漏洞挖掘与复现
漏洞复现与挖掘
Aggregator
CVE-2024-11460 | Verowa Connect Plugin up to 3.0.1 on WordPress sql injection
1 year 4 months ago
A vulnerability was found in Verowa Connect Plugin up to 3.0.1 on WordPress. It has been classified as critical. Affected is an unknown function. The manipulation leads to sql injection.
This vulnerability is traded as CVE-2024-11460. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
Achieve Efficient Prioritization with Flashpoint’s Enriched Vulnerability Intelligence
1 year 4 months ago
Achieve Efficient Prioritization with Flashpoint’s Enriched Vulnerability Intelligence
CVE-2024-11292 | WP Private Content Plus Plugin up to 3.6.1 on WordPress information disclosure
1 year 4 months ago
A vulnerability was found in WP Private Content Plus Plugin up to 3.6.1 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to information disclosure.
The identification of this vulnerability is CVE-2024-11292. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2024-11323 | AI Quiz Plugin up to 1.1 on WordPress Options Update authorization
1 year 4 months ago
A vulnerability has been found in AI Quiz Plugin up to 1.1 on WordPress and classified as problematic. This vulnerability affects unknown code of the component Options Update Handler. The manipulation leads to missing authorization.
This vulnerability was named CVE-2024-11323. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2024-12155 | SV100 Companion Plugin up to 2.0.02 on WordPress Options Update authorization
1 year 4 months ago
A vulnerability, which was classified as problematic, was found in SV100 Companion Plugin up to 2.0.02 on WordPress. This affects an unknown part of the component Options Update Handler. The manipulation leads to missing authorization.
This vulnerability is uniquely identified as CVE-2024-12155. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-9705 | Ultimate Coming Soon & Maintenance Plugin up to 1.0.9 on WordPress Template Name authorization
1 year 4 months ago
A vulnerability, which was classified as problematic, has been found in Ultimate Coming Soon & Maintenance Plugin up to 1.0.9 on WordPress. Affected by this issue is some unknown functionality of the component Template Name Handler. The manipulation leads to missing authorization.
This vulnerability is handled as CVE-2024-9705. The attack may be launched remotely. There is no exploit available.
vuldb.com
Major USAID contractor Chemonics says 263,000 affected by 2023 data breach
1 year 4 months ago
Major USAID contractor Chemonics says 263,000 affected by 2023 data breach
CVE-2024-9706 | Ultimate Coming Soon & Maintenance Plugin up to 1.0.9 on WordPress Template authorization
1 year 4 months ago
A vulnerability classified as critical was found in Ultimate Coming Soon & Maintenance Plugin up to 1.0.9 on WordPress. Affected by this vulnerability is an unknown functionality of the component Template Handler. The manipulation leads to missing authorization.
This vulnerability is known as CVE-2024-9706. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-12110 | Gold Addons for Elementor Plugin up to 1.3.2 on WordPress Activation authorization
1 year 4 months ago
A vulnerability classified as problematic has been found in Gold Addons for Elementor Plugin up to 1.3.2 on WordPress. Affected is an unknown function of the component Activation Handler. The manipulation leads to missing authorization.
This vulnerability is traded as CVE-2024-12110. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
New infosec products of the week: December 6, 2024
1 year 4 months ago
Here’s a look at the most interesting products from the past week, featuring releases from Datadog, Fortinet, Radiant Logic, Sweet Security, Tenable, and Veza. FortiAppSec Cloud simplifies web application security management With FortiAppSec Cloud, customers have deep visibility and control over web applications within their complex, multi-cloud environments. They can configure and manage security features and performance tools via an easy-to-use console, streamlining business operations while ensuring the protection of their network. Tenable Patch Management … More →
The post New infosec products of the week: December 6, 2024 appeared first on Help Net Security.
Help Net Security
CVE-2024-12028 | Friends Plugin up to 3.2.1 on WordPress authorization
1 year 4 months ago
A vulnerability was found in Friends Plugin up to 3.2.1 on WordPress. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to missing authorization.
The identification of this vulnerability is CVE-2024-12028. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2024-12027 | Message Filter for Contact Form Plugin up to 1.6.3 on WordPress authorization
1 year 4 months ago
A vulnerability was found in Message Filter for Contact Form Plugin up to 1.6.3 on WordPress. It has been declared as problematic. This vulnerability affects unknown code of the component Filter Handler. The manipulation leads to missing authorization.
This vulnerability was named CVE-2024-12027. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2024-10909 | Pojo Forms Plugin up to 1.4.7 on WordPress Shortcode form_preview_shortcode Privilege Escalation
1 year 4 months ago
A vulnerability was found in Pojo Forms Plugin up to 1.4.7 on WordPress. It has been classified as critical. This affects the function form_preview_shortcode of the component Shortcode Handler. The manipulation leads to Privilege Escalation.
This vulnerability is uniquely identified as CVE-2024-10909. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
DEF CON 32 – Bug Hunting In VMware Device Virtualization
1 year 4 months ago
DEF CON 32 – Bug Hunting In VMware Device Virtualization
伏特加制造商 Stoli 因勒索软件攻击申请破产
1 year 4 months ago
Stoli 集团的美国公司在 8 月份遭遇勒索软件攻击后申请破产,俄罗斯当局查封了该公司在该国的剩余酿酒厂。Stoli 集团的两家子公司 Stoli USA 和 Kentucky Owl 的总裁兼全球首席执行官在最近的一份文件中表示,这是因为 8 月份的攻击严重破坏了其 IT 系统(包括企业资源规划 (ERP))之后发生的。此次网络攻击还迫使整个集团进行手动操作,影响了会计等关键流程,预计要到 2025 年初才能完全恢复。
Caldwell 表示:“2024 年 8 月,Stoli 集团的 IT 基础设施因数据泄露和勒索软件攻击而遭受严重破坏。” 由于 Stoli 集团的企业资源规划 (ERP) 系统被禁用,并且 Stoli 集团的大部分内部流程(包括会计职能)被强制,此次攻击给 Stoli 集团内的所有公司(包括 Stoli USA 和 KO)造成了严重的运营问题。
这一事件还导致 Stoli 美国子公司无法向两家公司拖欠 7800 万美元债务的贷款人提供财务报告。2024 年 7 月,该集团在俄罗斯仅存的最后资产——两家价值 1 亿美元的酿酒厂也因 Stoli 集团及其创始人 Yuri Shefler 被认定为“极端分子”而被没收。
此外,Stoli 集团还花费了数千万美元与俄罗斯国有企业 FKP Sojuzplodoimport 就 Stolichnaya 和 Moskovskaya 伏特加商标权进行了长达 23 年的长期法庭诉讼,涉及多个司法管辖区,其中包括美国。
这场法律斗争源于 2000 年 3 月总统普京的一项行政命令,旨在“恢复和保护国家对伏特加商标的权利”,这些商标的权利在 20 世纪 90 年代被私营公司购买。该公司创始人谢夫勒也因批评普京政权而受到出于政治动机和“捏造”的指控,于 2002 年被迫逃离俄罗斯。
胡金鱼
警方查获Matrix 加密聊天服务
1 year 4 months ago
代号为“Operation Passionflower”的国际执法行动已经关闭了 MATRIX,这是一个加密消息平台,网络犯罪分子利用该平台协调非法活动,同时逃避警方追捕。
MATRIX 与同名的安全开源、去中心化、实时通信协议是不同的实体,继续使用是完全合法的。该行动在欧洲各地进行,包括法国、荷兰、意大利、立陶宛、西班牙和德国,并由欧洲刑警组织和欧洲司法组织协调。
犯罪推动者
警方在找到一名 2021 年 7 月试图暗杀记者的枪手的手机后,顺藤摸瓜找到了 MATRIX。在分析手机后,他们发现该手机经过定制,可以连接到名为 Matrix 的加密消息服务。
荷兰和法国当局之间的联合调查小组 (JIT) 允许警方监控和拦截通过这些设备发送的 33 种不同语言的 230 万条消息。但是,没有提供有关如何做到这一点的技术细节。
“三个月来,当局能够监控可能犯罪分子的信息,这些信息现在将用于支持其他调查。”欧洲刑警组织发布了一份声明。
在欧洲司法组织和欧洲刑警组织支持的协调行动中,荷兰和法国当局关闭了该消息服务,意大利、立陶宛和西班牙当局采取了后续行动。
MATRIX 遍布欧洲的 40 台服务器促进了至少 8,000 个用户帐户的通信,这些用户帐户支付了 1350 至 1700 美元的加密货币购买基于 Google Pixel 的设备以及手机上安装的服务的六个月订阅。
MATRIX 还以“Mactrix”、“Totalsec”、“X-quantum”和“Q-safe”等名称出售,但它们都使用相同的基础设施。 MATRIX 还提供加密视频通话、跟踪交易和匿名浏览互联网的功能。
扣押和逮捕
本周,执法部门在四个国家同时进行了突袭和搜查,导致法国和德国的 40 台服务器被关闭,西班牙和法国的 5 名嫌疑人被捕。
其中一名被捕者是一名 52 岁的立陶宛男子,他被怀疑是 MATRIX 的所有者和主要运营商。当局还查获了 970 部加密手机、152,500 美元现金、525,000 美元加密货币以及四辆汽车。 MATRIX 网站上张贴的查封横幅警告该服务的用户他们的通信已被暴露,调查将继续进行。
扣押通知
荷兰警方在另一份公告中指出,任何出于隐私和匿名目的而选择该服务且未参与犯罪活动的 MATRIX 用户应发送电子邮件请求豁免调查。尽管 MATRIX 的运营商技术先进,并且相信它优于之前被拆除的加密电话服务,但 MATRIX 仍被拆除。
然而,之前取缔类似加密电话服务(如 Ghost、EncroChat、Exclu 和 Sky ECC)的执法行动表明,一旦执法部门了解其基础设施,他们就可以通过监控截获的消息或通过查获的信息来收集犯罪行为的重要证据。这些证据导致数千名毒贩、武器经销商、有组织犯罪分子、杀人犯和洗钱犯被捕。
胡金鱼
CVE-2024-53457 | LibreNMS up to 24.9.0/24.10.0 Device Settings Section Display Name cross site scripting
1 year 4 months ago
A vulnerability was found in LibreNMS up to 24.9.0/24.10.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Device Settings Section. The manipulation of the argument Display Name leads to cross site scripting.
This vulnerability is handled as CVE-2024-53457. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-6219 | Canonical LXD up to 5.21.0 PKI Mode certificate validation (GHSA-jpmc-7p9c-4rxf)
1 year 4 months ago
A vulnerability has been found in Canonical LXD up to 5.21.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component PKI Mode. The manipulation leads to improper certificate validation.
This vulnerability is known as CVE-2024-6219. Local access is required to approach this attack. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-6156 | Canonical LXD up to 5.21.1 PKI Mode certificate validation (GHSA-4c49-9fpc-hc3v)
1 year 4 months ago
A vulnerability, which was classified as critical, was found in Canonical LXD up to 5.21.1. Affected is an unknown function of the component PKI Mode. The manipulation leads to improper certificate validation.
This vulnerability is traded as CVE-2024-6156. An attack has to be approached locally. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com