SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsThe list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.CVE-2022-47986 - IBM Aspera Faspex 4.4.1 has a YAML deserialization flaw allowing remote code execution via an obsolete API call.Product: IBM Aspera FaspexCVSS Score: 0** KEV since 2023-02-21 **NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-47986ISC Podcast: https://isc.sans.edu/podcastdetail.html?podcastid=8432CVE-2022-3686 - A vulnerability exists in a SDM600 endpoint. An attacker could exploit this vulnerability by running multiple parallel requests, the SDM600 web services become busy rendering the application unresponsive. This issue affects: All SDM600 versions prior to version 1.2 FP3 HF4 (Build Nr. 1.2.23000.291)Product: Hitachi Energy SDM600CVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-3686NVD References: https://search.abb.com/library/Download.aspx?DocumentID=8DBD000138&LanguageCode=en&DocumentPartId=&Action=LaunchCVE-2023-28326 - Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.0.0 Description: Attacker can elevate their privileges in any roomProduct: Apache OpenMeetingsCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-28326NVD References: https://lists.apache.org/thread/r9vn12dp5yofn1h3wd5x4h7c3vmmr5d9CVE-2023-27821 - Databasir v1.0.7 was discovered to contain a remote code execution (RCE) vulnerability via the mockDataScript parameter.Product: Databasir CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-27821NVD References: - https://github.com/luelueking/Databasir-1.0.7-vuln-poc- https://github.com/vran-dev/databasir/issues/269CVE-2022-0194 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ad_addcomment function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15876.Product: Netatalk Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-0194NVD References: - https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html- https://www.zerodayinitiative.com/advisories/ZDI-22-530/CVE-2022-23121 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parse_entries function. The issue results from the lack of proper error handling when parsing AppleDouble entries. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15819.Product: Netatalk Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-23121NVD References: - https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html- https://www.zerodayinitiative.com/advisories/ZDI-22-527/CVE-2022-23122 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setfilparams function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15837.Product: Netatalk Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-23122NVD References: - https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html- https://www.zerodayinitiative.com/advisories/ZDI-22-529/CVE-2022-23123 - This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getdirparams method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-15830.Product: Netatalk Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-23123NVD References: - https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html- https://www.zerodayinitiative.com/advisories/ZDI-22-528/CVE-2022-23124 - This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the …
*********** Sponsored By Akamai Technologies ***********Take the SANS 2023 Application Security Survey, today | If you dabble in the world of application security including discovery, vulnerability assessment and risk mitigation - we want to hear from you. Share your insights with the cyber community, and you'll be entered into our drawing for a chance to win a $250 Amazon gift card:
2023 Threat Hunting Survey Event on Wednesday, April 19th at 10:30am ET | Join survey authors Mathias Fuchs and Josh Lemon for a half-day survey event focused on the hunters and how best to support them | Register now:
Upcoming webcast on Thursday, April 13th at 10:30am ET | Cloud Security: Does the Endpoint Still Matter? | Register now:
Join us on Tuesday, April 18th at 1:00pm ET for Accelerate Your ASM Journey: Top 10 Attack Surface Management Use Cases | Register now: