Tag: 2024-06-25

2 Attack Reports | 141 Vulnerabilities

Attack reports

StrelaStealer Resurgence: Tracking a JavaScript-Driven Credential Stealer Targeting Europe

Recent observations indicate a surge in JavaScript spreading StrelaStealer, a credential stealer specifically targeting Outlook and Thunderbird email credentials. While the infection chain resembles previous versions, additional checks have been implemented to avoid compromising systems in Russia. …
obfuscation
stealer
javascript
2024-06-25
strelastealer
Published: June 25, 2024
Downloadable IOCs: 5

Phishing Incident Report: Facts and Timeline

On June 18, 2024, an employee's account at ANY.RUN was compromised and used to carry out a phishing attack against the company's entire contact list. The initial compromise occurred on May 27 through an AiTM phishing campaign targeting the employee. Over the following weeks, the attacker maintained…
phishing
2024-06-25
data exfiltration
incident response
mfa bypass
email compromise
Published: June 25, 2024
Downloadable IOCs: 9
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-4196

10.0
    Avaya IP Office
Published: June 25, 2024

CVE-2024-6297

10.0
    WordPress plugins hosted on WordPress.org
Published: June 25, 2024

CVE-2024-4197

9.9
    Avaya IP Office
Published: June 25, 2024

CVE-2024-6303

9.9
    Conduit
Published: June 25, 2024

CVE-2024-6028

9.8
    Quiz Maker plugin for WordPress
Published: June 25, 2024

CVE-2024-4883

9.8
    WhatsUp Gold
Published: June 25, 2024

CVE-2024-4884

9.8
    WhatsUp Gold
Published: June 25, 2024

CVE-2024-4885

9.8
    Progress WhatsUp Gold
Published: June 25, 2024

CVE-2024-5276

9.8
    FileCatalyst Workflow
Published: June 25, 2024

CVE-2023-6198

9.3
    Baicells Snap Router BaiCE_BMI
Published: June 25, 2024

CVE-2024-5805

9.1
    Progress MOVEit Gateway
Published: June 25, 2024

CVE-2024-5431

8.8
    WPCafe - Online Food Ordering, Restaurant Menu, Delivery, and Reservations for WooCommerce plugin for WordPress
Published: June 25, 2024

CVE-2024-5008

8.8
    WhatsUp Gold
Published: June 25, 2024

CVE-2024-38516

8.8
    Aimeos e-commerce HTML client component
Published: June 25, 2024

CVE-2024-5012

8.6
    WhatsUp Gold
Published: June 25, 2024

CVE-2024-6257

8.4
    go-getter library
Published: June 25, 2024

CVE-2024-5009

8.4
    WhatsUp Gold
Published: June 25, 2024

CVE-2024-6302

8.1
    Conduit
Published: June 25, 2024

CVE-2024-4498

7.7
    parisneo/lollms-webui
Published: June 25, 2024

CVE-2024-5216

7.5
    UNKNOWN
Published: June 25, 2024

CVE-2024-5010

7.5
    WhatsUp Gold
Published: June 25, 2024

CVE-2024-5011

7.5
    WhatsUp Gold
Published: June 25, 2024

CVE-2024-6206

7.5
    HPE Athonet Mobile Core software
Published: June 25, 2024

CVE-2024-5013

7.5
    WhatsUp Gold
Published: June 25, 2024

CVE-2024-5806

7.4
    Progress MOVEit Transfer (SFTP module)
Published: June 25, 2024

CVE-2024-6238

7.4
    pgAdmin
Published: June 25, 2024

CVE-2024-6308

7.3
    Simple Online Hotel Reservation System
Published: June 25, 2024

CVE-2024-21827

7.2
    Tp-Link ER7206 Omada Gigabit VPN Router
Published: June 25, 2024

CVE-2024-5016

7.2
    WhatsUp Gold
Published: June 25, 2024

CVE-2024-4638

7.1
    OnCell G3470A-LTE Series firmware
Published: June 25, 2024

CVE-2024-4639

7.1
    OnCell G3470A-LTE Series
Published: June 25, 2024

CVE-2024-4640

7.1
    OnCell G3470A-LTE Series
Published: June 25, 2024

CVE-2024-5014

7.1
    WhatsUp Gold
Published: June 25, 2024

CVE-2024-5015

7.1
    WhatsUp Gold
Published: June 25, 2024

CVE-2024-37085

6.8
    VMware ESXi
Published: June 25, 2024

CVE-2024-37086

6.8
    VMware ESXi
Published: June 25, 2024

CVE-2024-31111

6.5
    WordPress
Published: June 25, 2024

CVE-2024-5017

6.5
    WhatsUp Gold
Published: June 25, 2024

CVE-2024-6307

6.4
    WordPress Core
Published: June 25, 2024

CVE-2024-5451

6.4
    The7 WordPress Theme
Published: June 25, 2024

CVE-2024-4641

6.3
    OnCell G3470A-LTE Series firmware
Published: June 25, 2024

CVE-2024-37894

6.3
    Squid
Published: June 25, 2024

CVE-2024-34141

5.4
    Adobe Experience Manager
Published: June 25, 2024

CVE-2024-34142

5.4
    Adobe Experience Manager
Published: June 25, 2024

CVE-2024-28831

5.4
    Checkmk
Published: June 25, 2024

CVE-2024-30112

5.4
    HCL Connections
Published: June 25, 2024

CVE-2024-6301

5.3
    Conduit
Published: June 25, 2024

CVE-2024-37087

5.3
    VMware vCenter Server
Published: June 25, 2024

CVE-2024-0171

5.3
    Dell PowerEdge Server BIOS
Published: June 25, 2024

CVE-2024-5018

5.3
    WhatsUp Gold
Published: June 25, 2024

CVE-2024-5019

5.3
    WhatsUp Gold
Published: June 25, 2024

CVE-2024-32111

5.0
    WordPress
Published: June 25, 2024

CVE-2024-28832

4.8
    Checkmk
Published: June 25, 2024

CVE-2024-6299

4.8
    Conduit
Published: June 25, 2024

CVE-2024-22385

4.4
    Hitachi Storage Provider for VMware vCenter
Published: June 25, 2024

CVE-2024-3249

4.3
    Zita Elementor Site Library plugin for WordPress
Published: June 25, 2024

CVE-2024-37167

4.3
    Tuleap Community Edition
Published: June 25, 2024

CVE-2024-6294

3.9
    udn News Android APP
Published: June 25, 2024

CVE-2024-6295

3.9
    udn News Android APP
Published: June 25, 2024

CVE-2024-32855

3.8
    Dell Client Platform BIOS
Published: June 25, 2024

CVE-2024-6300

3.7
    Conduit
Published: June 25, 2024

CVE-2023-37541

3.5
    HCL Connections
Published: June 25, 2024

CVE-2024-23140

None
    UNKNOWN
Published: June 25, 2024

CVE-2024-23141

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-23142

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-23143

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-23144

None
    Autodesk applications
Published: June 25, 2024

CVE-2023-5038

None
    UNKNOWN
Published: June 25, 2024

CVE-2024-23145

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-23146

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-23147

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-23148

None
    AutoCAD
Published: June 25, 2024

CVE-2024-23149

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-37000

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-37001

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-37002

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-23150

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-23151

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-23152

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-23153

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-23154

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-23155

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-23156

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-23157

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-23158

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-23159

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-36999

None
    Autodesk applications using opennurbs.dll
Published: June 25, 2024

CVE-2024-37003

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-37004

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-37005

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-37006

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-37007

None
    Autodesk applications
Published: June 25, 2024

CVE-2024-4757

None
    Logo Manager For Enamad WordPress plugin
Published: June 25, 2024

CVE-2024-4759

None
    Mime Types Extended WordPress plugin
Published: June 25, 2024

CVE-2024-6305

None
    WordPress Core
Published: June 25, 2024

CVE-2024-6306

None
    WordPress Core
Published: June 25, 2024

CVE-2024-4846

None
    Devolutions Server
Published: June 25, 2024

CVE-2024-5261

None
    LibreOffice
Published: June 25, 2024

CVE-2024-38951

None
    PX4-Autopilot
Published: June 25, 2024

CVE-2024-38952

None
    PX4-Autopilot
Published: June 25, 2024

CVE-2021-4440

None
    Linux Kernel
Published: June 25, 2024

CVE-2022-48772

None
    Linux Kernel
Published: June 25, 2024

CVE-2024-37078

None
    Linux kernel
Published: June 25, 2024

CVE-2024-37354

None
    Linux Kernel
Published: June 25, 2024

CVE-2024-38306

None
    Linux kernel
Published: June 25, 2024

CVE-2024-38385

None
    Linux kernel
Published: June 25, 2024

CVE-2024-38661

None
    Linux kernel
Published: June 25, 2024

CVE-2024-39276

None
    Linux kernel
Published: June 25, 2024

CVE-2024-39293

None
    Linux Kernel
Published: June 25, 2024

CVE-2024-39296

None
    Linux kernel
Published: June 25, 2024

CVE-2024-39298

None
    Linux kernel
Published: June 25, 2024

CVE-2024-39301

None
    Linux kernel
Published: June 25, 2024

CVE-2024-39362

None
    Linux kernel
Published: June 25, 2024

CVE-2024-39371

None
    Linux kernel
Published: June 25, 2024

CVE-2024-39461

None
    Linux kernel
Published: June 25, 2024

CVE-2024-39462

None
    Linux kernel
Published: June 25, 2024

CVE-2024-39463

None
    Linux kernel
Published: June 25, 2024

CVE-2024-39464

None
    Linux kernel
Published: June 25, 2024

CVE-2024-39465

None
    Linux kernel
Published: June 25, 2024

CVE-2024-39466

None
    Linux kernel
Published: June 25, 2024

CVE-2024-39467

None
    Linux Kernel
Published: June 25, 2024

CVE-2024-39468

None
    Linux kernel
Published: June 25, 2024

CVE-2024-39469

None
    Linux kernel
Published: June 25, 2024

CVE-2024-39470

None
    Linux Kernel
Published: June 25, 2024

CVE-2024-39471

None
    Linux kernel
Published: June 25, 2024

CVE-2024-5988

None
    Rockwell Automation ThinManager ThinServer
Published: June 25, 2024

CVE-2024-5989

None
    Rockwell Automation ThinManager ThinServer
Published: June 25, 2024

CVE-2024-5990

None
    Rockwell Automation ThinServer
Published: June 25, 2024

CVE-2024-36819

None
    MAP-OS
Published: June 25, 2024

CVE-2024-37820

None
    TiDB
Published: June 25, 2024

CVE-2024-21739

None
    UNKNOWN
Published: June 25, 2024

CVE-2024-21740

None
    UNKNOWN
Published: June 25, 2024

CVE-2024-21741

None
    Unknown
Published: June 25, 2024

CVE-2024-34400

None
    Virto Kanban Board Web Part for SharePoint 2019
Published: June 25, 2024

CVE-2024-35526

None
    FarCry Core framework
Published: June 25, 2024

CVE-2024-37843

None
    Craft CMS
Published: June 25, 2024

CVE-2024-37855

None
    Nepstech Wifi Router xpon (terminal) NTPL-Xpon1GFEVN
Published: June 25, 2024

CVE-2024-30931

None
    Emby Media Server
Published: June 25, 2024

CVE-2024-35527

None
    FarCry Core framework
Published: June 25, 2024

CVE-2024-37742

None
    Safe Exam Browser for Windows
Published: June 25, 2024

CVE-2024-6060

None
    Phloc Webscopes
Published: June 25, 2024
Click here to see more Vulnerabilities