Today > vulnerabilities   -   You can now download lists of IOCs here!

Tag: 2024-06-04

3 attack reports | 183 vulnerabilities

Attack reports

Excel File Deploys Cobalt Strike at Ukraine

A sophisticated multi-stage cyberattack was identified, utilizing an Excel file embedded with a VBA macro designed to deploy a DLL file. The attacker employed various evasion techniques and a multi-stage malware strategy to deliver the notorious 'Cobalt Strike' payload, establishing communication w…

malware
evasion
ukraine
2024-06-04
excel
Published: June 4, 2024

Downloadable IOCs 10

The Pumpkin Eclipse - Chalubo Malware

Chalubo is a commodity remote access trojan (RAT). First identified in 2018, employed savvy tradecraft to obfuscate its activity; it removed all files from disk to run in-memory, assumed a random process name already present on the device, and encrypted all communications with the command and contr…

ddos
script
2024-06-04
meta
write
download
form
soho
path
button
span
link
template
header dropdown
iconbutton
product
solutions
footer
code
enterprise
reload
close
chalubo
body
find
star
copy
open
main
contact
october
chalubo malware
actiontec
lumen
lua script
lotus labs
november
black
next
Published: June 4, 2024

Downloadable IOCs 176

Vidar Stealer: An In-depth Analysis of an Information-Stealing Malware

Vidar Stealer is a potent malware written in C++, capable of stealing a wide range of data from the compromised system. Vidar Stealer targets user’s personal data, web-browser data, cryptocurrency wallets, financial data, sensitive files within user directories, communication applications, process …

malware
persistence
2024-06-04
c2
Published: June 4, 2024

Downloadable IOCs 6

» Click here to see all Attack Reports «

Vulnerabilities

CVE-2024-25600

10.0
Bricks Builder
Published: June 4, 2024

CVE-2024-29972

9.8
Zyxel NAS326
Published: June 4, 2024

CVE-2024-29973

9.8
Zyxel NAS326
Published: June 4, 2024

CVE-2024-29974

9.8
Zyxel NAS326
Published: June 4, 2024

CVE-2024-4552

9.8
Social Login Lite For WooCommerce plugin for WordPress
Published: June 4, 2024

CVE-2024-35700

9.8
Userpro
Published: June 4, 2024

CVE-2024-35629

9.6
Easy Digital Downloads - Recent Purchases
Published: June 4, 2024

CVE-2024-36400

9.4
nano-id crate
Published: June 4, 2024

CVE-2023-33930

9.1
Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
Published: June 4, 2024

CVE-2024-34792

9.1
Dextaz Ping
Published: June 4, 2024

CVE-2024-33560

9.0
XStore
Published: June 4, 2024

CVE-2024-34551

9.0
Stockholm theme by Select-Themes
Published: June 4, 2024

CVE-2024-37052

8.8
MLflow
Published: June 4, 2024

CVE-2024-37053

8.8
MLflow platform
Published: June 4, 2024

CVE-2024-37054

8.8
MLflow
Published: June 4, 2024

CVE-2024-37055

8.8
MLflow
Published: June 4, 2024

CVE-2024-37056

8.8
MLflow
Published: June 4, 2024

CVE-2024-37057

8.8
MLflow platform
Published: June 4, 2024

CVE-2024-37058

8.8
MLflow platform
Published: June 4, 2024

CVE-2024-37059

8.8
MLflow
Published: June 4, 2024

CVE-2024-37060

8.8
MLflow
Published: June 4, 2024

CVE-2024-37061

8.8
MLflow
Published: June 4, 2024

CVE-2024-33628

8.8
XforWooCommerce
Published: June 4, 2024

CVE-2024-33557

8.5
XStore Core
Published: June 4, 2024

CVE-2024-33568

8.5
BdThemes Element Pack Pro
Published: June 4, 2024

CVE-2024-34552

8.5
Stockholm
Published: June 4, 2024

CVE-2024-34554

8.5
Select-Themes Stockholm Core
Published: June 4, 2024

CVE-2023-47837

8.3
ARMember
Published: June 4, 2024

CVE-2024-29170

8.1
Dell PowerScale OneFS
Published: June 4, 2024

CVE-2024-20874

7.9
SmartManagerCN
Published: June 4, 2024

CVE-2023-5751

7.8
UNKNOWN
Published: June 4, 2024

CVE-2024-37062

7.8
Ydata ydata-profiling open-source library
Published: June 4, 2024

CVE-2024-37063

7.8
Ydata ydata-profiling open-source library
Published: June 4, 2024

CVE-2024-37064

7.8
Ydata ydata-profiling open-source library
Published: June 4, 2024

CVE-2024-37065

7.8
skops python library
Published: June 4, 2024

CVE-2024-2019

7.5
WP-DB-Table-Editor plugin for WordPress
Published: June 4, 2024

CVE-2024-4253

7.5
@gradio/video
Published: June 4, 2024

CVE-2024-5000

7.5
CODESYS
Published: June 4, 2024

CVE-2023-46630

7.5
Admin and Site Enhancements (ASE)
Published: June 4, 2024

CVE-2024-28996

7.5
SolarWinds Platform
Published: June 4, 2024

CVE-2024-32871

7.5
Pimcore
Published: June 4, 2024

CVE-2024-25095

7.5
Easy Forms for Mailchimp
Published: June 4, 2024

CVE-2024-35672

7.5
Netgsm
Published: June 4, 2024

CVE-2024-4520

7.5
gaizhenbiao/chuanhuchatgpt
Published: June 4, 2024

CVE-2024-32976

7.5
Envoy Proxy
Published: June 4, 2024

CVE-2024-34363

7.5
Envoy Proxy
Published: June 4, 2024

CVE-2024-20877

7.3
UNKNOWN
Published: June 4, 2024

CVE-2024-20878

7.3
Samsung Android devices
Published: June 4, 2024

CVE-2024-4870

7.2
Frontend Registration – Contact Form 7 plugin for WordPress
Published: June 4, 2024

CVE-2024-3555

7.2
WordPress Social Link Pages plugin
Published: June 4, 2024

CVE-2024-4254

7.1
gradio
Published: June 4, 2024

CVE-2024-35664

7.1
WPvivid Backup for MainWP
Published: June 4, 2024

CVE-2024-35668

7.1
Brevo Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue
Published: June 4, 2024

CVE-2024-29004

7.1
SolarWinds Platform
Published: June 4, 2024

CVE-2024-35652

7.1
Event Tickets with Ticket Scanner
Published: June 4, 2024

CVE-2024-29975

6.7
Zyxel NAS326
Published: June 4, 2024

CVE-2024-29976

6.5
Zyxel NAS326
Published: June 4, 2024

CVE-2023-38520

6.5
Pinpoint Booking System
Published: June 4, 2024

CVE-2023-40673

6.5
cartpauj Register Captcha
Published: June 4, 2024

CVE-2024-5463

6.5
Synology Camera Firmware
Published: June 4, 2024

CVE-2023-48747

6.5
Booster for WooCommerce
Published: June 4, 2024

CVE-2023-49852

6.5
WordPress Responsive Slick Slider
Published: June 4, 2024

CVE-2023-51511

6.5
Booster Elite for WooCommerce
Published: June 4, 2024

CVE-2024-33541

6.5
Better Elementor Addons
Published: June 4, 2024

CVE-2024-34384

6.5
SinaExtra Sina Extension for Elementor
Published: June 4, 2024

CVE-2024-35654

6.5
CyberChimps Responsive
Published: June 4, 2024

CVE-2024-35666

6.5
Themesflat Addons For Elementor
Published: June 4, 2024

CVE-2024-35782

6.5
Cowidgets – Elementor Addons
Published: June 4, 2024

CVE-2024-35649

6.5
Pdfcrowd Save as PDF plugin
Published: June 4, 2024

CVE-2024-35651

6.5
WP Flow Plus
Published: June 4, 2024

CVE-2024-35653

6.5
Visual Composer Website Builder
Published: June 4, 2024

CVE-2024-34759

6.5
VideoWhisper Picture Gallery
Published: June 4, 2024

CVE-2024-3888

6.4
tagDiv Composer plugin for WordPress
Published: June 4, 2024

CVE-2024-3230

6.4
Download Attachments plugin for WordPress
Published: June 4, 2024

CVE-2024-4273

6.4
Essential Real Estate plugin for WordPress
Published: June 4, 2024

CVE-2024-4697

6.4
Cowidgets – Elementor Addons plugin for WordPress
Published: June 4, 2024

CVE-2024-20880

6.4
UNKNOWN
Published: June 4, 2024

CVE-2024-20881

6.4
chnactiv TA
Published: June 4, 2024

CVE-2024-5485

6.4
SureTriggers - Connect All Your Plugins, Apps, Tools & Automate Everything! plugin for WordPress
Published: June 4, 2024

CVE-2024-4581

6.4
Slider Revolution plugin for WordPress
Published: June 4, 2024

CVE-2024-4637

6.4
Slider Revolution plugin for WordPress
Published: June 4, 2024

CVE-2024-28999

6.4
SolarWinds Platform
Published: June 4, 2024

CVE-2024-5635

6.3
itsourcecode Bakery Online Ordering System
Published: June 4, 2024

CVE-2024-20883

6.2
UNKNOWN
Published: June 4, 2024

CVE-2024-20884

6.2
Samsung BatteryStatsService
Published: June 4, 2024

CVE-2024-20886

6.2
Samsung Live Wallpaper PC
Published: June 4, 2024

CVE-2024-20887

6.2
GalaxyBudsManager PC
Published: June 4, 2024

CVE-2024-20876

6.1
UNKNOWN
Published: June 4, 2024

CVE-2024-32464

6.1
Action Text
Published: June 4, 2024

CVE-2024-35655

5.9
Brave Popup Builder
Published: June 4, 2024

CVE-2024-29152

5.9
Samsung Exynos processors
Published: June 4, 2024

CVE-2024-23326

5.9
Envoy
Published: June 4, 2024

CVE-2024-32974

5.9
Envoy
Published: June 4, 2024

CVE-2024-32975

5.9
Envoy Proxy
Published: June 4, 2024

CVE-2024-34362

5.9
Envoy Proxy
Published: June 4, 2024

CVE-2024-36121

5.9
Netty
Published: June 4, 2024

CVE-2024-34364

5.7
Envoy
Published: June 4, 2024

CVE-2023-39161

5.4
WP Discussion Board
Published: June 4, 2024

CVE-2023-40557

5.4
PickPlugins Tabs & Accordion
Published: June 4, 2024

CVE-2023-45635

5.4
WP Darko Responsive Tabs
Published: June 4, 2024

CVE-2023-47513

5.4
ARI Stream Quiz
Published: June 4, 2024

CVE-2024-28103

5.4
Action Pack
Published: June 4, 2024

CVE-2024-30528

5.4
Spiffy Calendar
Published: June 4, 2024

CVE-2024-1718

5.3
Claudio Sanches - Checkout Cielo for WooCommerce plugin
Published: June 4, 2024

CVE-2024-2382

5.3
Authorize.net Payment Gateway For WooCommerce plugin for WordPress
Published: June 4, 2024

CVE-2024-4997

5.3
WPUpper Share Buttons plugin for WordPress
Published: June 4, 2024

CVE-2023-34001

5.3
WPPlugins - WordPress Security Plugins Hide My WP Ghost
Published: June 4, 2024

CVE-2023-37865

5.3
IP2Location Country Blocker
Published: June 4, 2024

CVE-2023-40332

5.3
WP-PostRatings
Published: June 4, 2024

CVE-2023-41134

5.3
Antispam Bee
Published: June 4, 2024

CVE-2023-44235

5.3
WP Captcha
Published: June 4, 2024

CVE-2023-45009

5.3
Captcha/Honeypot for Contact Form 7
Published: June 4, 2024

CVE-2023-46310

5.3
wpDiscuz
Published: June 4, 2024

CVE-2023-47189

5.3
WPMU DEV Defender Security
Published: June 4, 2024

CVE-2023-48271

5.3
Maspik - Spam blacklist
Published: June 4, 2024

CVE-2023-48276

5.3
WP Forms Puzzle Captcha
Published: June 4, 2024

CVE-2023-48285

5.3
Stripe Payments
Published: June 4, 2024

CVE-2023-48290

5.3
Form Maker by 10Web
Published: June 4, 2024

CVE-2023-48318

5.3
Contact Form Email
Published: June 4, 2024

CVE-2023-48745

5.3
Captcha Code
Published: June 4, 2024

CVE-2023-48753

5.3
Restricted Site Access
Published: June 4, 2024

CVE-2023-49774

5.3
WP Photo Album Plus
Published: June 4, 2024

CVE-2023-51542

5.3
WPMU DEV Branda
Published: June 4, 2024

CVE-2023-51543

5.3
RegistrationMagic
Published: June 4, 2024

CVE-2023-51544

5.3
RegistrationMagic
Published: June 4, 2024

CVE-2023-51667

5.3
Rate my Post - WP Rating System
Published: June 4, 2024

CVE-2023-52176

5.3
miniorange Malware Scanner
Published: June 4, 2024

CVE-2024-35670

5.3
SoftLab Integrate Google Drive
Published: June 4, 2024

CVE-2024-30525

5.3
Move Addons for Elementor
Published: June 4, 2024

CVE-2024-20885

5.1
Samsung Dialer
Published: June 4, 2024

CVE-2024-35634

4.9
Woocommerce - Recent Purchases
Published: June 4, 2024

CVE-2024-4219

4.8
BeyondInsight
Published: June 4, 2024

CVE-2024-20882

4.6
Samsung Bootloader
Published: June 4, 2024

CVE-2023-47663

4.6
Foyer
Published: June 4, 2024

CVE-2024-3031

4.4
Fluid Notification Bar plugin for WordPress
Published: June 4, 2024

CVE-2024-4462

4.4
Nafeza Prayer Time plugin for WordPress
Published: June 4, 2024

CVE-2024-1717

4.3
Admin Notices Manager plugin for WordPress
Published: June 4, 2024

CVE-2024-4274

4.3
WordPress Essential Real Estate plugin
Published: June 4, 2024

CVE-2023-28494

4.3
CodePeople Contact Form Email
Published: June 4, 2024

CVE-2023-45053

4.3
WP Content Pilot - Autoblogging & Affiliate Marketing Plugin
Published: June 4, 2024

CVE-2024-30484

4.3
RT Easy Builder - Advanced addons for Elementor
Published: June 4, 2024

CVE-2024-4220

4.3
BeyondInsight
Published: June 4, 2024

CVE-2024-20873

4.2
caminfo driver
Published: June 4, 2024

CVE-2024-20875

4.0
SemClipboard
Published: June 4, 2024

CVE-2024-20879

4.0
UNKNOWN
Published: June 4, 2024

CVE-2023-47769

3.7
WP Maintenance
Published: June 4, 2024

CVE-2023-47818

3.7
LWS Hide Login
Published: June 4, 2024

CVE-2023-48335

3.7
Webcraftic Hide login page
Published: June 4, 2024

CVE-2023-49741

3.7
Coming soon and Maintenance mode
Published: June 4, 2024

CVE-2023-49748

3.7
WPS Hide Login
Published: June 4, 2024

CVE-2023-49822

3.7
Ultimate Dashboard by David Vongries
Published: June 4, 2024

CVE-2023-52147

3.7
All In One WP Security & Firewall
Published: June 4, 2024

CVE-2024-0757

None
Insert or Embed Articulate Content into WordPress plugin
Published: June 4, 2024

CVE-2024-2470

None
Simple Ajax Chat WordPress plugin
Published: June 4, 2024

CVE-2024-4057

None
Gutenberg Blocks with AI by Kadence WP WordPress plugin
Published: June 4, 2024

CVE-2024-4180

None
Events Calendar WordPress plugin
Published: June 4, 2024

CVE-2024-4749

None
wp-eMember WordPress plugin
Published: June 4, 2024

CVE-2024-4750

None
buddyboss-platform WordPress plugin
Published: June 4, 2024

CVE-2024-4856

None
FS Product Inquiry WordPress plugin
Published: June 4, 2024

CVE-2024-4857

None
FS Product Inquiry WordPress plugin
Published: June 4, 2024

CVE-2024-36104

None
Apache OFBiz
Published: June 4, 2024

CVE-2024-5420

None
SEH Computertechnik utnserver Pro
Published: June 4, 2024

CVE-2024-5421

None
utnserver Pro
Published: June 4, 2024

CVE-2024-5422

None
SEH Computertechnik utnserver Pro
Published: June 4, 2024

CVE-2024-36800

None
SEMCMS
Published: June 4, 2024

CVE-2024-36801

None
SEMCMS
Published: June 4, 2024

CVE-2024-0756

None
Insert or Embed Articulate Content into WordPress plugin
Published: June 4, 2024

CVE-2024-36547

None
idccms
Published: June 4, 2024

CVE-2024-36548

None
idccms
Published: June 4, 2024

CVE-2024-36549

None
idccms
Published: June 4, 2024

CVE-2024-36550

None
idccms
Published: June 4, 2024

CVE-2024-36604

None
Tenda O3V2
Published: June 4, 2024

CVE-2024-36857

None
Jan
Published: June 4, 2024

CVE-2024-36858

None
Jan
Published: June 4, 2024

CVE-2024-37273

None
Jan
Published: June 4, 2024

CVE-2022-28652

None
Ubuntu
Published: June 4, 2024

CVE-2022-28654

None
Ubuntu
Published: June 4, 2024

CVE-2022-28655

None
UNKNOWN
Published: June 4, 2024

CVE-2022-28656

None
UNKNOWN
Published: June 4, 2024

CVE-2022-28657

None
Ubuntu
Published: June 4, 2024

CVE-2022-28658

None
Ubuntu
Published: June 4, 2024

CVE-2024-30889

None
audimex audimexEE
Published: June 4, 2024

CVE-2024-36675

None
LyLme_spage
Published: June 4, 2024
» Click here to see all Vulnerabilities «