes, but holy fuck people… if you do that you have so many other problems to deal with first.
Could it happen? Sure. Will it? I sure hope your database isn’t that absolutely bonkers.
##updated 2023-05-28T05:01:06
1 posts
Notes for myself based on the 33 page PDF
updated 2023-03-27T18:30:24
1 posts
1 repos
@GossiTheDog the aspect of a manipulated hostname reminds me of CVE-2022-40684 where the "for" attribute of Forwarded header set to 127.0.0.1 bypassed authorization checks. https://github.com/horizon3ai/CVE-2022-40684
##updated 2023-02-01T05:03:36
1 posts
34 repos
https://github.com/Sunqiz/CVE-2017-11882-reproduction
https://github.com/Ridter/CVE-2017-11882
https://github.com/HaoJame/CVE-2017-11882
https://github.com/rip1s/CVE-2017-11882
https://github.com/letiencong96/CVE_2017_11882
https://github.com/ActorExpose/CVE-2017-11882
https://github.com/tzwlhack/CVE-2017-11882
https://github.com/qy1202/https-github.com-Ridter-CVE-2017-11882-
https://github.com/Ridter/RTF_11882_0802
https://github.com/Abdibimantara/Maldoc-Analysis
https://github.com/rxwx/CVE-2018-0802
https://github.com/CSC-pentest/cve-2017-11882
https://github.com/chanbin/CVE-2017-11882
https://github.com/ChaitanyaHaritash/CVE-2017-11882
https://github.com/likekabin/CVE-2018-0802_CVE-2017-11882
https://github.com/Shadowshusky/CVE-2017-11882-
https://github.com/HZachev/ABC
https://github.com/likekabin/CVE-2017-11882
https://github.com/0x09AL/CVE-2017-11882-metasploit
https://github.com/lisinan988/CVE-2017-11882-exp
https://github.com/littlebin404/CVE-2017-11882
https://github.com/BlackMathIT/2017-11882_Generator
https://github.com/nhuynhuy/cve-2017-11882
https://github.com/jadeapar/Dragonfish-s-Malware-Cyber-Analysis
https://github.com/herbiezimmerman/CVE-2017-11882-Possible-Remcos-Malspam
https://github.com/legendsec/CVE-2017-11882-for-Kali
https://github.com/embedi/CVE-2017-11882
https://github.com/ekgg/Overflow-Demo-CVE-2017-11882
https://github.com/j0lama/CVE-2017-11882
https://github.com/zhouat/cve-2017-11882
https://github.com/Grey-Li/CVE-2017-11882
https://github.com/Retr0-code/SignHere
https://github.com/starnightcyber/CVE-2017-11882
https://github.com/n18dcat053-luuvannga/DetectPacket-CVE-2017-11882
Kaspersky: Beyond the Surface: the evolution and expansion of the SideWinder APT group
Reference: CVE-2017-11882 (7.8 high, disclosed 14 November 2017 by Microsoft, added to CISA KEV Catalog 03 November 2021) Microsoft Office Memory Corruption Vulnerability
Sidewinder is a suspected Indian APT which loves to target Pakistan among other neighboring countries. Kaspersky reports on new Sidewinder attacks targeting the Middle East and Africa, and a new post-exploitation toolkit called "StealerBot." They talk about the infection chain, which includes an RTF file that exploits CVE-2017-11882. Kaspersky goes over the Stealerbot malware features, including a section for each one of the modules. Victim and targeted sector list is extensive. Attribution is made to Sidewinder with medium/high confidence based on similarities in historical TTPs. Indicators of compromise listed.
#Sidewinder #India #cyberespionage #APT #IOC #stealerbot #CVE_2017_11882 #vulnerability #eitw #threatintel #cybersecurity #infosec #cyberthreatintelligence #CTI
##updated 2023-01-29T05:03:44
1 posts
Notes for myself based on the 33 page PDF
updated 2023-01-27T05:03:24
2 posts
75 repos
https://github.com/MaskCyberSecurityTeam/CVE-2022-26134_Behinder_MemShell
https://github.com/BeichenDream/CVE-2022-26134-Godzilla-MEMSHELL
https://github.com/shiftsansan/CVE-2022-26134-Console
https://github.com/W01fh4cker/Serein_Linux
https://github.com/2212970396/CVE_2022_26134
https://github.com/Chocapikk/CVE-2022-26134
https://github.com/DARKSTUFF-LAB/-CVE-2022-26134
https://github.com/CJ-0107/cve-2022-26134
https://github.com/murataydemir/CVE-2022-26134
https://github.com/yTxZx/CVE-2022-26134
https://github.com/abhishekmorla/CVE-2022-26134
https://github.com/acfirthh/CVE-2022-26134
https://github.com/crowsec-edtech/CVE-2022-26134
https://github.com/yyqxi/CVE-2022-26134
https://github.com/AmoloHT/CVE-2022-26134
https://github.com/iveresk/cve-2022-26134
https://github.com/cai-niao98/CVE-2022-26134
https://github.com/Sakura-nee/CVE-2022-26134
https://github.com/twoning/CVE-2022-26134-PoC
https://github.com/cc3305/CVE-2022-26134
https://github.com/kelemaoya/CVE-2022-26134
https://github.com/ma1am/CVE-2022-26134-Exploit-Detection
https://github.com/cbk914/CVE-2022-26134_check
https://github.com/latings/CVE-2022-26134
https://github.com/Habib0x0/CVE-2022-26134
https://github.com/skhalsa-sigsci/CVE-2022-26134-LAB
https://github.com/offlinehoster/CVE-2022-26134
https://github.com/alcaparra/CVE-2022-26134
https://github.com/b4dboy17/CVE-2022-26134
https://github.com/Brucetg/CVE-2022-26134
https://github.com/Muhammad-Ali007/Atlassian_CVE-2022-26134
https://github.com/sunny-kathuria/exploit_CVE-2022-26134
https://github.com/CLincat/vulcat
https://github.com/ColdFusionX/CVE-2022-26134
https://github.com/Luchoane/CVE-2022-26134_conFLU
https://github.com/jbaines-r7/through_the_wire
https://github.com/SIFalcon/confluencePot
https://github.com/0xAgun/CVE-2022-26134
https://github.com/vesperp/CVE-2022-26134-Confluence
https://github.com/0x14dli/cve2022-26134exp
https://github.com/whokilleddb/CVE-2022-26134-Confluence-RCE
https://github.com/hev0x/CVE-2022-26134
https://github.com/xsxtw/CVE-2022-26134
https://github.com/xanszZZ/ATLASSIAN-Confluence_rce
https://github.com/Y000o/Confluence-CVE-2022-26134
https://github.com/khulnasoft-lab/awesome-security
https://github.com/redhuntlabs/ConfluentPwn
https://github.com/Debajyoti0-0/CVE-2022-26134
https://github.com/shamo0/CVE-2022-26134
https://github.com/f4yd4-s3c/cve-2022-26134
https://github.com/BBD-YZZ/Confluence-RCE
https://github.com/axingde/CVE-2022-26134
https://github.com/coskper-papa/CVE-2022-26134
https://github.com/CatAnnaDev/CVE-2022-26134
https://github.com/archanchoudhury/Confluence-CVE-2022-26134
https://github.com/kyxiaxiang/CVE-2022-26134
https://github.com/KeepWannabe/BotCon
https://github.com/1337in/CVE-2022-26134web
https://github.com/itwestend/cve_2022_26134
https://github.com/kh4sh3i/CVE-2022-26134
https://github.com/dream434/CVE_20222_26134
https://github.com/r1skkam/TryHackMe-Atlassian-CVE-2022-26134
https://github.com/Vulnmachines/Confluence-CVE-2022-26134
https://github.com/Agentgilspy/CVE-2022-26134
https://github.com/W01fh4cker/Serein
https://github.com/p4b3l1t0/confusploit
https://github.com/keven1z/CVE-2022-26134
https://github.com/kailing0220/CVE-2022-26134
https://github.com/yigexioabai/CVE-2022-26134-cve1
https://github.com/404fu/CVE-2022-26134-POC
https://github.com/reubensammut/cve-2022-26134
https://github.com/li8u99/CVE-2022-26134
https://github.com/nxtexploit/CVE-2022-26134
Severe Confluence Vulnerability is an Active Threat (CVE-2022-26134) – Source:www.hackerone.com https://ciso2ciso.com/severe-confluence-vulnerability-is-an-active-threat-cve-2022-26134-sourcewww-hackerone-com/ #rssfeedpostgeneratorecho #1CyberSecurityNewsPost #rssfeedsAutogenerated #CyberSecurityNews #HackerOne #Hackerone #Severe
##Severe Confluence Vulnerability is an Active Threat (CVE-2022-26134) – Source:www.hackerone.com https://ciso2ciso.com/severe-confluence-vulnerability-is-an-active-threat-cve-2022-26134-sourcewww-hackerone-com/ #rssfeedpostgeneratorecho #1CyberSecurityNewsPost #rssfeedsAutogenerated #CyberSecurityNews #HackerOne #Hackerone #Severe
##updated 2021-08-16T09:15:06.987000
2 posts
20 repos
https://github.com/dmo2118/retpoline-audit
https://github.com/kevincoakley/puppet-spectre_meltdown
https://github.com/neuhalje/presentation_meltdown_spectre
https://github.com/pedrolucasoliva/spectre-attack-demo
https://github.com/GalloLuigi/Analisi-CVE-2017-5715
https://github.com/EdwardOwusuAdjei/Spectre-PoC
https://github.com/Eugnis/spectre-attack
https://github.com/jarmouz/spectre_meltdown
https://github.com/opsxcq/exploit-cve-2017-5715
https://github.com/ionescu007/SpecuCheck
https://github.com/mathse/meltdown-spectre-bios-list
https://github.com/Viralmaniar/In-Spectre-Meltdown
https://github.com/ixtal23/spectreScope
https://github.com/speed47/spectre-meltdown-checker
https://github.com/00052/spectre-attack-example
https://github.com/GregAskew/SpeculativeExecutionAssessment
https://github.com/GarnetSunset/CiscoSpectreTakeover
https://github.com/nsacyber/Hardware-and-Firmware-Security-Guidance
⚠️ Spectre flaws continue to haunt Intel and AMD
— The Register
「 The indirect branch predictor barrier (IBPB) was intended as a defense against Spectre v2 (CVE-2017-5715) attacks on x86 Intel and AMD chips. IBPB is designed to prevent forwarding of previously learned indirect branch target predictions for speculative execution.
Evidently, the barrier wasn't implemented properly 」
https://www.theregister.com/2024/10/18/spectre_problems_continue_amd_intel
##⚠️ Spectre flaws continue to haunt Intel and AMD
— The Register
「 The indirect branch predictor barrier (IBPB) was intended as a defense against Spectre v2 (CVE-2017-5715) attacks on x86 Intel and AMD chips. IBPB is designed to prevent forwarding of previously learned indirect branch target predictions for speculative execution.
Evidently, the barrier wasn't implemented properly 」
https://www.theregister.com/2024/10/18/spectre_problems_continue_amd_intel
##oh no my magic trick is now public and got a cve number
##oh no my magic trick is now public and got a cve number
##2 posts
13 repos
https://github.com/Vulnmachines/Metabase_CVE-2021-41277
https://github.com/sasukeourad/CVE-2021-41277_SSRF
https://github.com/zer0yu/CVE-2021-41277
https://github.com/Henry4E36/Metabase-cve-2021-41277
https://github.com/RubXkuB/PoC-Metabase-CVE-2021-41277
https://github.com/tahtaciburak/CVE-2021-41277
https://github.com/Seals6/CVE-2021-41277
https://github.com/kap1ush0n/CVE-2021-41277
https://github.com/TheLastVvV/CVE-2021-41277
https://github.com/z3n70/CVE-2021-41277
https://github.com/kaizensecurity/CVE-2021-41277
Metabase Information Disclosure Vulnerability (CVE-2021-41277) https://fortiguard.fortinet.com/threat-signal-report/5563
##Metabase Information Disclosure Vulnerability (CVE-2021-41277) https://fortiguard.fortinet.com/threat-signal-report/5563
##CVE-2024-38819: Path Transversal vulnerability in Spring Framework..
Vulnerability Details:
https://patchnow24x7.com/blog-1/f/cve-2024-38819path-transversal-vulnerability-in-spring-framework
#PatchNOW
#VMWare
#Vulnerability
#ComputerSecurity
#hacked
#Cyberattack
#infosec
#informationsecurity
#CyberSecurityAwareness
#DataBreach
#cybersecurity
SolarWinds multiple security advisories: SolarWinds Security Vulnerabilities
No mention of exploitation.
##1 posts
53 repos
https://github.com/smackerdodi/CVE-2024-24919-nuclei-templater
https://github.com/P3wc0/CVE-2024-24919
https://github.com/gurudattch/CVE-2024-24919
https://github.com/J4F9S5D2Q7/CVE-2024-24919-CHECKPOINT
https://github.com/yagyuufellinluvv/CVE-2024-24919
https://github.com/skyrowalker/CVE-2024-24919
https://github.com/B1naryo/CVE-2024-24919-POC
https://github.com/GoatSecurity/CVE-2024-24919
https://github.com/hendprw/CVE-2024-24919
https://github.com/Expl0itD0g/CVE-2024-24919---Poc
https://github.com/RevoltSecurities/CVE-2024-24919
https://github.com/nullcult/CVE-2024-24919-Exploit
https://github.com/starlox0/CVE-2024-24919-POC
https://github.com/r4p3c4/CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN
https://github.com/am-eid/CVE-2024-24919
https://github.com/GuayoyoCyber/CVE-2024-24919
https://github.com/LuisMateo1/Arbitrary-File-Read-CVE-2024-24919
https://github.com/0xkalawy/CVE-2024-24919
https://github.com/Tim-Hoekstra/CVE-2024-24919
https://github.com/protonnegativo/CVE-2024-24919
https://github.com/Jutrm/cve-2024-24919
https://github.com/zam89/CVE-2024-24919
https://github.com/Cappricio-Securities/CVE-2024-24919
https://github.com/ifconfig-me/CVE-2024-24919-Bulk-Scanner
https://github.com/Rug4lo/CVE-2024-24919-Exploit
https://github.com/0nin0hanz0/CVE-2024-24919-PoC
https://github.com/birdlex/cve-2024-24919-checker
https://github.com/satriarizka/CVE-2024-24919
https://github.com/Vulnpire/CVE-2024-24919
https://github.com/Praison001/CVE-2024-24919-Check-Point-Remote-Access-VPN
https://github.com/bigb0x/CVE-2024-24919-Sniper
https://github.com/YN1337/CVE-2024-24919
https://github.com/un9nplayer/CVE-2024-24919
https://github.com/mr-kasim-mehar/CVE-2024-24919-Exploit
https://github.com/Bytenull00/CVE-2024-24919
https://github.com/seed1337/CVE-2024-24919-POC
https://github.com/ShadowByte1/CVE-2024-24919
https://github.com/LucasKatashi/CVE-2024-24919
https://github.com/c3rrberu5/CVE-2024-24919
https://github.com/r4p3c4/CVE-2024-24919-Checkpoint-Firewall-VPN-Check
https://github.com/fernandobortotti/CVE-2024-24919
https://github.com/emanueldosreis/CVE-2024-24919
https://github.com/GlobalsecureAcademy/CVE-2024-24919
https://github.com/geniuszlyy/CVE-2024-24919
https://github.com/nexblade12/CVE-2024-24919
https://github.com/H3KEY/CVE-2024-24919
https://github.com/satchhacker/cve-2024-24919
https://github.com/0xans/CVE-2024-24919
https://github.com/0xYumeko/CVE-2024-24919
https://github.com/SalehLardhi/CVE-2024-24919
🚨CVE-2024-24919 - Check Point Quantum Security Gateways with IPsec VPN in Remote Access VPN PoC
##GitLab security advisory: GitLab Critical Patch Release: 17.4.2, 17.3.5, 17.2.9
No mention of exploitation
##Today in #fedora infra land:
* Built a ton of koji builds for the new exciting CVE-2024-9427. (all fedora + epel + a 1.34.x for our hubs now + 1.35.x for our hubs when we upgrade tomorrow.
* Meetings
* Re-installed a a bunch of openqa vmhosts and db server and workers with @adamw 3 less rhel8 installs and standardized openqa workers!
* tomorrow koji outage and some cert reissues and a bunch more meetings.
1 posts
13 repos
https://github.com/MalwareTech/CVE-2024-47176-Scanner
https://github.com/GO0dspeed/spill
https://github.com/workabhiwin09/CVE-2024-47176
https://github.com/mr-r3b00t/CVE-2024-47176
https://github.com/AxthonyV/CVE-2024-47176
https://github.com/gumerzzzindo/CVE-2024-47176
https://github.com/aytackalinci/CVE-2024-47176
https://github.com/0x7556/CVE-2024-47176
https://github.com/gianlu111/CUPS-CVE-2024-47176
https://github.com/lkarlslund/jugular
https://github.com/nma-io/CVE-2024-47176
💡CVE-2024-47176 Vulnerability Scanner (Cups-Browsed)
https://darkwebinformer.com/cve-2024-47176-vulnerability-scanner-cups-browsed/
##