This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft PC Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8.
Monthly Archives: December 2024
ZDI-24-1695: Ivanti Avalanche FileStoreConfig Unrestricted File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2024-37373.
[KIS-2024-07] GFI Kerio Control <= 9.4.5 Multiple HTTP Response Splitting Vulnerabilities
Posted by Egidio Romano on Dec 16
—————————————————————————
GFI Kerio Control <= 9.4.5 Multiple HTTP Response Splitting Vulnerabilities
—————————————————————————
[-] Software Links:
https://gfi.ai/products-and-solutions/network-security-solutions/keriocontrol
http://download.kerio.com
[-] Affected Versions:
All versions from 9.2.5 to 9.4.5.
[-] Vulnerabilities Description:…
RansomLordNG – anti-ransomware exploit tool
Posted by malvuln on Dec 16
This next generation version dumps process memory of the targeted
Malware prior to termination The process memory dump file MalDump.dmp
varies in size and can be 50 MB plus RansomLord now intercepts and
terminates ransomware from 54 different threat groups Adding GPCode,
DarkRace, Snocry, Hydra and Sage to the ever growing victim list.
Lang: C
SHA256: fcb259471a4a7afa938e3aa119bdff25620ae83f128c8c7d39266f410a7ec9aa
RansomLordNG leverages code…
Cleo Multiple Products Unrestricted File Upload Vulnerability (CVE-2024-50623)
What is the Vulnerability?An unrestricted file upload and download vulnerability (CVE-2024-50623) that could lead to remote code execution, affecting multiple Cleo products is being actively exploited in the wild. The vulnerability affects the following Cleo products (versions before and including 5.8.0.21)-Cleo Harmony -Cleo VLTrader -Cleo LexiCom Cleo is a software company focused on Managed File Transfer (MFT) solutions. Its products-Cleo VLTrader, Cleo Harmony, and Cleo LexiCom facilitates secure file transfers, B2B integration, and streamlines data exchange and integration.On December 13, 2024, CISA confirmed that the CVE-2024-50623, is being actively exploited, including in Ransomware campaigns and has been added to the Known Exploited Vulnerabilities (KEV) catalog.What is the recommended Mitigation?FortiGuard Labs strongly advises all Cleo customers to immediately upgrade instances of Harmony, VLTrader, and LexiCom to the latest released patch as released and follow: Cleo Product Security Advisory – CVE-2024-50623 – CleoWhat FortiGuard Coverage is available?FortiGuard recommends users to apply the fix provided by the vendor and follow instructions as mentioned on the vendor’s advisory. FortiGuard Web Filtering service blocks all the known Indicators of Compromise (IoCs) related to the campaigns targeting the Cleo Vulnerability. FortiGuard IPS protection coverage is under review, and this report will be updated as new coverage becomes available.The FortiGuard Incident Response team can be engaged to help with any suspected compromise.
DSA-5833-1 dpdk – security update
A buffer overflow was discovered in the vhost code of DPDK, a set of
libraries for fast packet processing, which could result in denial of
service or the execution of arbitrary code by malicious
guests/containers.
USN-7163-1: Linux kernel vulnerability
A security issue was discovered in the Linux kernel.
An attacker could possibly use this to compromise the system.
This update corrects flaws in the following subsystem:
– Network traffic control;
CISA and EPA Warn of Cyber Risks to Water System Interfaces
CISA and EPA have published guidance for operators of water and wastewater systems to protect against cyber-attacks
Deloitte Alerts Rhode Island to Significant Data Breach in RIBridges System
Rhode Island’s RIBridges system has suffered a major data breach, potentially exposing personal information, with Deloitte confirming the presence of malicious software
sympa-6.2.74-1.el10_0
FEDORA-EPEL-2024-5b320e416d
Packages in this update:
sympa-6.2.74-1.el10_0
Update description:
Update to 6.2.74, fix for CVE-2024-55919
Full changelog: https://github.com/sympa-community/sympa/releases/tag/6.2.74