SecuriTricks - 2024-05-23

Title	Published	Tags	Description	Number of indicators
Deep Dive Into Unfading Sea Haze: A New Threat Actor in the South China Sea	May 24, 2024, 8:21 a.m.	malware apt espionage 2024-05-23 .net dustyexfiltool 2024-05-24 unfading sea haze silentgh0st translucentgh0st sharpjshandler	An investigation by Bitdefender Labs uncovered a previously unidentified cyber threat actor called Unfading Sea Haze. This group …	47
Operation Specter: An Active Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia	May 23, 2024, 3:06 p.m.	cyberespionage 2024-05-23 CVE-2021-34473 gh0st rat moudoor mydoor tunnelspecter email-exfiltration sweetspecter embassies backdoors CVE-2021-26855 geopolitics	An analysis reveals long-term espionage operations by a Chinese advanced persistent threat (APT) group against at least seven gov…	28
New ransomware group abusing BitLocker	May 23, 2024, 2:49 p.m.	ransomware exfiltration encryption 2024-05-23 bitlocker trojan-ransom.vbs.bitlock.gen trojan.vbs.sagent.gen trojan.win32.generic partitions	The report examines an incident where threat actors leveraged Microsoft's BitLocker encryption utility to deploy unauthorized fil…	6
Sharp Dragon Expands Towards Africa and The Caribbean	May 23, 2024, 2:17 p.m.	espionage cobalt strike beacon government cyber 2024-05-23 CVE-2023-0669 expansion caribbean targeting africa	Check Point Research has observed a significant shift in the activities and lures of Sharp Dragon, a Chinese threat actor, now ta…	38
New Hijack Loader Variant: Uses Process Hollowing, Has Enhanced Anti-Evasion Capabilities	May 23, 2024, 1:50 p.m.	loader rhadamanthys 2024-05-23 api hooking hijackloader hijack loader yara tracker suricata loader variant has enhanced png image user account april		9

Vulnerabilities

CVE	CVSS	Published	Product impacted	Tags
CVE-2024-5168	9.8	May 23, 2024, 1:15 p.m.	Prodys Quantum Audio codec	CWE-284 cve-coordination@incibe.es 2024-05-23 CVE-2024-5168
CVE-2024-5084	9.8	May 23, 2024, 3:15 p.m.	Hash Form - Drag & Drop Form Builder plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-5084
CVE-2024-5296	9.8	May 23, 2024, 10:15 p.m.	D-Link D-View	zdi-disclosures@trendmicro.com CWE-321 2024-05-23 CVE-2024-5296
CVE-2024-4662	8.8	May 23, 2024, 5:15 a.m.	Oxygen Builder plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-4662
CVE-2024-35186	8.8	May 23, 2024, 9:15 a.m.	gitoxide	security-advisories@github.com CWE-23 2024-05-23 CVE-2024-35186
CVE-2024-4779	8.8	May 23, 2024, 10:15 a.m.	Unlimited Elements For Elementor plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-4779
CVE-2024-34060	8.8	May 23, 2024, 12:15 p.m.	IrisEVTXModule	security-advisories@github.com CWE-22 2024-05-23 CVE-2024-34060
CVE-2024-5201	8.8	May 23, 2024, 8:15 p.m.	OpenText Dimensions RM	security@opentext.com CWE-287 2024-05-23 CVE-2024-5201
CVE-2024-5246	8.8	May 23, 2024, 10:15 p.m.	NETGEAR ProSAFE Network Management System	zdi-disclosures@trendmicro.com 2024-05-23 CVE-2024-5246
CVE-2024-5247	8.8	May 23, 2024, 10:15 p.m.	NETGEAR ProSAFE Network Management System	zdi-disclosures@trendmicro.com CWE-434 2024-05-23 CVE-2024-5247
CVE-2024-5291	8.8	May 23, 2024, 10:15 p.m.	D-Link DIR-2150 routers	zdi-disclosures@trendmicro.com CWE-78 2024-05-23 CVE-2024-5291
CVE-2024-5293	8.8	May 23, 2024, 10:15 p.m.	D-Link DIR-2640	zdi-disclosures@trendmicro.com CWE-121 2024-05-23 CVE-2024-5293
CVE-2024-5295	8.8	May 23, 2024, 10:15 p.m.	D-Link G416 Wireless Router	zdi-disclosures@trendmicro.com CWE-78 2024-05-23 CVE-2024-5295
CVE-2024-5297	8.8	May 23, 2024, 10:15 p.m.	D-Link D-View	zdi-disclosures@trendmicro.com CWE-78 2024-05-23 CVE-2024-5297
CVE-2024-5298	8.8	May 23, 2024, 10:15 p.m.	D-Link D-View	zdi-disclosures@trendmicro.com CWE-749 2024-05-23 CVE-2024-5298
CVE-2024-5299	8.8	May 23, 2024, 10:15 p.m.	D-Link D-View	zdi-disclosures@trendmicro.com CWE-749 2024-05-23 CVE-2024-5299
CVE-2024-4978	8.4	May 23, 2024, 2:15 a.m.	Justice AV Solutions Viewer Setup	CWE-502 9119a7d8-5eab-497f-8521-727c672e3725 2024-05-23 CVE-2024-4978
CVE-2024-26139	8.3	May 23, 2024, 12:15 p.m.	OpenCTI	CWE-284 security-advisories@github.com 2024-05-23 CVE-2024-26139
CVE-2024-5085	8.1	May 23, 2024, 3:15 p.m.	Hash Form – Drag & Drop Form Builder plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-5085
CVE-2024-4835	8.0	May 23, 2024, 7:15 a.m.	GitLab	CWE-79 cve@gitlab.com 2024-05-23 CVE-2024-4835
CVE-2024-4471	8.0	May 23, 2024, 1:15 p.m.	140+ Widgets \| Best Addons For Elementor	security@wordfence.com 2024-05-23 CVE-2024-4471
CVE-2024-30279	7.8	May 23, 2024, 9:15 a.m.	Acrobat Reader	CWE-787 psirt@adobe.com 2024-05-23 CVE-2024-30279
CVE-2024-30280	7.8	May 23, 2024, 9:15 a.m.	Acrobat Reader	psirt@adobe.com CWE-125 2024-05-23 CVE-2024-30280
CVE-2024-5245	7.8	May 23, 2024, 10:15 p.m.	NETGEAR ProSAFE Network Management System	zdi-disclosures@trendmicro.com CWE-1392 2024-05-23 CVE-2024-5245
CVE-2024-5202	7.7	May 23, 2024, 8:15 p.m.	OpenText Dimensions RM	CWE-200 security@opentext.com 2024-05-23 CVE-2024-5202
CVE-2024-35224	7.6	May 23, 2024, 1:15 p.m.	OpenProject	security-advisories@github.com CWE-80 2024-05-23 CVE-2024-35224
CVE-2024-2038	7.5	May 23, 2024, 7:15 a.m.	Visual Website Collaboration, Feedback & Project Management - Atarim plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-2038
CVE-2024-5227	7.5	May 23, 2024, 10:15 p.m.	TP-Link Omada ER605 router	zdi-disclosures@trendmicro.com CWE-78 2024-05-23 CVE-2024-5227
CVE-2024-5228	7.5	May 23, 2024, 10:15 p.m.	TP-Link Omada ER605 Router	zdi-disclosures@trendmicro.com CWE-122 2024-05-23 CVE-2024-5228
CVE-2024-5242	7.5	May 23, 2024, 10:15 p.m.	TP-Link Omada ER605 router	zdi-disclosures@trendmicro.com CWE-121 2024-05-23 CVE-2024-5242
CVE-2024-5243	7.5	May 23, 2024, 10:15 p.m.	TP-Link Omada ER605 routers	CWE-120 zdi-disclosures@trendmicro.com 2024-05-23 CVE-2024-5243
CVE-2024-5292	7.3	May 23, 2024, 10:15 p.m.	D-Link Network Assistant	zdi-disclosures@trendmicro.com CWE-427 2024-05-23 CVE-2024-5292
CVE-2024-4347	7.2	May 23, 2024, 6:15 a.m.	WP Fastest Cache plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-4347
CVE-2024-2874	6.5	May 23, 2024, 7:15 a.m.	GitLab CE/EE	CWE-400 cve@gitlab.com 2024-05-23 CVE-2024-2874
CVE-2024-5165	6.5	May 23, 2024, 10:15 a.m.	Eclipse Ditto	CWE-79 emo@eclipse.org 2024-05-23 CVE-2024-5165
CVE-2024-3201	6.4	May 23, 2024, 2:15 a.m.	WP DSGVO Tools (GDPR) plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-3201
CVE-2024-4486	6.4	May 23, 2024, 2:15 a.m.	Awesome Contact Form7 for Elementor plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-4486
CVE-2024-4783	6.4	May 23, 2024, 2:15 a.m.	jQuery T(-) Countdown Widget plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-4783
CVE-2024-4431	6.4	May 23, 2024, 4:15 a.m.	LA-Studio Element Kit for Elementor plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-4431
CVE-2024-5177	6.4	May 23, 2024, 6:15 a.m.	Hash Elements plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-5177
CVE-2024-3648	6.4	May 23, 2024, 7:15 a.m.	ShareThis Share Buttons plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-3648
CVE-2024-4043	6.4	May 23, 2024, 7:15 a.m.	WP Ultimate Post Grid plugin	security@wordfence.com 2024-05-23 CVE-2024-4043
CVE-2024-4706	6.4	May 23, 2024, 8:15 a.m.	WordPress + Microsoft Office 365 / Azure AD \| LOGIN plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-4706
CVE-2024-2861	6.4	May 23, 2024, 10:15 a.m.	ProfilePress plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-2861
CVE-2024-1814	6.4	May 23, 2024, 11:15 a.m.	Spectra - WordPress Gutenberg Blocks plugin	security@wordfence.com 2024-05-23 CVE-2024-1814
CVE-2024-1815	6.4	May 23, 2024, 11:15 a.m.	Spectra - WordPress Gutenberg Blocks plugin	security@wordfence.com 2024-05-23 CVE-2024-1815
CVE-2024-3997	6.4	May 23, 2024, 11:15 a.m.	Prime Slider - Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-3997
CVE-2024-4378	6.4	May 23, 2024, 11:15 a.m.	Premium Addons for Elementor plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-4378
CVE-2024-4575	6.4	May 23, 2024, 11:15 a.m.	LayerSlider plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-4575
CVE-2024-4365	6.4	May 23, 2024, 5:15 p.m.	Advanced iFrame plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-4365
CVE-2024-5231	6.3	May 23, 2024, 3:15 a.m.	Campcodes Complete Web-Based School Management System	CWE-89 cna@vuldb.com 2024-05-23 CVE-2024-5231
CVE-2024-5232	6.3	May 23, 2024, 4:15 a.m.	Campcodes Complete Web-Based School Management System	CWE-89 cna@vuldb.com 2024-05-23 CVE-2024-5232
CVE-2024-5233	6.3	May 23, 2024, 5:15 a.m.	Campcodes Complete Web-Based School Management System	CWE-89 cna@vuldb.com 2024-05-23 CVE-2024-5233
CVE-2024-5234	6.3	May 23, 2024, 5:15 a.m.	Campcodes Complete Web-Based School Management System	CWE-89 cna@vuldb.com 2024-05-23 CVE-2024-5234
CVE-2024-5235	6.3	May 23, 2024, 5:15 a.m.	Campcodes Complete Web-Based School Management System	CWE-89 cna@vuldb.com 2024-05-23 CVE-2024-5235
CVE-2024-5236	6.3	May 23, 2024, 5:15 a.m.	Campcodes Complete Web-Based School Management System	CWE-89 cna@vuldb.com 2024-05-23 CVE-2024-5236
CVE-2024-5237	6.3	May 23, 2024, 6:15 a.m.	Campcodes Complete Web-Based School Management System	CWE-89 cna@vuldb.com 2024-05-23 CVE-2024-5237
CVE-2024-5238	6.3	May 23, 2024, 6:15 a.m.	Campcodes Complete Web-Based School Management System	CWE-89 cna@vuldb.com 2024-05-23 CVE-2024-5238
CVE-2024-5239	6.3	May 23, 2024, 6:15 a.m.	Campcodes Complete Web-Based School Management System	CWE-89 cna@vuldb.com 2024-05-23 CVE-2024-5239
CVE-2024-5240	6.3	May 23, 2024, 7:15 a.m.	Campcodes Complete Web-Based School Management System	CWE-89 cna@vuldb.com 2024-05-23 CVE-2024-5240
CVE-2024-5264	5.9	May 23, 2024, 9:15 a.m.	Thales Luna EFT	2024-05-23 CVE-2024-5264 psirt@thalesgroup.com CWE-338
CVE-2024-35222	5.9	May 23, 2024, 2:15 p.m.	Tauri	CWE-284 security-advisories@github.com 2024-05-23 CVE-2024-35222
CVE-2023-7045	5.4	May 23, 2024, 11:15 a.m.	GitLab CE/EE	CWE-352 cve@gitlab.com 2024-05-23 CVE-2023-7045
CVE-2024-35197	5.4	May 23, 2024, 1:15 p.m.	gitoxide	security-advisories@github.com 2024-05-23 CVE-2024-35197 CWE-67
CVE-2024-1855	5.3	May 23, 2024, 2:15 a.m.	WPCafe - Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-1855
CVE-2024-5230	5.3	May 23, 2024, 2:15 a.m.	EnvaySoft FleetCart	CWE-200 cna@vuldb.com 2024-05-23 CVE-2024-5230
CVE-2023-6325	5.3	May 23, 2024, 5:15 a.m.	RomethemeForm For Elementor plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2023-6325
CVE-2024-35223	5.3	May 23, 2024, 9:15 a.m.	Dapr	security-advisories@github.com CWE-200 2024-05-23 CVE-2024-35223
CVE-2024-28188	5.3	May 23, 2024, 12:15 p.m.	Jupyter Scheduler	security-advisories@github.com CWE-200 2024-05-23 CVE-2024-28188
CVE-2023-6844	5.0	May 23, 2024, 2:15 a.m.	WordPress iframe plugin	security@wordfence.com 2024-05-23 CVE-2023-6844
CVE-2024-5244	5.0	May 23, 2024, 10:15 p.m.	TP-Link Omada ER605 routers	zdi-disclosures@trendmicro.com 2024-05-23 CVE-2024-5244 CWE-656
CVE-2024-4895	4.7	May 23, 2024, 3:15 a.m.	wpDataTables - WordPress Data Table, Dynamic Tables & Table Charts Plugin	security@wordfence.com 2024-05-23 CVE-2024-4895
CVE-2024-5241	4.7	May 23, 2024, 7:15 a.m.	Huashi Private Cloud CDN Live Streaming Acceleration Server	CWE-78 cna@vuldb.com 2024-05-23 CVE-2024-5241
CVE-2024-3065	4.4	May 23, 2024, 2:15 a.m.	PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-3065
CVE-2024-5258	4.4	May 23, 2024, 11:15 a.m.	GitLab	CWE-639 cve@gitlab.com 2024-05-23 CVE-2024-5258
CVE-2024-3626	4.3	May 23, 2024, 6:15 a.m.	Email Subscribers by Icegram Express WordPress plugin	security@wordfence.com 2024-05-23 CVE-2024-3626
CVE-2024-3711	4.3	May 23, 2024, 6:15 a.m.	Brizy - Page Builder plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-3711
CVE-2023-6502	4.3	May 23, 2024, 11:15 a.m.	GitLab CE/EE	CWE-400 cve@gitlab.com 2024-05-23 CVE-2023-6502
CVE-2024-1947	4.3	May 23, 2024, 11:15 a.m.	GitLab CE/EE	CWE-400 cve@gitlab.com 2024-05-23 CVE-2024-1947
CVE-2024-1803	4.3	May 23, 2024, 1:15 p.m.	EmbedPress - Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress	security@wordfence.com 2024-05-23 CVE-2024-1803
CVE-2024-5294	4.3	May 23, 2024, 10:15 p.m.	D-Link DIR-3040 router	zdi-disclosures@trendmicro.com CWE-401 2024-05-23 CVE-2024-5294
CVE-2024-32969	2.7	May 23, 2024, 9:15 a.m.	vantage6	CWE-284 security-advisories@github.com 2024-05-23 CVE-2024-32969
CVE-2024-3708	None	May 23, 2024, 1:15 a.m.	lighttpd	CWE-200 2024-05-23 CVE-2024-3708 biossecurity@ami.com
CVE-2024-2220	None	May 23, 2024, 6:15 a.m.	Button contact VR WordPress plugin	contact@wpscan.com 2024-05-23 CVE-2024-2220
CVE-2024-3594	None	May 23, 2024, 6:15 a.m.	IDonate WordPress plugin	contact@wpscan.com 2024-05-23 CVE-2024-3594
CVE-2024-3917	None	May 23, 2024, 6:15 a.m.	Pet Manager WordPress plugin	contact@wpscan.com 2024-05-23 CVE-2024-3917
CVE-2024-3918	None	May 23, 2024, 6:15 a.m.	Pet Manager WordPress plugin	contact@wpscan.com 2024-05-23 CVE-2024-3918
CVE-2024-3920	None	May 23, 2024, 6:15 a.m.	Flattr WordPress plugin	contact@wpscan.com 2024-05-23 CVE-2024-3920
CVE-2024-4388	None	May 23, 2024, 6:15 a.m.	UNKNOWN	contact@wpscan.com 2024-05-23 CVE-2024-4388
CVE-2024-4399	None	May 23, 2024, 6:15 a.m.	UNKNOWN	contact@wpscan.com 2024-05-23 CVE-2024-4399
CVE-2024-36011	None	May 23, 2024, 7:15 a.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-05-23 CVE-2024-36011
CVE-2024-36012	None	May 23, 2024, 7:15 a.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-05-23 CVE-2024-36012
CVE-2024-36013	None	May 23, 2024, 7:15 a.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-05-23 CVE-2024-36013
CVE-2023-4859	None	May 23, 2024, 4:15 p.m.	UNKNOWN	security@wordfence.com 2024-05-23 CVE-2023-4859
CVE-2024-2301	None	May 23, 2024, 5:15 p.m.	HP LaserJet Pro devices	hp-security-alert@hp.com 2024-05-23 CVE-2024-2301
CVE-2024-34927	None	May 23, 2024, 5:15 p.m.	Campcodes Complete Web-Based School Management System	cve@mitre.org 2024-05-23 CVE-2024-34927
CVE-2024-34928	None	May 23, 2024, 5:15 p.m.	Campcodes Complete Web-Based School Management System	cve@mitre.org 2024-05-23 CVE-2024-34928
CVE-2024-34929	None	May 23, 2024, 5:15 p.m.	Campcodes Complete Web-Based School Management System	cve@mitre.org 2024-05-23 CVE-2024-34929
CVE-2024-34930	None	May 23, 2024, 5:15 p.m.	Campcodes Complete Web-Based School Management System	cve@mitre.org 2024-05-23 CVE-2024-34930
CVE-2024-34931	None	May 23, 2024, 5:15 p.m.	Campcodes Complete Web-Based School Management System	cve@mitre.org 2024-05-23 CVE-2024-34931
CVE-2024-34932	None	May 23, 2024, 5:15 p.m.	Campcodes Complete Web-Based School Management System	cve@mitre.org 2024-05-23 CVE-2024-34932
CVE-2024-34933	None	May 23, 2024, 5:15 p.m.	Campcodes Complete Web-Based School Management System	cve@mitre.org 2024-05-23 CVE-2024-34933
CVE-2024-34934	None	May 23, 2024, 5:15 p.m.	Campcodes Complete Web-Based School Management System	cve@mitre.org 2024-05-23 CVE-2024-34934
CVE-2024-34935	None	May 23, 2024, 5:15 p.m.	Campcodes Complete Web-Based School Management System	cve@mitre.org 2024-05-23 CVE-2024-34935
CVE-2024-34936	None	May 23, 2024, 5:15 p.m.	Campcodes Complete Web-Based School Management System	cve@mitre.org 2024-05-23 CVE-2024-34936
CVE-2024-35081	None	May 23, 2024, 5:15 p.m.	LuckyFrameWeb	cve@mitre.org 2024-05-23 CVE-2024-35081
CVE-2024-35082	None	May 23, 2024, 5:15 p.m.	J2EEFAST	cve@mitre.org 2024-05-23 CVE-2024-35082
CVE-2024-35083	None	May 23, 2024, 5:15 p.m.	J2EEFAST	cve@mitre.org 2024-05-23 CVE-2024-35083
CVE-2024-35084	None	May 23, 2024, 5:15 p.m.	J2EEFAST	cve@mitre.org 2024-05-23 CVE-2024-35084
CVE-2024-35085	None	May 23, 2024, 5:15 p.m.	J2EEFAST	cve@mitre.org 2024-05-23 CVE-2024-35085
CVE-2024-35086	None	May 23, 2024, 5:15 p.m.	J2EEFAST	cve@mitre.org 2024-05-23 CVE-2024-35086
CVE-2024-35090	None	May 23, 2024, 5:15 p.m.	J2EEFAST	cve@mitre.org 2024-05-23 CVE-2024-35090
CVE-2024-35091	None	May 23, 2024, 5:15 p.m.	J2EEFAST	cve@mitre.org 2024-05-23 CVE-2024-35091
CVE-2024-5143	None	May 23, 2024, 5:15 p.m.	UNKNOWN	hp-security-alert@hp.com 2024-05-23 CVE-2024-5143
CVE-2024-31843	None	May 23, 2024, 7:16 p.m.	Italtel Embrace	cve@mitre.org 2024-05-23 CVE-2024-31843
CVE-2024-35079	None	May 23, 2024, 7:16 p.m.	inxedu	cve@mitre.org 2024-05-23 CVE-2024-35079
CVE-2024-35080	None	May 23, 2024, 7:16 p.m.	inxedu	cve@mitre.org 2024-05-23 CVE-2024-35080
CVE-2024-35375	None	May 23, 2024, 7:16 p.m.	DedeCMS	cve@mitre.org 2024-05-23 CVE-2024-35375
CVE-2024-35570	None	May 23, 2024, 7:16 p.m.	inxedu	cve@mitre.org 2024-05-23 CVE-2024-35570

» Click here to see all Vulnerabilities «

Tag : 2024-05-23

Attack Reports

Vulnerabilities