Posts
233
Following
Hidden
Followers
51
AttackerKB bot (Unofficial)
attackerkb

AttackerKB

New assessment for topic: CVE-2023-35078

Topic description: "An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication. ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/2225eafb-1ea4-4c7d-ac77-fe562d5c27c7
0
0
0
attackerkb

AttackerKB

New assessment for topic: CVE-2021-3018

Topic description: "ipeak Infosystems ibexwebCMS (aka IPeakCMS) 3.5 is vulnerable to an unauthenticated Boolean-based SQL injection via the id parameter on the /cms/print.php page. ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/d7a80eeb-5538-4752-8c12-aee8cbbf6bb2
0
0
0
attackerkb

AttackerKB

New assessment for topic: CVE-2021-40684

Topic description: "Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or software running in the container. ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/d8a5a489-a4aa-4a1a-bb22-2ef2577cc099
0
0
0
attackerkb

AttackerKB

New assessment for topic: CVE-2021-41773

Topic description: "A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49 ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/2e742be1-1968-4935-9a6d-a4cb2d572ab0
0
0
0
attackerkb

AttackerKB

New assessment for topic: CVE-2019-7609

Topic description: "Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer ..."

"Exploited by North Korean state-sponsored attackers according to a July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/1c84367c-9126-4988-87a0-fc9ef017d880
0
0
0
attackerkb

AttackerKB

New assessment for topic: CVE-2019-15637

Topic description: "Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS ..."

"Exploited by North Korean state-sponsored attackers according to a July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/7b9ee876-f735-4ece-a860-4f8747c641c2
0
0
0
attackerkb

AttackerKB

New assessment for topic: CVE-2017-4946

Topic description: "The VMware V4H and V4PA desktop agents (6.x before 6.5.1) contain a privilege escalation vulnerability ..."

"Exploited by North Korean state-sponsored attackers according to a July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/54887518-c21f-46d1-93d6-ec599cc77a7c
0
0
0
attackerkb

AttackerKB

New assessment for topic: Windows Remote Desktop (RDP) Use-after-free vulnerablility, "Bluekeep"

Topic description: "A bug in Windows Remote Desktop protocol allows unauthenticated users to run arbitrary code via a specially crafted request to the service ..."

"Exploited by North Korean state-sponsored attackers according to a July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/8909df99-507f-4f27-a36b-9c759f2b5a9f
0
1
0
attackerkb

AttackerKB

New assessment for topic: CVE-2024-29824

Topic description: "An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. ..."

"Ivanti Endpoint Manager (EPM) versions 2022 SU5 and prior are vulnerable to SQL injection and a patch has been released, as described in the official [advisory](https://forums.ivanti.com/s/article/Security-Advisory-May-2024) and the related [KB article](https://forums.ivanti.com/s/article/KB-Security-Advisory-EPM-May-2024) ..."

Link: https://attackerkb.com/assessments/721f9e58-f1a2-4da1-9bdc-21a2c2e0a139
0
1
0
attackerkb

AttackerKB

New assessment for topic: CVE-2024-34102

Topic description: "Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution ..."

"Adobe Commerce, which is based on the Magento PHP suite, is a popular framework for commerce websites ..."

Link: https://attackerkb.com/assessments/d33dff0d-d59a-4d35-ae3b-542784621174
0
1
0
attackerkb

AttackerKB

New assessment for topic: CVE-2024-38112

Topic description: "Windows MSHTML Platform Spoofing Vulnerability ..."

"Trend Micro reported this vulnerability to Microsoft after observing [Void Banshee APT exploitation in the wild](https://www.trendmicro.com/en_id/research/24/g/CVE-2024-38112-void-banshee.html); the zero-day attack hinged on the premise that MHTML links would automatically open in the old Internet Explorer engine ..."

Link: https://attackerkb.com/assessments/ee90728c-07aa-4213-b028-b960f305ae9c
0
0
0
attackerkb

AttackerKB

New assessment for topic: CVE-2022-0510

Topic description: "Cross-site Scripting (XSS) - Reflected in Packagist pimcore/pimcore prior to 10.3.1. ..."

"Missing Sanitization of `$item->getGroup()` (lines 864 and 1269) in `fieldcollectionTreeAction/objectbrickTreeAction` functions in `bundles/AdminBundle/Controller/Admin/DataObject/ClassController.php` allows Admin User to perform Source Code Injection through Stored Group Fields (in Object Bricks/Field Collection under settings module) resulting in Information Exposure (cookie theft). ..."

Link: https://attackerkb.com/assessments/cd11e0f9-6a68-4d14-b233-1fa6126daceb
0
0
0
attackerkb

AttackerKB

New assessment for topic: CVE-2024-38023

Topic description: "Microsoft SharePoint Server Remote Code Execution Vulnerability ..."

"This vulnerability also requires authentication, but any SharePoint user with Site Owner permissions can hit it ..."

Link: https://attackerkb.com/assessments/876bb98d-a8d3-4b1c-8e7c-f270880d3f1e
0
0
0
attackerkb

AttackerKB

New assessment for topic: CVE-2024-36401

Topic description: "GeoServer is an open source server that allows users to share and edit geospatial data ..."

"[metadata only] ..."

Link: https://attackerkb.com/assessments/becffd24-1aa0-4f40-8adb-2427538a6c7a
0
0
0
attackerkb

AttackerKB

New assessment for topic: CVE-2024-6387

Topic description: "A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd) ..."

"Doesn't lend itself to an attackers needs ..."

Link: https://attackerkb.com/assessments/acb74366-0851-4235-bc32-0def86f0b97f
0
0
0
attackerkb

AttackerKB

New assessment for topic: CVE-2024-30104

Topic description: "Microsoft Office Remote Code Execution Vulnerability ..."

"The problem is still in the "docx" files this vulnerability is a 0 day based on the Follina exploit ..."

Link: https://attackerkb.com/assessments/deffe471-0387-49c1-8bf7-eec558f98ef0
0
0
0
attackerkb

AttackerKB

New assessment for topic: CVE-2024-6387

Topic description: "A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously ..."

"While this vulnerability is interesting, and it certainly has the potential for immense damage and harm, the reality is far more nuanced ..."

Link: https://attackerkb.com/assessments/c2e52e59-bce0-462b-b55c-f59f5b175032
0
0
0
attackerkb

AttackerKB

New assessment for topic: CVE-2013-3632

Topic description: "The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users and execute arbitrary commands via the username parameter. ..."

"[metadata only] ..."

Link: https://attackerkb.com/assessments/9e0899a6-dbbb-4874-9f0e-bff88432ea37
0
0
0
attackerkb

AttackerKB

New assessment for topic: CVE-2024-6387

Topic description: "A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously ..."

"**TL;DR:** Neat! Doesn't sound like something that's going to be easily exploited or automated in pretty much any scenario, so I have little initial concern about widespread exploitation, or even exploitation at all ..."

Link: https://attackerkb.com/assessments/4449caee-544e-4984-ace6-4f5b53c0d2f2
0
0
1
attackerkb

AttackerKB

New assessment for topic: CVE-2024-5806

Topic description: "Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2. ..."

"Based on our AttackerKB [Rapid7 Analysis](https://attackerkb.com/topics/44EZLG2xgL/cve-2024-5806#rapid7-analysis), I have rated the exploitability as high, as an exploit can easily be implemented by modifying an existing SFTP library to trigger the auth bypass ..."

Link: https://attackerkb.com/assessments/b4dd0bda-ae2f-4ec2-992e-bea386861f29
0
0
0
Show older
About infosec.place

Terms of Service

This is a placeholder, overwrite this by putting a file at 

$STATIC_DIR/static/terms-of-service.html

See the Static Directory docs for more info.