SecuriTricks - 2024-07-03

Attack Reports

Title	Published	Tags	Description	Number of indicators
SmokeLoader Evolution Through The Years	July 3, 2024, 11:54 a.m.	smokeloader downloader 2024-07-03	This report provides an in-depth analysis of the evolution of SmokeLoader, a prominent malware downloader that has been active si…	11
Attack Case against HFS (HTTP File Server) Server (Suspected CVE-2024-23692)	July 3, 2024, 11:39 a.m.	backdoor exploit rat xmrig vulnerability plugx gh0strat CVE-2024-23692 cobaltstrike korplug destroyrat xenorat 2024-07-03 gothief	A remote code execution vulnerability (CVE-2024-23692) in the HFS (HTTP File Server) program has allowed attackers to execute mal…	14
New Ransomware Operator Volcano Demon Serving Up LukaLocker	July 3, 2024, 11:35 a.m.	ransomware data-theft 2024-07-03 lukalocker	A cybersecurity firm has encountered a new ransomware organization, dubbed Volcano Demon, responsible for recent attacks involvin…	3

» Click here to see all Attack Reports «

Vulnerabilities

CVE	CVSS	Published	Product impacted	Tags
CVE-2024-37082	9.0	July 3, 2024, 6:15 a.m.	Cloud Foundry	CWE-290 security@vmware.com 2024-07-03 CVE-2024-37082
CVE-2024-2376	8.8	July 3, 2024, 6:15 a.m.	WPQA Builder WordPress plugin	contact@wpscan.com CWE-352 2024-07-03 CVE-2024-2376
CVE-2024-5887	8.8	July 3, 2024, 6:15 p.m.	UNKNOWN	CWE-352 security@huntr.dev 2024-07-03 CVE-2024-5887
CVE-2024-39830	8.1	July 3, 2024, 9:15 a.m.	Mattermost	CWE-287 responsibledisclosure@mattermost.com 2024-07-03 CVE-2024-39830
CVE-2024-6426	8.1	July 3, 2024, 12:15 p.m.	MESbook	CWE-200 cve-coordination@incibe.es 2024-07-03 CVE-2024-6426
CVE-2024-32937	8.1	July 3, 2024, 2:15 p.m.	Grandstream GXP2135	talos-cna@cisco.com CWE-78 2024-07-03 CVE-2024-32937
CVE-2024-6427	7.5	July 3, 2024, 12:15 p.m.	MESbook	CWE-400 cve-coordination@incibe.es 2024-07-03 CVE-2024-6427
CVE-2024-35227	7.5	July 3, 2024, 6:15 p.m.	Discourse	CWE-20 security-advisories@github.com 2024-07-03 CVE-2024-35227
CVE-2024-5672	7.2	July 3, 2024, 1:15 p.m.	UNKNOWN	CWE-78 info@cert.vde.com 2024-07-03 CVE-2024-5672
CVE-2024-6052	6.5	July 3, 2024, 3:15 p.m.	Checkmk	CWE-80 security@checkmk.com 2024-07-03 CVE-2024-6052
CVE-2024-3332	6.5	July 3, 2024, 5:15 p.m.	UNKNOWN	CWE-476 2024-07-03 CVE-2024-3332 vulnerabilities@zephyrproject.org
CVE-2024-37157	6.4	July 3, 2024, 8:15 p.m.	Discourse	security-advisories@github.com CWE-918 2024-07-03 CVE-2024-37157
CVE-2024-6471	6.3	July 3, 2024, 2:15 p.m.	SourceCodester Online Tours & Travels Management	CWE-89 cna@vuldb.com 2024-07-03 CVE-2024-6471
CVE-2024-5821	6.2	July 3, 2024, 6:15 p.m.	UNKNOWN	CWE-284 security@huntr.dev 2024-07-03 CVE-2024-5821
CVE-2024-39683	5.7	July 3, 2024, 8:15 p.m.	ZITADEL	security-advisories@github.com CWE-200 2024-07-03 CVE-2024-39683
CVE-2024-2234	5.4	July 3, 2024, 6:15 a.m.	Himer WordPress theme	CWE-79 contact@wpscan.com 2024-07-03 CVE-2024-2234
CVE-2024-2375	5.4	July 3, 2024, 6:15 a.m.	WPQA Builder WordPress plugin	CWE-79 contact@wpscan.com 2024-07-03 CVE-2024-2375
CVE-2024-4482	5.4	July 3, 2024, 8:15 a.m.	The Plus Addons for Elementor	CWE-79 security@wordfence.com 2024-07-03 CVE-2024-4482
CVE-2024-6263	5.4	July 3, 2024, 8:15 a.m.	WP Lightbox 2 plugin	CWE-79 security@wordfence.com 2024-07-03 CVE-2024-6263
CVE-2024-6340	5.4	July 3, 2024, 8:15 a.m.	Premium Addons for Elementor plugin for WordPress	CWE-79 security@wordfence.com 2024-07-03 CVE-2024-6340
CVE-2024-6428	5.3	July 3, 2024, 9:15 a.m.	Mattermost	CWE-284 responsibledisclosure@mattermost.com 2024-07-03 CVE-2024-6428
CVE-2024-31223	5.3	July 3, 2024, 6:15 p.m.	Fides	security-advisories@github.com CWE-497 2024-07-03 CVE-2024-31223
CVE-2024-6383	5.3	July 3, 2024, 10:15 p.m.	MongoDB C Driver	CWE-122 cna@mongodb.com 2024-07-03 CVE-2024-6383
CVE-2024-36113	4.9	July 3, 2024, 7:15 p.m.	Discourse	security-advisories@github.com CWE-862 2024-07-03 CVE-2024-36113
CVE-2024-4543	4.3	July 3, 2024, 5:15 a.m.	Snippet Shortcodes plugin for WordPress	security@wordfence.com CWE-352 2024-07-03 CVE-2024-4543
CVE-2024-2040	4.3	July 3, 2024, 6:15 a.m.	Himer WordPress theme	contact@wpscan.com CWE-352 2024-07-03 CVE-2024-2040
CVE-2024-2233	4.3	July 3, 2024, 6:15 a.m.	Himer WordPress theme	contact@wpscan.com CWE-352 2024-07-03 CVE-2024-2233
CVE-2024-2235	4.3	July 3, 2024, 6:15 a.m.	Himer WordPress theme	contact@wpscan.com CWE-352 2024-07-03 CVE-2024-2235
CVE-2024-35234	4.2	July 3, 2024, 7:15 p.m.	Discourse	security-advisories@github.com CWE-79 2024-07-03 CVE-2024-35234
CVE-2024-6126	3.2	July 3, 2024, 3:15 p.m.	cockpit	secalert@redhat.com CWE-400 2024-07-03 CVE-2024-6126
CVE-2024-39361	3.1	July 3, 2024, 9:15 a.m.	Mattermost	CWE-284 responsibledisclosure@mattermost.com 2024-07-03 CVE-2024-39361
CVE-2024-39807	3.1	July 3, 2024, 9:15 a.m.	Mattermost	CWE-200 responsibledisclosure@mattermost.com 2024-07-03 CVE-2024-39807
CVE-2024-36257	2.7	July 3, 2024, 9:15 a.m.	Mattermost	CWE-284 responsibledisclosure@mattermost.com 2024-07-03 CVE-2024-36257
CVE-2024-39353	2.7	July 3, 2024, 9:15 a.m.	Mattermost	CWE-200 responsibledisclosure@mattermost.com 2024-07-03 CVE-2024-39353
CVE-2024-6469	2.7	July 3, 2024, 11:15 a.m.	playSMS	CWE-74 cna@vuldb.com 2024-07-03 CVE-2024-6469
CVE-2024-6470	2.7	July 3, 2024, 1:15 p.m.	playSMS	CWE-74 cna@vuldb.com 2024-07-03 CVE-2024-6470
CVE-2024-36122	2.4	July 3, 2024, 8:15 p.m.	Discourse	security-advisories@github.com CWE-200 2024-07-03 CVE-2024-36122
CVE-2024-32673	None	July 3, 2024, 2:15 a.m.	Walrus Webassembly runtime engine	CWE-129 PSIRT@samsung.com 2024-07-03 CVE-2024-32673
CVE-2024-39920	None	July 3, 2024, 4:15 a.m.	UNKNOWN	cve@mitre.org 2024-07-03 CVE-2024-39920
CVE-2024-2231	None	July 3, 2024, 6:15 a.m.	WordPress	contact@wpscan.com 2024-07-03 CVE-2024-2231
CVE-2024-38453	None	July 3, 2024, 6:15 a.m.	Avalara for Salesforce CPQ app	cve@mitre.org 2024-07-03 CVE-2024-38453
CVE-2024-37726	None	July 3, 2024, 2:15 p.m.	Micro-Star International Co., Ltd MSI Center	cve@mitre.org 2024-07-03 CVE-2024-37726
CVE-2024-39220	None	July 3, 2024, 3:15 p.m.	BAS-IP Intercom Systems	cve@mitre.org 2024-07-03 CVE-2024-39220
CVE-2024-39223	None	July 3, 2024, 3:15 p.m.	gost	cve@mitre.org 2024-07-03 CVE-2024-39223
CVE-2024-39248	None	July 3, 2024, 5:15 p.m.	SimpCMS	cve@mitre.org 2024-07-03 CVE-2024-39248
CVE-2024-39844	None	July 3, 2024, 5:15 p.m.	ZNC	cve@mitre.org 2024-07-03 CVE-2024-39844
CVE-2023-52168	None	July 3, 2024, 6:15 p.m.	7-Zip	cve@mitre.org 2024-07-03 CVE-2023-52168
CVE-2023-52169	None	July 3, 2024, 6:15 p.m.	7-Zip	cve@mitre.org 2024-07-03 CVE-2023-52169
CVE-2024-29506	None	July 3, 2024, 6:15 p.m.	Artifex Ghostscript	cve@mitre.org 2024-07-03 CVE-2024-29506
CVE-2024-29508	None	July 3, 2024, 6:15 p.m.	Artifex Ghostscript	cve@mitre.org 2024-07-03 CVE-2024-29508
CVE-2024-29509	None	July 3, 2024, 6:15 p.m.	Artifex Ghostscript	cve@mitre.org 2024-07-03 CVE-2024-29509
CVE-2024-29507	None	July 3, 2024, 7:15 p.m.	Ghostscript	cve@mitre.org 2024-07-03 CVE-2024-29507
CVE-2024-29510	None	July 3, 2024, 7:15 p.m.	Artifex Ghostscript	cve@mitre.org 2024-07-03 CVE-2024-29510
CVE-2024-29511	None	July 3, 2024, 7:15 p.m.	Artifex Ghostscript	cve@mitre.org 2024-07-03 CVE-2024-29511
CVE-2024-33869	None	July 3, 2024, 7:15 p.m.	Ghostscript	cve@mitre.org 2024-07-03 CVE-2024-33869
CVE-2024-33870	None	July 3, 2024, 7:15 p.m.	Artifex Ghostscript	cve@mitre.org 2024-07-03 CVE-2024-33870
CVE-2024-33871	None	July 3, 2024, 7:15 p.m.	Artifex Ghostscript	cve@mitre.org 2024-07-03 CVE-2024-33871
CVE-2024-6488	None	July 3, 2024, 7:15 p.m.	UNKNOWN	security@wordfence.com 2024-07-03 CVE-2024-6488
CVE-2024-34750	None	July 3, 2024, 8:15 p.m.	Apache Tomcat	CWE-400 security@apache.org 2024-07-03 CVE-2024-34750
CVE-2024-6461	None	July 3, 2024, 9:15 p.m.	UNKNOWN	security@wordfence.com 2024-07-03 CVE-2024-6461
CVE-2024-6463	None	July 3, 2024, 9:15 p.m.	UNKNOWN	security@wordfence.com 2024-07-03 CVE-2024-6463
CVE-2024-6464	None	July 3, 2024, 9:15 p.m.	UNKNOWN	security@wordfence.com 2024-07-03 CVE-2024-6464
CVE-2024-6284	None	July 3, 2024, 11:15 p.m.	UNKNOWN	CWE-20 cve-coordination@google.com 2024-07-03 CVE-2024-6284

» Click here to see all Vulnerabilities «

Tag : 2024-07-03