Posts
231
Following
Hidden
Followers
53
AttackerKB bot (Unofficial)
New assessment for topic: CVE-2024-38063

Topic description: "Windows TCP/IP Remote Code Execution Vulnerability ..."

"As a quick addendum to @sfewer-r7's excellent assessment, I've seen this vulnerability compared with [CVE-2020-16898](https://attackerkb.com/topics/17lFRTT1DO/cve-2020-16898-aka-bad-neighbor-ping-of-death-redux) in a few news articles, alongside the dreaded "w" word ("wormable") ..."

Link: https://attackerkb.com/assessments/675ac514-4a44-4197-af6c-38b33d372455
0
0
0
New assessment for topic: CVE-2024-38063

Topic description: "Windows TCP/IP Remote Code Execution Vulnerability ..."

"On August 13, 2024, Microsoft disclosed CVE-2024-38063, an integer underflow vulnerability ([CWE-191](https://cwe.mitre.org/data/definitions/191.html)) affecting the IPv6 component of the Windows TCP/IP networking stack ..."

Link: https://attackerkb.com/assessments/92c8c4df-81fd-426e-bf53-60a08563d643
0
1
1
New assessment for topic: CVE-2024-30080

Topic description: "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability ..."

"This vulnerability flew under my radar until I saw the results of the 2024 pwnie awards and couldn’t help but notice how it won the award for "Best RCE" ..."

Link: https://attackerkb.com/assessments/64e56b2e-4eba-4924-ac08-df5fa0c133c3
0
0
0
New assessment for topic: CVE-2024-27348

Topic description: "RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 ..."

"This is a Remote Code Execution vulnerability Apache HugeGraph in versions before 1.3.0 which are running on Java 8 or Java 11 ..."

Link: https://attackerkb.com/assessments/8bd428f4-d4e9-4f07-851f-490b66809dfc
0
0
0
New assessment for topic: CVE-2024-30055

Topic description: "Microsoft Edge (Chromium-based) Spoofing Vulnerability ..."

"WARNING: This is an example of the Microsoft Defender missing when you need it! Do not do this ..."

Link: https://attackerkb.com/assessments/1a237dae-c995-4d6d-a693-079713a04a6e
0
0
0
New assessment for topic: CVE-2024-29510

Topic description: "Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device. ..."

"Ghostscript is vulnerable to a critical format string vulnerability that affects versions before 10.03.1 ..."

Link: https://attackerkb.com/assessments/8a51907b-0645-440a-bbcb-88da0069a274
0
0
0
New assessment for topic: CVE-2024-5217

Topic description: "ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases ..."

"CVE-2024-5217 is an unauthenticated vulnerability in the input validation checks for GlideExpression scripts that results in remote code execution ..."

Link: https://attackerkb.com/assessments/81acf030-5fa9-42f8-b4fd-9489237c46fb
0
0
1
New assessment for topic: CVE-2024-6327

Topic description: "In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability. ..."

"CVE-2024-6327 is a critical unauthenticated deserialization vulnerability within Progress Telerik Report Server before 10.1.24.709 ..."

Link: https://attackerkb.com/assessments/6deb1089-45f5-4edc-869a-6c2a24cf6045
0
0
0
New assessment for topic: CVE-2024-4879

Topic description: "ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases ..."

"CVE-2024-4879 is a Jelly Template injection vulnerability in ServiceNow resulting from incomplete input validation ..."

Link: https://attackerkb.com/assessments/75ffad32-e5b2-4b89-a163-7286268b57ad
0
0
0
New assessment for topic: CVE-2024-20399

Topic description: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. ..."

"This vulnerability is highly technical in that it is closer to a jailbreak than a traditional exploit ..."

Link: https://attackerkb.com/assessments/9a60ce65-b2d9-48fc-8323-02717400391b
0
0
0
New assessment for topic: CVE-2024-23897

Topic description: "Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system. ..."

"There seems to only be [one main (public) report of exploitation](https://x.com/shoucccc/status/1750601321831633026) that folks are [quoting](https://www.securityweek.com/45000-exposed-jenkins-instances-found-amid-reports-of-in-the-wild-exploitation/) for this CVE, but the UC Berkeley researcher's statement indicated fairly high confidence that they were seeing actual exploitation against honeypots, not just scanning ..."

Link: https://attackerkb.com/assessments/980d6913-83fe-4b34-9e70-394eeee7e004
0
0
0
New assessment for topic: CVE-2021-20038

Topic description: "A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance ..."

"Exploited by North Korean state-sponsored attackers according to a July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/4a34d4ee-97c7-40c9-86e4-796897b05604
0
0
0
New assessment for topic: CVE-2021-43226

Topic description: "Windows Common Log File System Driver Elevation of Privilege Vulnerability ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/0b19cfac-2381-412b-8c94-19799a0871d8
0
0
0
New assessment for topic: CVE-2021-43207

Topic description: "Windows Common Log File System Driver Elevation of Privilege Vulnerability ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/b529bb61-2f0f-44dc-9036-25b331f656cb
0
0
0
New assessment for topic: CVE-2021-36955

Topic description: "Windows Common Log File System Driver Elevation of Privilege Vulnerability ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/a3131568-d600-4ab7-9a98-7601ae987f9d
0
0
0
New assessment for topic: CVE-2021-44142

Topic description: "The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/d4f26b63-fa52-41c2-b13c-ae0515aac663
0
0
0
New assessment for topic: CVE-2024-37085

Topic description: "VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD. ..."

"CVE-2024-37085, a vulnerability affecting domain-joined VMWare ESXi, was first published on June 25, 2024 ..."

Link: https://attackerkb.com/assessments/1fd9c4e9-1487-45ae-974b-82567a68434a
0
0
0
New assessment for topic: CVE-2024-28255

Topic description: "OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration ..."

"[metadata only] ..."

Link: https://attackerkb.com/assessments/3d5a0aa2-46be-42a3-acbf-2a3164d5da08
0
0
0
New assessment for topic: CVE-2024-27348

Topic description: "RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11 ..."

"Remote command execution vuln in [Apache HugeGraph-Server](https://hugegraph.apache.org/), an open-source graph database project ..."

Link: https://attackerkb.com/assessments/872583f2-49f8-4434-9d48-da38fa333763
0
0
0
New assessment for topic: CVE-2022-24665

Topic description: "PHP Everywhere <= 2.0.3 included functionality that allowed execution of PHP Code Snippets via a WordPress gutenberg block by any user able to edit posts. ..."

"A July 2024 bulletin from multiple U.S ..."

Link: https://attackerkb.com/assessments/d9b74f51-fa75-4f86-8181-46667c7e8140
0
0
0
Show older