SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
SEC595Cyber Defense
SANS Community Benefits
Connect, learn, and share with other cybersecurity professionals
VOLUME 24ISSUE 23
The Consensus Security Vulnerability Alert
Internet Storm Center Spotlight
ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html
No-Defender, Yes-Defender
Published: 2024-06-04
Last Updated: 2024-06-04 19:17:41 UTC
by John Moutos (Version: 1)
Recently I was made aware of a neat utility (https://github.com/es3n1n/no-defender/) which provides the capability to disable Windows Defender by abusing the WSC (Windows Security Center) registration that other AV and EDR providers utilize to become the main provider on systems, mostly to avoid conflict with Windows Defender.
It does this by abusing the middle-man WSC proxy app Avast bundles with their software, which provides access to the necessary WSC APIs for registration, and registers itself as an fraudulent AV provider, forcing Defender to step down (periodic scanning will still function if enabled manually).
As with all utilities that have the potential to aid in defense evasion, this will eventually make the rounds with active threat groups, until it is deemed obsolete or no longer viable.
To detect usage of this or similar tools, monitoring the “SecurityCenter” Windows event log for event ID 15 is ideal. This can help identify if an unwanted application registered and enabled itself as a security provider in place of Defender.
Read the full entry:
https://isc.sans.edu/diary/NoDefender+YesDefender/30980/
"K1w1" InfoStealer Uses gofile.io for Exfiltration
Published: 2024-05-31
Last Updated: 2024-05-31 10:40:46 UTC
by Xavier Mertens (Version: 1)
Python remains a nice language for attackers and I keep finding interesting scripts that are usually not very well detected by antivirus solutions. The one I found has a VT score of 7/65! I decided to call it "k1w1" infostealer because this string is referenced in many variable and function names. The script has classic infostealer capabilities to find interesting pieces of data on the victim's computer but has some interesting techniques.
First, it uses gofile.io to exfiltrate data...
Read the full entry:
https://isc.sans.edu/diary/K1w1+InfoStealer+Uses+gofileio+for+Exfiltration/30972/
Internet Storm Center Entries
A Wireshark Lua Dissector for Fixed Field Length Protocols (2024.06.03)
https://isc.sans.edu/diary/A+Wireshark+Lua+Dissector+for+Fixed+Field+Length+Protocols/30976/
Feeding MISP with OSSEC (2024.05.30)
Recent CVEs
The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.
CVE-2024-24919 - Check Point Security Gateways are vulnerable to information exposure when connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades, but a security fix is available.
Product: Checkpoint Quantum Security Gateway
CVSS Score: 8.6
** KEV since 2024-05-30 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-24919
ISC Podcast: https://isc.sans.edu/podcastdetail//9004
NVD References: https://support.checkpoint.com/results/sk/sk182336
CVE-2024-5274 - Google Chrome prior to version 125.0.6422.112 is vulnerable to type confusion in V8, allowing remote attackers to execute arbitrary code via a specially crafted HTML page.
Product: Google Chrome
CVSS Score: 8.8
** KEV since 2024-05-28 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5274
NVD References:
- https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_23.html
CVE-2024-23108 - Fortinet FortiSIEM versions 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 are vulnerable to an os command injection allowing unauthorized code execution via crafted API requests.
Product: Fortinet FortiSIEM 7.1.1
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23108
ISC Podcast: https://isc.sans.edu/podcastdetail/9000
CVE-2024-21785 - AutomationDirect P3-550E 1.2.10.9 is vulnerable to unauthorized access via a leftover debug code in its Telnet Diagnostic Interface functionality.
Product: AutomationDirect P3-550E
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21785
NVD References:
- https://talosintelligence.com/vulnerability_reports/TALOS-2024-1942
CVE-2024-22187 - AutomationDirect P3-550E 1.2.10.9 is vulnerable to a write-what-where vulnerability in the Programming Software Connection Remote Memory Diagnostics functionality, allowing an attacker to send a specially crafted network packet for an arbitrary write without authentication.
Product: AutomationDirect P3-550E
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22187
NVD References:
- https://talosintelligence.com/vulnerability_reports/TALOS-2024-1940
CVE-2024-23601 - AutomationDirect P3-550E 1.2.10.9 is vulnerable to code injection in scan_lib.bin, allowing for arbitrary code execution via a specially crafted file.
Product: AutomationDirect P3-550ECVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23601NVD References: - https://community.automationdirect.com/s/internal-database-security-advisory/a4GPE0000003ycL2AQ/sa00039- https://talosintelligence.com/vulnerability_reports/TALOS-2024-1943CVE-2024-24962 & CVE-2024-24963 - AutomationDirect P3-550E 1.2.10.9 stack-based buffer overflow vulnerabilitiesProduct: AutomationDirect P3-550ECVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-24962NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-24963NVD References: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1939CVE-2024-5150 - The Login with phone number plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.26, allowing unauthenticated attackers to log in as any existing user on the site, but the patch in version 1.7.26 causes the function to not work, this issue is fixed in version 1.7.27.Product: WordPress Login with phone number pluginCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5150NVD References: - https://plugins.trac.wordpress.org/browser/login-with-phone-number/tags/1.7.25/login-with-phonenumber.php#L4183- https://plugins.trac.wordpress.org/browser/login-with-phone-number/tags/1.7.25/login-with-phonenumber.php#L4220- https://plugins.trac.wordpress.org/browser/login-with-phone-number/tags/1.7.25/login-with-phonenumber.php#L4241- https://plugins.trac.wordpress.org/changeset/3090625/login-with-phone-number- https://plugins.trac.wordpress.org/changeset/3090754/login-with-phone-number#file5- https://www.wordfence.com/threat-intel/vulnerabilities/id/cf34eb9f-f6e9-4a7a-8459-c86f9fa3dad8?source=cveCVE-2024-3412 - The WP STAGING WordPress Backup Plugin is vulnerable to arbitrary file uploads, allowing authenticated attackers to potentially execute remote code.Product: WP STAGING WordPress Backup Plugin – Migration Backup RestoreCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3412NVD References: - https://plugins.trac.wordpress.org/changeset/3076275/wp-staging/trunk/Framework/Network/AjaxBackupDownloader.php- https://www.wordfence.com/threat-intel/vulnerabilities/id/8ebb1072-ea05-4914-961d-0d8f20248078?source=cveCVE-2024-4358 - In Progress Telerik Report Server, version 2024 Q1 or earlier, on IIS, is vulnerable to an authentication bypass issue allowing unauthenticated attackers to access restricted functionality.Product: Progress Telerik Report ServerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-4358NVD References: https://docs.telerik.com/report-server/knowledge-base/registration-auth-bypass-cve-2024-4358CVE-2024-5514 - MinMax CMS contains a hidden admin account with a fixed password that allows remote attackers to bypass IP access controls without detection.Product: MinMax Digital Technology MinMax CMSCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5514NVD References: https://www.twcert.org.tw/tw/cp-132-7828-c08b8-1.htmlCVE-2024-3300 - DELMIA Apriso is vulnerable to an unsafe .NET object deserialization flaw that allows for pre-authentication remote code execution.Product: DELMIA AprisoCVSS Score: 9.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3300NVD References: https://www.3ds.com/vulnerability/advisoriesCVE-2024-23692 - Rejetto HTTP File Server up to and including version 2.3m is vulnerable to template injection, allowing remote attackers to execute commands via crafted HTTP requests.Product: Rejetto HTTP File ServerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23692NVD References: - https://mohemiv.com/all/rejetto-http-file-server-2-3m-unauthenticated-rce/- https://vulncheck.com/advisories/rejetto-unauth-rceCVE-2024-36108 - Casgate allows remote unauthenticated attackers to obtain sensitive information via GET request to an API endpoint, potentially leading to account takeover or privilege escalation, with no known workarounds available and users advised to upgrade.Product: Casgate Open Source Identity and Access Management systemCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36108NVD References: - https://github.com/casgate/casgate/pull/201- https://github.com/casgate/casgate/security/advisories/GHSA-mj5q-rc67-h56cCVE-2024-3200 - The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the 'slug' attribute of the 'wpforo' shortcode in all versions up to, and including, 2.3.3, allowing authenticated attackers to extract sensitive information from the database.Product: wpForo Forum plugin CVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3200NVD References: - https://plugins.trac.wordpress.org/changeset?old_path=/wpforo/tags/2.3.3&new_path=/wpforo/tags/2.3.4&sfp_email=&sfph_mail=- https://www.wordfence.com/threat-intel/vulnerabilities/id/f54cdad2-88db-4604-8064-fa6175176760?source=cveCVE-2024-3820 - The wpDataTables plugin for WordPress is vulnerable to SQL Injection in all versions up to 6.3.1, allowing unauthenticated at…
CVE-2024-5150 - The Login with phone number plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.26, allowing unauthenticated attackers to log in as any existing user on the site, but the patch in version 1.7.26 causes the function to not work, this issue is fixed in version 1.7.27.
Product: WordPress Login with phone number plugin
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5150
NVD References:
- https://plugins.trac.wordpress.org/changeset/3090625/login-with-phone-number
- https://plugins.trac.wordpress.org/changeset/3090754/login-with-phone-number#file5
CVE-2024-3412 - The WP STAGING WordPress Backup Plugin is vulnerable to arbitrary file uploads, allowing authenticated attackers to potentially execute remote code.
Product: WP STAGING WordPress Backup Plugin – Migration Backup Restore
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3412
NVD References:
CVE-2024-4358 - In Progress Telerik Report Server, version 2024 Q1 or earlier, on IIS, is vulnerable to an authentication bypass issue allowing unauthenticated attackers to access restricted functionality.
Product: Progress Telerik Report Server
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-4358
NVD References: https://docs.telerik.com/report-server/knowledge-base/registration-auth-bypass-cve-2024-4358
CVE-2024-5514 - MinMax CMS contains a hidden admin account with a fixed password that allows remote attackers to bypass IP access controls without detection.
Product: MinMax Digital Technology MinMax CMS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5514
NVD References: https://www.twcert.org.tw/tw/cp-132-7828-c08b8-1.html
CVE-2024-3300 - DELMIA Apriso is vulnerable to an unsafe .NET object deserialization flaw that allows for pre-authentication remote code execution.
Product: DELMIA Apriso
CVSS Score: 9.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3300
NVD References: https://www.3ds.com/vulnerability/advisories
CVE-2024-23692 - Rejetto HTTP File Server up to and including version 2.3m is vulnerable to template injection, allowing remote attackers to execute commands via crafted HTTP requests.
Product: Rejetto HTTP File Server
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23692
NVD References:
- https://mohemiv.com/all/rejetto-http-file-server-2-3m-unauthenticated-rce/
CVE-2024-36108 - Casgate allows remote unauthenticated attackers to obtain sensitive information via GET request to an API endpoint, potentially leading to account takeover or privilege escalation, with no known workarounds available and users advised to upgrade.
Product: Casgate Open Source Identity and Access Management system
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36108
NVD References:
- https://github.com/casgate/casgate/pull/201
- https://github.com/casgate/casgate/security/advisories/GHSA-mj5q-rc67-h56c
CVE-2024-3200 - The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the 'slug' attribute of the 'wpforo' shortcode in all versions up to, and including, 2.3.3, allowing authenticated attackers to extract sensitive information from the database.
Product: wpForo Forum plugin
CVSS Score: 9.9
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3200
NVD References:
CVE-2024-3820 - The wpDataTables plugin for WordPress is vulnerable to SQL Injection in all versions up to 6.3.1, allowing unauthenticated attackers to extract sensitive information from the database via the 'id_key' parameter of the wdt_delete_table_row AJAX action in the premium version of the plugin.
Product: wpDataTables WordPress Data Table Plugin
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3820
NVD References:
CVE-2024-27776 - MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') may allow Unauthenticated RCE
Product: MileSight DeviceHub
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27776
NVD References: https://www.gov.il/en/Departments/faq/cve_advisories
CVE-2024-36388 - MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function
Product: MileSight DeviceHub
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36388
NVD References: https://www.gov.il/en/Departments/faq/cve_advisories
CVE-2024-36389 - MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values may allow Authentication Bypass
Product: MileSight DeviceHub
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36389
NVD References: https://www.gov.il/en/Departments/faq/cve_advisories
CVE-2024-36391 - MileSight DeviceHub - CWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic
Product: MileSight DeviceHub
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36391
NVD References: https://www.gov.il/en/Departments/faq/cve_advisories
CVE-2024-5311 - DigiWin EasyFlow .NET is vulnerable to SQL injection due to lack of input parameter validation, allowing unauthenticated attackers to access and manipulate database records.
Product: DigiWin EasyFlow
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5311
NVD References: https://www.twcert.org.tw/tw/cp-132-7844-52dad-1.html
CVE-2024-5404 - An unauthenticated remote attacker can change the admin password in a moneo appliance due to weak password recovery mechanism.
Product: moneo appliance
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5404
NVD References: https://cert.vde.com/en/advisories/VDE-2024-028
CVE-2023-43538 - Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.
Product: TZ Secure OS Tunnel Invoke Manager
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-43538
NVD References: https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html
CVE-2023-43551 - LTE networks may be vulnerable to cryptographic issues, allowing rogue base stations to bypass authentication and send Security Mode Commands.
Product: Samsung Galaxy S6
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-43551
NVD References: https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html
CVE-2023-43556 - Memory corruption in Hypervisor when platform information mentioned is not aligned.
Product: Hypervisor Memory corruption
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-43556
NVD References: https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html
CVE-2024-29972 through CVE-2024-29974 - Multiple vulnerabilities (command injection, remote code execution) in Zyxel NAS326 and NAS542 firmware
Product: Zyxel NAS326
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29972
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29973
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29974
NVD References:
- https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/
CVE-2024-4552 - The Social Login Lite For WooCommerce plugin for WordPress is vulnerable to authentication bypass through social login, allowing unauthenticated attackers to log in as any existing user on the site, up to version 1.6.0.
Product: WordPress Social Login Lite For WooCommerce plugin
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-4552
NVD References:
CVE-2023-33930 - Unlimited Elements For Elementor (Free Widgets, Addons, Templates) before version 1.5.66 allows Code Injection through unrestricted upload of dangerous file types.
Product: Unlimited Elements For Elementor
CVSS Score: 9.1
CVE-2024-25600 - Bricks Builder by Codeer Limited is vulnerable to Code Injection from versions n/a through 1.9.6.
Product: Codeer Limited Bricks Builder
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-25600
NVD References:
- https://github.com/Chocapikk/CVE-2024-25600
- https://github.com/K3ysTr0K3R/CVE-2024-25600-EXPLOIT
- https://patchstack.com/articles/critical-rce-patched-in-bricks-builder-theme?_s_id=cve
- https://snicco.io/vulnerability-disclosure/bricks/unauthenticated-rce-in-bricks-1-9-6
CVE-2024-33560 - XStore is vulnerable to improper limitation of a pathname, allowing PHP local file inclusion from n/a through 9.3.8.
Product: 8theme XStore
CVSS Score: 9.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-33560
NVD References: https://patchstack.com/database/vulnerability/xstore/wordpress-xstore-theme-9-3-5-unauthenticated-local-file-inclusion-vulnerability?_s_id=cve
CVE-2024-34551 - Stockholm: from n/a through 9.6 is vulnerable to a Path Traversal issue allowing PHP Local File Inclusion.
Product: Select-Themes Stockholm
CVSS Score: 9.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-34551
CVE-2024-34792 - Dextaz Ping from n/a through 0.65 allows Command Injection due to improper neutralization of special elements in a command.
Product: Dexta Dextaz Ping
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-34792
NVD References: https://patchstack.com/database/vulnerability/dextaz-ping/wordpress-dextaz-ping-plugin-0-65-remote-code-execution-rce-vulnerability?_s_id=cve
CVE-2024-35629 - Wow-Company Easy Digital Downloads – Recent Purchases is vulnerable to PHP Remote File Inclusion due to improper control of filename for include/require statement.
Product: Wow-Company Easy Digital Downloads – Recent Purchases
CVSS Score: 9.6
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35629
CVE-2024-35700 - Improper Privilege Management vulnerability in DeluxeThemes Userpro allows Privilege Escalation.This issue affects Userpro: from n/a through 5.1.8.
Product: DeluxeThemes Userpro
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35700
NVD References: https://patchstack.com/database/vulnerability/userpro/wordpress-userpro-plugin-5-1-8-unauthenticated-account-takeover-vulnerability?_s_id=cve
CVE-2024-36400 - Nano-id is a unique string ID generator for Rust that incorrectly generated IDs with a reduced character set, leading to predictability and vulnerability in security-sensitive contexts.
Product: Nano-id
CVSS Score: 9.4
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36400
NVD References:
- https://github.com/viz-rs/nano-id/commit/a9022772b2f1ce38929b5b81eccc670ac9d3ab23
- https://github.com/viz-rs/nano-id/security/advisories/GHSA-9hc7-6w9r-wj94
CVE-2024-21683 - Confluence Data Center and Server version 5.2 is vulnerable to a high severity RCE (Remote Code Execution) issue with a CVSS Score of 8.3.
Product: Atlassian Confluence Data Center and Server
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21683
ISC Podcast: https://isc.sans.edu/podcastdetail/9008
CVE-2024-27842 - The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges.
Product: macOS Sonoma
CVSS Score: N/A
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27842
ISC Diary: https://isc.sans.edu/diary/Apple+Patches+Everything+macOS+iOS+iPadOS+watchOS+tvOS+updated/30916/
ISC Podcast: https://isc.sans.edu/podcastdetail/8980
NVD References: https://support.apple.com/en-us/HT214106
CVE-2024-33560 - XStore is vulnerable to improper limitation of a pathname, allowing PHP local file inclusion from n/a through 9.3.8.
Product: 8theme XStore
CVSS Score: 9.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-33560
NVD References: https://patchstack.com/database/vulnerability/xstore/wordpress-xstore-theme-9-3-5-unauthenticated-local-file-inclusion-vulnerability?_s_id=cve
CVE-2024-34551 - Stockholm: from n/a through 9.6 is vulnerable to a Path Traversal issue allowing PHP Local File Inclusion.
CVE-2024-34792 - Dextaz Ping from n/a through 0.65 allows Command Injection due to improper neutralization of special elements in a command.
Product: Dexta Dextaz Ping
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-34792
NVD References: https://patchstack.com/database/vulnerability/dextaz-ping/wordpress-dextaz-ping-plugin-0-65-remote-code-execution-rce-vulnerability?_s_id=cve
CVE-2024-35629 - Wow-Company Easy Digital Downloads – Recent Purchases is vulnerable to PHP Remote File Inclusion due to improper control of filename for include/require statement.
Product: Wow-Company Easy Digital Downloads – Recent Purchases
CVSS Score: 9.6
CVE-2024-35700 - Improper Privilege Management vulnerability in DeluxeThemes Userpro allows Privilege Escalation.This issue affects Userpro: from n/a through 5.1.8.
Product: DeluxeThemes Userpro
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-35700
NVD References: https://patchstack.com/database/vulnerability/userpro/wordpress-userpro-plugin-5-1-8-unauthenticated-account-takeover-vulnerability?_s_id=cve
CVE-2024-36400 - Nano-id is a unique string ID generator for Rust that incorrectly generated IDs with a reduced character set, leading to predictability and vulnerability in security-sensitive contexts.
Product: Nano-id
CVSS Score: 9.4
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36400
NVD References:
- https://github.com/viz-rs/nano-id/commit/a9022772b2f1ce38929b5b81eccc670ac9d3ab23
- https://github.com/viz-rs/nano-id/security/advisories/GHSA-9hc7-6w9r-wj94
CVE-2024-21683 - Confluence Data Center and Server version 5.2 is vulnerable to a high severity RCE (Remote Code Execution) issue with a CVSS Score of 8.3.
Product: Atlassian Confluence Data Center and Server
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21683
ISC Podcast: https://isc.sans.edu/podcastdetail/9008
CVE-2024-27842 - The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges.
Product: macOS Sonoma
CVSS Score: N/A
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27842
ISC Diary: https://isc.sans.edu/diary/Apple+Patches+Everything+macOS+iOS+iPadOS+watchOS+tvOS+updated/30916/
ISC Podcast: https://isc.sans.edu/podcastdetail/8980
NVD References: https://support.apple.com/en-us/HT214106
Sponsors
Snyk
*********** Sponsored By SNYK Limited ***********Looking to enhance your application security reporting? Check out Snyk's latest resource Reporting AppSec Risk Up to Your CISO - a guide for you on risk prioritization, risk introduction and measuring your appsec program.Be proactive on risk reporting and gauge your CISO early on in your application development workflow!
Palo Alto Networks Cortex
Webcast: 2024 State of Security Automation Survey | June 25, 1:00 pm ET | Tune in to this discussion with Mark Orlando and Palo Alto's Jane Goh as they discuss the results of this survey - how SOC teams identify, prioritize and assess the efficiency of the SOAR use cases; and explore the ways AI might fill the gaps left by SOAR and remaining potential barriers. Also, Matt Bromiley will review the Cortex XSOAR platform.
Microsoft
Webcast: Secure your multi-cloud environment from code to cloud with Microsoft Defender CSPM | June 26, 10:30 am ET | Join Matt Bromiley and Tal Rosler of Microsoft as they unveil the latest security posture innovations in Microsoft Defender for Cloud.
HPE
Webcast: Is Access to Corporate Resources from any Device, Anywhere Truly Possible? | June 27, 1:00 pm ET| In today's digital landscape, the need for secure/seamless access to corporate resources from any device, anywhere is paramount. Join Dave Shackleford and HPE as they dive into the modern threats and security challenges that organizations face, and how solutions like SSE from HPE address these challenges.