News

• Qantas App Glitch Sees Boarding Passes Fly To Other Accounts
• Adobe Adds Content Credentials And Firefly To Bug Bounty Program
• Google Boosts Bug Bounty Payouts Tenfold In Mobile App Security Push
• London Drugs Pharmacy Closes All Stores To Respond To Cyber Incident
• China's Attacks On Critical Infrastructure Tip Of Iceberg
• Defending Infrastructure, Securing Systems Key To CISA's New AI Guidelines
• Apple's Incredibly Private Safari Is Not So Private In Europe
• Hacker Jailed For Blackmailing Therapy Patients
• UK Outlaws Awful Default Passwords On Connected Devices
• Vulnerability In R Programming Language Could Fuel Supply Chain Attacks
• FCC Fines Wireless Carriers For Sharing User Locations Without Consent
• OpenAI's ChatGPT Targeted In Austrian Privacy Complaint
• Okta Warns Of Credential Stuffing Attacks Using Tor, Residential Proxies
• Watchdog Reveals Google Privacy Sandbox Worries
• Meta To Face EU Probe For Not Doing Enough To Stop Russian Disinformation
• Ten Years Of Heartbleed: Lessons Learned
• Kaiser Permanente Notifies 13.4M Patients Of Data Exposure
• Powerful Brokewell Android Trojan Allows Device Takeover
• Over 1,400 CrushFTP Instances Vulnerable To Exploited 0-Day
• Millions Of IPs Remain Infected By USB Worm Years After Its Creators Left It For Dead
• 750 Million Vulnerable To Snooping From Chinese Keyboard Apps
• Nation-State Hackers Exploit Cisco Firewall Zero Days To Backdoor Government Networks
• FTC Sending $5.6 Million To Ring Customers Over Security Failures
• Palo Alto Networks Shares Remediation Advice
• Russia, Iran Pose Most Aggressive Threat To 2024 Election

Exploits

• Packet Storm New Exploits For April, 2024
• Online Tours And Travels Management System 1.0 SQL Injection
• Windows PspBuildCreateProcessContext Double-Fetch / Buffer Overflow
• Windows NtQueryInformationThread Double-Fetch / Arbitrary Write
• undefinedExploiting The NT Kernel In 24H2undefined
• osCommerce 4 Cross Site Scripting
• Kemp LoadMaster Unauthenticated Command Injection
• Doctor Appointment Management System 1.0 Cross Site Scripting
• ESET NOD32 Antivirus 17.1.11.0 Unquoted Service Path
• PowerVR PMRMMapPMR() Writability Check
• Apache Solr Backup/Restore API Remote Code Execution
• Relate Learning And Teaching System SSTI / Remote Code Execution
• Nginx 1.25.5 Host Header Validation
• FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution
• GitLens Git Local Configuration Execution
• Visual Studio Code Execution
• Gambio Online Webshop 4.9.2.0 Remote Code Execution
• Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution
• Palo Alto PAN-OS Command Execution / Arbitrary File Creation
• LRMS PHP 1.0 SQL Injection / Shell Upload
• Dreamehome 2.1.5 Broken Authorization
• SofaWiki 3.9.2 Shell Upload
• Laravel Framework 11 Credential Disclosure
• FlatPress 1.3 Shell Upload
• MindManager Local Privilege Escalation

• [webapps] Flowise 1.6.5 - Authentication Bypass
• [webapps] Laravel Framework 11 - Credential Leakage
• [webapps] SofaWiki 3.9.2 - Remote Command Execution (RCE) (Authenticated)
• [webapps] Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution
• [webapps] FlatPress v1.3 - Remote Command Execution
• [remote] Palo Alto PAN-OS < v11.1.2-h3 - Command Injection and Arbitrary File Creation
• [webapps] OpenClinic GA 5.247.01 - Path Traversal (Authenticated)
• [webapps] OpenClinic GA 5.247.01 - Information Disclosure
• [webapps] Jenkins 2.441 - Local File Inclusion
• [webapps] djangorestframework-simplejwt 5.3.1 - Information Disclosure
• [webapps] BMC Compuware iStrobe Web - 20.13 - Pre-auth RCE
• [webapps] Stock Management System v1.0 - Unauthenticated SQL Injection
• [webapps] Online Fire Reporting System OFRS - SQL Injection Authentication Bypass
• [webapps] Savsoft Quiz v6.0 Enterprise - Stored XSS
• [webapps] Wordpress Plugin WP Video Playlist 1.1.1 - Stored Cross-Site Scripting (XSS)
• [webapps] WBCE CMS Version 1.6.1 - Remote Command Execution (Authenticated)
• [webapps] WBCE 1.6.0 - Unauthenticated SQL injection
• [webapps] Moodle 3.10.1 - Authenticated Blind Time-Based SQL Injection - "sort" parameter
• [local] PrusaSlicer 2.6.1 - Arbitrary code execution
• [webapps] PopojiCMS Version 2.0.1 - Remote Command Execution
• [webapps] Wordpress Plugin Playlist for Youtube 1.32 - Stored Cross-Site Scripting (XSS)
• [webapps] HTMLy Version v2.9.6 - Stored XSS
• [webapps] Ray OS v2.6.3 - Command Injection RCE(Unauthorized)
• [local] Terratec dmx_6fire USB - Unquoted Service Path
• [remote] MinIO < 2024-01-31T20-20-33Z - Privilege Escalation
• [webapps] GUnet OpenEclass E-learning platform 3.15 - 'certbadge.php' Unrestricted File Upload
• [webapps] Open Source Medicine Ordering System v1.0 - SQLi
• [webapps] Daily Expense Manager 1.0 - 'term' SQLi
• [webapps] Best Student Result Management System v1.0 - Multiple SQLi
• [webapps] Human Resource Management System v1.0 - Multiple SQLi
• [remote] Positron Broadcast Signal Processor TRA7005 v1.20 - Authentication Bypass
• [webapps] Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload
• [local] AnyDesk 7.0.15 - Unquoted Service Path
• [webapps] Wordpress Plugin Alemha Watermarker 1.3.1 - Stored Cross-Site Scripting (XSS)
• [webapps] Computer Laboratory Management System v1.0 - Multiple-SQLi
• [local] ESET NOD32 Antivirus 17.0.16.0 - Unquoted Service Path
• [webapps] Axigen < 10.5.7 - Persistent Cross-Site Scripting
• [webapps] Gibbon LMS v26.0.00 - SSTI vulnerability
• [webapps] Casdoor < v1.331.0 - '/api/set-password' CSRF
• [local] Microsoft Windows Defender - Detection Mitigation Bypass TrojanWin32Powessere.G
• [webapps] Wordpress Plugin - Membership For WooCommerce < v2.1.7 - Arbitrary File Upload to Shell (Unauthenticated)
• [webapps] Smart School 6.4.1 - SQL Injection
• [webapps] CE Phoenix v1.0.8.20 - Remote Code Execution
• [webapps] Elementor Website Builder < 3.12.2 - Admin+ SQLi
• [webapps] Blood Bank v1.0 - Stored Cross Site Scripting (XSS)
• [webapps] Daily Habit Tracker 1.0 - Broken Access Control

Last 20 Website Defacements - Zone-h

Advisories

• Ubuntu Security Notice USN-6760-1 Wed, 01 May 2024 15:30:42 GMT
  Ubuntu Security Notice 6760-1 - George-Andrei Iosif and David Fernandez Gonzalez discovered that Gerbv did not properly initialize a data structure when parsing certain nested RS-274X format files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service.
• Kernel Live Patch Security Notice LSN-0103-1 Wed, 01 May 2024 15:28:41 GMT
  Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information (kernel memory). Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.
• Microsoft PlayReady Cryptography Weakness Wed, 01 May 2024 15:27:14 GMT
  There is yet another attack possible against Protected Media Path process beyond the one involving two global XOR keys. The new attack may also result in the extraction of a plaintext content key value.
• Red Hat Security Advisory 2024-2639-03 Wed, 01 May 2024 15:15:17 GMT
  Red Hat Security Advisory 2024-2639-03 - The Migration Toolkit for Containers 1.7.15 is now available.
• Red Hat Security Advisory 2024-2633-03 Wed, 01 May 2024 15:15:09 GMT
  Red Hat Security Advisory 2024-2633-03 - Updated container image for Red Hat Ceph Storage 6.1 is now available in the Red Hat Ecosystem Catalog.
• Red Hat Security Advisory 2024-2631-03 Wed, 01 May 2024 15:15:02 GMT
  Red Hat Security Advisory 2024-2631-03 - An update is now available for Red Hat Ceph Storage 6.1 in the Red Hat Ecosystem Catalog.
• Red Hat Security Advisory 2024-2628-03 Wed, 01 May 2024 15:14:54 GMT
  Red Hat Security Advisory 2024-2628-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
• Red Hat Security Advisory 2024-2627-03 Wed, 01 May 2024 15:14:44 GMT
  Red Hat Security Advisory 2024-2627-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
• Red Hat Security Advisory 2024-2625-03 Wed, 01 May 2024 15:14:37 GMT
  Red Hat Security Advisory 2024-2625-03 - An update for rhc-worker-script is now available for Red Hat Enterprise Linux 7. Issues addressed include a denial of service vulnerability.
• Red Hat Security Advisory 2024-2624-03 Wed, 01 May 2024 15:14:30 GMT
  Red Hat Security Advisory 2024-2624-03 - Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.2 Telecommunications Update Service.
• Red Hat Security Advisory 2024-2621-03 Wed, 01 May 2024 15:14:18 GMT
  Red Hat Security Advisory 2024-2621-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.
• Red Hat Security Advisory 2024-2619-03 Wed, 01 May 2024 15:14:09 GMT
  Red Hat Security Advisory 2024-2619-03 - An update for rh-mysql80-mysql is now available for Red Hat Software Collections.
• Red Hat Security Advisory 2024-2616-03 Wed, 01 May 2024 15:13:58 GMT
  Red Hat Security Advisory 2024-2616-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.
• Red Hat Security Advisory 2024-2587-03 Wed, 01 May 2024 15:13:46 GMT
  Red Hat Security Advisory 2024-2587-03 - An update for unbound is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.
• Red Hat Security Advisory 2024-2586-03 Wed, 01 May 2024 15:13:39 GMT
  Red Hat Security Advisory 2024-2586-03 - An update for the container-tools:3.0 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.
• Red Hat Security Advisory 2024-2585-03 Wed, 01 May 2024 15:13:31 GMT
  Red Hat Security Advisory 2024-2585-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.
• Red Hat Security Advisory 2024-2584-03 Wed, 01 May 2024 15:13:25 GMT
  Red Hat Security Advisory 2024-2584-03 - An update for pcs is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a denial of service vulnerability.
• Red Hat Security Advisory 2024-2583-03 Wed, 01 May 2024 15:13:06 GMT
  Red Hat Security Advisory 2024-2583-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.
• Red Hat Security Advisory 2024-2582-03 Wed, 01 May 2024 15:12:57 GMT
  Red Hat Security Advisory 2024-2582-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.
• Red Hat Security Advisory 2024-2581-03 Wed, 01 May 2024 15:10:43 GMT
  Red Hat Security Advisory 2024-2581-03 - An update for pcs is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.
• Red Hat Security Advisory 2024-2580-03 Wed, 01 May 2024 15:10:36 GMT
  Red Hat Security Advisory 2024-2580-03 - An update for yajl is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a memory leak vulnerability.
• Red Hat Security Advisory 2024-2577-03 Wed, 01 May 2024 15:10:25 GMT
  Red Hat Security Advisory 2024-2577-03 - An update for shadow-utils is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
• Red Hat Security Advisory 2024-2575-03 Wed, 01 May 2024 15:09:43 GMT
  Red Hat Security Advisory 2024-2575-03 - An update for expat is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
• Red Hat Security Advisory 2024-2571-03 Wed, 01 May 2024 15:09:35 GMT
  Red Hat Security Advisory 2024-2571-03 - An update for sssd is now available for Red Hat Enterprise Linux 9.
• Red Hat Security Advisory 2024-2570-03 Wed, 01 May 2024 15:09:26 GMT
  Red Hat Security Advisory 2024-2570-03 - An update for gnutls is now available for Red Hat Enterprise Linux 9. Issues addressed include an information leakage vulnerability.