CVE-2024-6327

Progress Software Corporation Telerik Report Server
24 Jul 2024
Published
25 Jul 2024
Updated
CVSS v3.1
CRITICAL (9.9)
EPSS
0.04%
  • 4 Posts
  • 7 Interactions

CVE Info

In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code execution attack is possible through an insecure deserialization vulnerability.
MITRE
NVD

Fediverse

Profile picture
Patrick C Miller :donor:@patrickcmiller

Progress Software fixed critical RCE CVE-2024-6327 in the Telerik Report Server securityaffairs.com/166168/sec

  • 0
  • 0
  • 5 hours ago
Profile picture
CODE WHITE GmbH@codewhitesec

Another product, another deserialization vulnerability, another RCE from @mwulftange: Patch your Telerik Report Server (CVE-2024-6327 & CVE-2024-6096) code-white.com/public-vulnerab

  • 3
  • 3
  • 8 hours ago
Profile picture
Patch NOW !!@patchnow24x7

CVE-2024-6327 :: CVSS Score 9.9 :: Upgrade Progress' Telerik Server NOW !!

Advisory Link:

docs.telerik.com/report-server

Steps to Upgrade:

docs.telerik.com/report-server

Update Release Notes:

telerik.com/support/whats-new/.


  • 1
  • 0
  • 21 hours ago
Profile picture
Jeff Hall - PCIGuru :verified:@jbhall56

The vulnerability, tracked as CVE-2024-6327 (CVSS score: 9.9), impacts Report Server version 2024 Q2 (10.1.24.514) and earlier. thehackernews.com/2024/07/crit

  • 0
  • 0
  • 17 hours ago

CVE-2023-45249

Acronis Cyber Infrastructure
24 Jul 2024
Published
26 Jul 2024
Updated
CVSS v3.0
CRITICAL (9.8)
EPSS
0.04%
  • 2 Posts
  • 4 Interactions

CVE Info

Remote command execution due to use of default passwords. The following products are affected: Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, Acronis Cyber Infrastructure (ACI) before build 5.1.1-71, Acronis Cyber Infrastructure (ACI) before build 5.2.1-69, Acronis Cyber Infrastructure (ACI) before build 5.3.1-53, Acronis Cyber Infrastructure (ACI) before build 5.4.4-132.
MITRE
NVD

Fediverse

Profile picture
Not Simon 🐐@screaminggoat

Acronis security advisory: Acronis Cyber Infrastructure 5.4 update 4.2
CVE-2023-45249 (9.8 critical, disclosed 24 July 2024 by Acronis) Remote command execution due to use of default passwords

This vulnerability is known to be exploited in the wild.

h/t: @serghei. See related Bleeping Computer reporting: Acronis warns of Cyber Infrastructure default password abused in attacks

  • 1
  • 2
  • 12 hours ago
Profile picture
Patch NOW !!@patchnow24x7

Critical : CVE-2023-45249 :: CVSS 9.8 :: Remote Code Execution vulnerability in Acronis Cyber Infrastructure(ACI) tool.

This vulnerability is being exploited in-the-wild !!

Advisory Link:

security-advisory.acronis.com/

  • 0
  • 1
  • 1 hours ago

CVE-2024-6922

Automationanywhere Automation 360
26 Jul 2024
Published
26 Jul 2024
Updated
CVSS v4.0
MEDIUM (6.9)
EPSS
Pending
  • 2 Posts
  • 10 Interactions

CVE Info

Automation Anywhere Automation 360 v21-v32 is vulnerable to Server-Side Request Forgery in a web API component. An attacker with unauthenticated access to the Automation 360 Control Room HTTPS service (port 443) or HTTP service (port 80) can trigger arbitrary web requests from the server.
MITRE
NVD

Fediverse

Profile picture
Caitlin Condon@catc0n

Congrats to @fuzz on his first Rapid7 vulnerability disclosure! CVE-2024-6922 is an unauthenticated SSRF in Automation 360. It's fixed in v33 onward, with thanks to the vendor for their prompt investigation and coordinated disclosure!
rapid7.com/blog/post/2024/07/2

  • 2
  • 7
  • 12 hours ago
Profile picture
Not Simon 🐐@screaminggoat

Rapid7: CVE-2024-6922: Automation Anywhere Automation 360 Server-Side Request Forgery
Rapid7 reports that Automation 360 Robotic Process Automation suite v21-v32 is vulnerable to unauthenticated Server-Side Request Forgery (SSRF) tracked as CVE-2024-6922 (6.9 medium). Automation 360 Robotic Process Automation is allegedly used by many private-sector businesses and government agencies. Rapid7 states that “These requests can be used to target internal network services that are not otherwise reachable… For example, unauthenticated attackers can direct Automation 360 to perform arbitrary POST web requests to the back end web services behind Traefik, the Elastic API, and internal Windows web APIs”

  • 0
  • 1
  • 14 hours ago

CVE-2024-27867

Apple AirPods Firmware Update A, AirPods Firmware Update F, and Beats Firmware Update F
26 Jun 2024
Published
26 Jun 2024
Updated
CVSS
Pending
EPSS
0.04%
  • 1 Post

CVE Info

An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8. When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones.
MITRE
NVD

Fediverse

Profile picture
lj·rk@ljrk

@bamboombibbitybop @mjg59 They sound much better when using CVE-2024-27867 to listen to music unencrypted!

  • 0
  • 0
  • last hour

CVE-2024-27829

Apple macOS
13 May 2024
Published
13 May 2024
Updated
CVSS
Pending
EPSS
0.04%
  • 1 Post

CVE Info

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.5. Processing a file may lead to unexpected app termination or arbitrary code execution.
MITRE
NVD

Fediverse

Profile picture
Zero Day Initiative@thezdi

[ZDI-24-965|CVE-2024-27829] Apple macOS VideoToolbox Out-Of-Bounds Write Remote Code Execution Vulnerability (CVSS 8.8; Credit: Pwn2car) zerodayinitiative.com/advisori

  • 0
  • 0
  • 9 hours ago

CVE-1999-0184

Pending
29 Sept 1999
Published
17 Aug 2022
Updated
CVSS
Pending
EPSS
0.70%
  • 1 Post

CVE Info

When compiled with the -DALLOW_UPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS records.
MITRE
NVD

Fediverse

Profile picture
mort666@mort666

@Sempf They should be used to it by now, given they have been dealing with CVE's for Bind since CVE-1999-0184.. And they have had quite a lot...

#dns

  • 0
  • 0
  • 4 hours ago

CVE-2024-42029

Pending
27 Jul 2024
Published
27 Jul 2024
Updated
CVSS
Pending
EPSS
Pending
  • 1 Post

CVE Info

xdg-desktop-portal-hyprland (aka an XDG Desktop Portal backend for Hyprland) before 1.3.3 allows OS command execution, e.g., because single quotes are not used when sending a list of app IDs and titles via the environment.
MITRE
NVD

Fediverse

Profile picture
Wesley Bryie@wes

Quick follow up for XDPH/Hyprland users:

cve.org/CVERecord?id=CVE-2024-

  • 0
  • 0
  • 2 hours ago

CVE-2024-6096

Progress Software Corporation Telerik Reporting
24 Jul 2024
Published
25 Jul 2024
Updated
CVSS v3.1
HIGH (8.8)
EPSS
0.04%
  • 1 Post
  • 6 Interactions

CVE Info

In Progress® Telerik® Reporting versions prior to 18.1.24.709, a code execution attack is possible through object injection via an insecure type resolution vulnerability.
MITRE
NVD

Fediverse

Profile picture
CODE WHITE GmbH@codewhitesec

Another product, another deserialization vulnerability, another RCE from @mwulftange: Patch your Telerik Report Server (CVE-2024-6327 & CVE-2024-6096) code-white.com/public-vulnerab

  • 3
  • 3
  • 8 hours ago

CVE-2024-6387

Red Hat Enterprise Linux 9
01 Jul 2024
Published
22 Jul 2024
Updated
CVSS
Pending
EPSS
71.47%
  • 1 Post
  • 5 Interactions

CVE Info

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
MITRE
NVD

Fediverse

Profile picture
0xor0ne@0xor0ne

Great writeup as usual by Qualys on exploiting a signal handler race condition in OpenSSH

qualys.com/2024/07/01/cve-2024

  • 1
  • 4
  • 14 hours ago

CVE-2024-41110

moby
24 Jul 2024
Published
26 Jul 2024
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.04%
  • 1 Post
  • 1 Interaction

CVE Info

Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The base likelihood of this being exploited is low. Using a specially-crafted API request, an Engine API client could make the daemon forward the request or response to an authorization plugin without the body. In certain circumstances, the authorization plugin may allow a request which it would have otherwise denied if the body had been forwarded to it. A security issue was discovered In 2018, where an attacker could bypass AuthZ plugins using a specially crafted API request. This could lead to unauthorized actions, including privilege escalation. Although this issue was fixed in Docker Engine v18.09.1 in January 2019, the fix was not carried forward to later major versions, resulting in a regression. Anyone who depends on authorization plugins that introspect the request and/or response body to make access control decisions is potentially impacted. Docker EE v19.03.x and all versions of Mirantis Container Runtime are not vulnerable. docker-ce v27.1.1 containes patches to fix the vulnerability. Patches have also been merged into the master, 19.0, 20.0, 23.0, 24.0, 25.0, 26.0, and 26.1 release branches. If one is unable to upgrade immediately, avoid using AuthZ plugins and/or restrict access to the Docker API to trusted parties, following the principle of least privilege.
MITRE
NVD

Fediverse

Profile picture
benzogaga33 :mastodon:@benzogaga33

Une faille de sécurité vieille de 5 ans a été corrigée dans Docker ! it-connect.fr/docker-une-faill #ActuCybersécurité

  • 0
  • 1
  • 20 hours ago

CVE-2024-0760

ISC BIND 9
23 Jul 2024
Published
23 Jul 2024
Updated
CVSS v3.1
HIGH (7.5)
EPSS
0.05%
  • 1 Post

CVE Info

A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.
MITRE
NVD

Fediverse

Profile picture
Jeff Hall - PCIGuru :verified:@jbhall56

The updates resolve a total of four high-severity bugs, tracked as CVE-2024-0760, CVE-2024-1737, CVE-2024-1975, and CVE-2024-4076, all of which have a CVSS score of 7.5. securityweek.com/bind-updates-

  • 0
  • 0
  • 18 hours ago

CVE-2024-1975

ISC BIND 9
23 Jul 2024
Published
24 Jul 2024
Updated
CVSS v3.1
HIGH (7.5)
EPSS
0.05%
  • 1 Post

CVE Info

If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests. This issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1.
MITRE
NVD

Fediverse

Profile picture
Jeff Hall - PCIGuru :verified:@jbhall56

The updates resolve a total of four high-severity bugs, tracked as CVE-2024-0760, CVE-2024-1737, CVE-2024-1975, and CVE-2024-4076, all of which have a CVSS score of 7.5. securityweek.com/bind-updates-

  • 0
  • 0
  • 18 hours ago

CVE-2024-4076

ISC BIND 9
23 Jul 2024
Published
24 Jul 2024
Updated
CVSS v3.1
HIGH (7.5)
EPSS
0.04%
  • 1 Post

CVE Info

Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.
MITRE
NVD

Fediverse

Profile picture
Jeff Hall - PCIGuru :verified:@jbhall56

The updates resolve a total of four high-severity bugs, tracked as CVE-2024-0760, CVE-2024-1737, CVE-2024-1975, and CVE-2024-4076, all of which have a CVSS score of 7.5. securityweek.com/bind-updates-

  • 0
  • 0
  • 18 hours ago

CVE-2024-1737

ISC BIND 9
23 Jul 2024
Published
26 Jul 2024
Updated
CVSS v3.1
HIGH (7.5)
EPSS
0.05%
  • 1 Post

CVE Info

Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.
MITRE
NVD

Fediverse

Profile picture
Jeff Hall - PCIGuru :verified:@jbhall56

The updates resolve a total of four high-severity bugs, tracked as CVE-2024-0760, CVE-2024-1737, CVE-2024-1975, and CVE-2024-4076, all of which have a CVSS score of 7.5. securityweek.com/bind-updates-

  • 0
  • 0
  • 18 hours ago