AttackerKB
attackerkb
New assessment for topic: CVE-2024-30080
Topic description: "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability ..."
"This vulnerability flew under my radar until I saw the results of the 2024 pwnie awards and couldn’t help but notice how it won the award for "Best RCE" ..."
Link: https://attackerkb.com/assessments/64e56b2e-4eba-4924-ac08-df5fa0c133c3
Topic description: "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability ..."
"This vulnerability flew under my radar until I saw the results of the 2024 pwnie awards and couldn’t help but notice how it won the award for "Best RCE" ..."
Link: https://attackerkb.com/assessments/64e56b2e-4eba-4924-ac08-df5fa0c133c3
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-27348
Topic description: "RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 ..."
"This is a Remote Code Execution vulnerability Apache HugeGraph in versions before 1.3.0 which are running on Java 8 or Java 11 ..."
Link: https://attackerkb.com/assessments/8bd428f4-d4e9-4f07-851f-490b66809dfc
Topic description: "RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 ..."
"This is a Remote Code Execution vulnerability Apache HugeGraph in versions before 1.3.0 which are running on Java 8 or Java 11 ..."
Link: https://attackerkb.com/assessments/8bd428f4-d4e9-4f07-851f-490b66809dfc
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-30055
Topic description: "Microsoft Edge (Chromium-based) Spoofing Vulnerability ..."
"WARNING: This is an example of the Microsoft Defender missing when you need it! Do not do this ..."
Link: https://attackerkb.com/assessments/1a237dae-c995-4d6d-a693-079713a04a6e
Topic description: "Microsoft Edge (Chromium-based) Spoofing Vulnerability ..."
"WARNING: This is an example of the Microsoft Defender missing when you need it! Do not do this ..."
Link: https://attackerkb.com/assessments/1a237dae-c995-4d6d-a693-079713a04a6e
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-29510
Topic description: "Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device. ..."
"Ghostscript is vulnerable to a critical format string vulnerability that affects versions before 10.03.1 ..."
Link: https://attackerkb.com/assessments/8a51907b-0645-440a-bbcb-88da0069a274
Topic description: "Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device. ..."
"Ghostscript is vulnerable to a critical format string vulnerability that affects versions before 10.03.1 ..."
Link: https://attackerkb.com/assessments/8a51907b-0645-440a-bbcb-88da0069a274
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-5217
Topic description: "ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases ..."
"CVE-2024-5217 is an unauthenticated vulnerability in the input validation checks for GlideExpression scripts that results in remote code execution ..."
Link: https://attackerkb.com/assessments/81acf030-5fa9-42f8-b4fd-9489237c46fb
Topic description: "ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases ..."
"CVE-2024-5217 is an unauthenticated vulnerability in the input validation checks for GlideExpression scripts that results in remote code execution ..."
Link: https://attackerkb.com/assessments/81acf030-5fa9-42f8-b4fd-9489237c46fb
0
0
1
AttackerKB
attackerkb
New assessment for topic: CVE-2024-6327
Topic description: "In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability. ..."
"CVE-2024-6327 is a critical unauthenticated deserialization vulnerability within Progress Telerik Report Server before 10.1.24.709 ..."
Link: https://attackerkb.com/assessments/6deb1089-45f5-4edc-869a-6c2a24cf6045
Topic description: "In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability. ..."
"CVE-2024-6327 is a critical unauthenticated deserialization vulnerability within Progress Telerik Report Server before 10.1.24.709 ..."
Link: https://attackerkb.com/assessments/6deb1089-45f5-4edc-869a-6c2a24cf6045
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-4879
Topic description: "ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases ..."
"CVE-2024-4879 is a Jelly Template injection vulnerability in ServiceNow resulting from incomplete input validation ..."
Link: https://attackerkb.com/assessments/75ffad32-e5b2-4b89-a163-7286268b57ad
Topic description: "ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases ..."
"CVE-2024-4879 is a Jelly Template injection vulnerability in ServiceNow resulting from incomplete input validation ..."
Link: https://attackerkb.com/assessments/75ffad32-e5b2-4b89-a163-7286268b57ad
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-20399
Topic description: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. ..."
"This vulnerability is highly technical in that it is closer to a jailbreak than a traditional exploit ..."
Link: https://attackerkb.com/assessments/9a60ce65-b2d9-48fc-8323-02717400391b
Topic description: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. ..."
"This vulnerability is highly technical in that it is closer to a jailbreak than a traditional exploit ..."
Link: https://attackerkb.com/assessments/9a60ce65-b2d9-48fc-8323-02717400391b
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-23897
Topic description: "Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system. ..."
"There seems to only be [one main (public) report of exploitation](https://x.com/shoucccc/status/1750601321831633026) that folks are [quoting](https://www.securityweek.com/45000-exposed-jenkins-instances-found-amid-reports-of-in-the-wild-exploitation/) for this CVE, but the UC Berkeley researcher's statement indicated fairly high confidence that they were seeing actual exploitation against honeypots, not just scanning ..."
Link: https://attackerkb.com/assessments/980d6913-83fe-4b34-9e70-394eeee7e004
Topic description: "Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system. ..."
"There seems to only be [one main (public) report of exploitation](https://x.com/shoucccc/status/1750601321831633026) that folks are [quoting](https://www.securityweek.com/45000-exposed-jenkins-instances-found-amid-reports-of-in-the-wild-exploitation/) for this CVE, but the UC Berkeley researcher's statement indicated fairly high confidence that they were seeing actual exploitation against honeypots, not just scanning ..."
Link: https://attackerkb.com/assessments/980d6913-83fe-4b34-9e70-394eeee7e004
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2021-20038
Topic description: "A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance ..."
"Exploited by North Korean state-sponsored attackers according to a July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/4a34d4ee-97c7-40c9-86e4-796897b05604
Topic description: "A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance ..."
"Exploited by North Korean state-sponsored attackers according to a July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/4a34d4ee-97c7-40c9-86e4-796897b05604
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2021-43226
Topic description: "Windows Common Log File System Driver Elevation of Privilege Vulnerability ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/0b19cfac-2381-412b-8c94-19799a0871d8
Topic description: "Windows Common Log File System Driver Elevation of Privilege Vulnerability ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/0b19cfac-2381-412b-8c94-19799a0871d8
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2021-43207
Topic description: "Windows Common Log File System Driver Elevation of Privilege Vulnerability ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/b529bb61-2f0f-44dc-9036-25b331f656cb
Topic description: "Windows Common Log File System Driver Elevation of Privilege Vulnerability ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/b529bb61-2f0f-44dc-9036-25b331f656cb
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2021-36955
Topic description: "Windows Common Log File System Driver Elevation of Privilege Vulnerability ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/a3131568-d600-4ab7-9a98-7601ae987f9d
Topic description: "Windows Common Log File System Driver Elevation of Privilege Vulnerability ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/a3131568-d600-4ab7-9a98-7601ae987f9d
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2021-44142
Topic description: "The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/d4f26b63-fa52-41c2-b13c-ae0515aac663
Topic description: "The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/d4f26b63-fa52-41c2-b13c-ae0515aac663
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-37085
Topic description: "VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD. ..."
"CVE-2024-37085, a vulnerability affecting domain-joined VMWare ESXi, was first published on June 25, 2024 ..."
Link: https://attackerkb.com/assessments/1fd9c4e9-1487-45ae-974b-82567a68434a
Topic description: "VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD. ..."
"CVE-2024-37085, a vulnerability affecting domain-joined VMWare ESXi, was first published on June 25, 2024 ..."
Link: https://attackerkb.com/assessments/1fd9c4e9-1487-45ae-974b-82567a68434a
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-28255
Topic description: "OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/3d5a0aa2-46be-42a3-acbf-2a3164d5da08
Topic description: "OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/3d5a0aa2-46be-42a3-acbf-2a3164d5da08
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-27348
Topic description: "RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 ..."
"Remote command execution vuln in [Apache HugeGraph-Server](https://hugegraph.apache.org/), an open-source graph database project ..."
Link: https://attackerkb.com/assessments/872583f2-49f8-4434-9d48-da38fa333763
Topic description: "RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 ..."
"Remote command execution vuln in [Apache HugeGraph-Server](https://hugegraph.apache.org/), an open-source graph database project ..."
Link: https://attackerkb.com/assessments/872583f2-49f8-4434-9d48-da38fa333763
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-24665
Topic description: "PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via a WordPress gutenberg block by any user able to edit posts. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/d9b74f51-fa75-4f86-8181-46667c7e8140
Topic description: "PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via a WordPress gutenberg block by any user able to edit posts. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/d9b74f51-fa75-4f86-8181-46667c7e8140
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-24664
Topic description: "PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress metaboxes, which could be used by any user able to edit posts. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/b8155ecf-90f0-49bc-b6ca-4c605fd3e200
Topic description: "PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress metaboxes, which could be used by any user able to edit posts. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/b8155ecf-90f0-49bc-b6ca-4c605fd3e200
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2022-24663
Topic description: "PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress shortcodes, which can be used by any authenticated user. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/f84de06a-d4b0-496a-a1b6-32583623c54e
Topic description: "PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress shortcodes, which can be used by any authenticated user. ..."
"A July 2024 bulletin from multiple U.S ..."
Link: https://attackerkb.com/assessments/f84de06a-d4b0-496a-a1b6-32583623c54e
0
0
0