Aggregator

Netlify раскрывает многомиллионную схему злоупотребления вычислительными ресурсами.

A vulnerability was found in Linux Kernel up to 6.1.119/6.6.63/6.11.10/6.12.1. It has been rated as problematic. This issue affects the function msg_init_ns of the component ipc. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2024-53175. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.10/6.12.1 and classified as critical. Affected by this issue is the function blk_mq_clear_flush_rq_mapping. The manipulation leads to use after free. This vulnerability is handled as CVE-2024-53170. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.6.61/6.11.8. Affected by this vulnerability is the function tls_sw_ctx_rx of the component bpf. The manipulation leads to memory corruption. This vulnerability is known as CVE-2024-53091. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in HP Linux Imaging and Printing Software and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to buffer overflow. This vulnerability is handled as CVE-2020-6923. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.15.173/6.1.119/6.6.65/6.12.4. Affected by this issue is the function hci_dma_irq_handler. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-45828. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.4. This issue affects the function cache_set_flush. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2024-48881. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Pydantic up to 1.10.12/2.3.x. This vulnerability affects unknown code of the component Email Handler. The manipulation leads to inefficient regular expression complexity. This vulnerability was named CVE-2024-3772. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apache Cassandra up to 4.0.14/4.1.7/5.0.2 and classified as problematic. Affected by this issue is some unknown functionality of the component RMI Registry. The manipulation leads to deserialization. This vulnerability is handled as CVE-2024-27137. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2024-45195 Apache OFBiz Forced Browsing Vulnerability
• CVE-2024-29059 Microsoft .NET Framework Information Disclosure Vulnerability
• CVE-2018-9276 Paessler PRTG Network Monitor OS Command Injection Vulnerability
• CVE-2018-19410 Paessler PRTG Network Monitor Local File Inclusion Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

CISA—in partnership with international and U.S. organizations—released guidance to help organizations protect their network edge devices and appliances, such as firewalls, routers, virtual private networks (VPN) gateways, Internet of Things (IoT) devices, internet-facing servers, and internet-facing operational technology (OT) systems. The published guidance is as follows:

• “Security Considerations for Edge Devices,” led by the Canadian Centre for Cyber Security (CCCS), a part of the Communications Security Establishment Canada.
• “Digital Forensics Monitoring Specifications for Products of Network Devices and Applications,” led by the United Kingdom’s National Cyber Security Centre (NCSC-UK).
• “Mitigation Strategies for Edge Devices: Executive Guidance” and “Mitigation Strategies for Edge Devices: Practitioner Guidance,” two separate guides led by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC).

Foreign adversaries routinely exploit software vulnerabilities in network edge devices to infiltrate critical infrastructure networks and systems. The damage can be expensive, time-consuming, and reputationally catastrophic for public and private sector organizations. These guidance documents detail various considerations and strategies for a more secure and resilient network both before and after a compromise.

CISA and partner agencies urge device manufacturers and critical infrastructure owners and operators to review and implement the recommended actions and mitigations in the publications. Device manufacturers, please visit CISA’s Secure by Design page for more information on how to align development processes with the goal of reducing the prevalence of vulnerabilities in devices. Critical infrastructure owners and operators, please see Secure by Demand: Priority Considerations for Operational Technology Owners and Operators when Selecting Digital Products for guidance on procuring secure products.

CISA released nine Industrial Control Systems (ICS) advisories on February 4, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-25-035-01 Western Telematic Inc NPS Series, DSM Series, CPM Series
• ICSA-25-035-02 Rockwell Automation 1756-L8zS3 and 1756-L3zS3
• ICSA-25-035-03 Elber Communications Equipment
• ICSA-25-035-04 Schneider Electric Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC
• ICSA-25-035-05 Schneider Electric Web Designer for Modicon
• ICSA-25-035-06 Schneider Electric Modicon M340 and BMXNOE0100/0110, BMXNOR0200H
• ICSA-25-035-07 Schneider Electric Pro-face GP-Pro EX and Remote HMI
• ICSA-25-035-08 AutomationDirect C-more EA9 HMI
• ICSA-23-299-03 Ashlar-Vellum Cobalt, Graphite, Xenon, Argon, Lithium (Update A)

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

Check Point Research has found over 10 million stolen credentials associated with EMEA organizations exposed on cybercrime markets

A vulnerability classified as problematic has been found in Mattermost up to 9.11.5/10.0.3/10.1.3/10.2.0/10.3.0. Affected is an unknown function. The manipulation leads to improper validation of specified type of input. This vulnerability is traded as CVE-2025-20033. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Mattermost up to 10.2.x. Affected by this vulnerability is an unknown functionality of the component Setting Handler. The manipulation leads to improper check for unusual conditions. This vulnerability is known as CVE-2025-22445. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Mattermost up to 9.11.5. Affected by this issue is some unknown functionality. The manipulation of the argument allow_open_invite leads to incorrect authorization. This vulnerability is handled as CVE-2025-22449. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in OpenFGA up to 1.8.2. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to improper authorization. This vulnerability was named CVE-2024-56323. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in notaryproject notation-go up to 1.3.0-rc.1. It has been classified as problematic. Affected is an unknown function. The manipulation leads to improper check for certificate revocation. This vulnerability is traded as CVE-2024-56138. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Mattermost up to 2.23.0/9.11.5/10.0.3/10.1.3/10.2.0. This vulnerability affects unknown code. The manipulation leads to improper validation of specified type of input. This vulnerability was named CVE-2025-20621. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in ARM Cortex-A72, Cortex-A73 and Cortex-A75. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2024-10929. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.