SecuriTricks - 2024-07-24

Title	Published	Tags	Description	Number of indicators
The tapestry of threats targeting Hamster Kombat players	July 24, 2024, 8:45 p.m.	android spyware 2024-07-24	This analysis delves into the various malicious threats capitalizing on the immense popularity of the Hamster Kombat mobile game.…	26
Stargazers Ghost Network	July 24, 2024, 5:04 p.m.	infostealers 2024-07-24 botnets	Check Point Research identified a sophisticated network of GitHub accounts distributing malware through malicious repositories. T…	37
Malware Analysis - Accelerating Analysis When It Matters	July 24, 2024, 4:57 p.m.	2024-07-24 malware analysis	This report provides information on how security professionals can expedite the analysis of multiple malware samples. By utilizin…	28
Fake update puts visitors at risk	July 24, 2024, 8:09 a.m.	malware cobalt strike zloader lumma stealer socgholish wordpress downloader redline stealer 2024-07-24 netsupport rat egregor ryuk fake update badspace	This intelligence report discusses SocGholish, a JavaScript downloader used by threat actors to deliver malware payloads disguise…	10
Threat Actor Uses Fake Recovery Manual to Deliver Unidentified Stealer	July 24, 2024, 8:06 a.m.	impersonation stealer exfiltration credential 2024-07-24 daolpu malicious-document	An intelligence report outlines a campaign where an unidentified threat actor impersonated a Microsoft recovery manual through a …	6
Exploiting CVE-2024-21412: A Stealer Campaign Unleashed	July 24, 2024, 8:02 a.m.	malware evasion windows stealer CVE-2024-21412 injection pdf meduza stealer 2024-07-24 acr stealer	This report details a malicious campaign exploiting the CVE-2024-21412 vulnerability in Microsoft Windows SmartScreen to bypass s…	27

Vulnerabilities

CVE	CVSS	Published	Product impacted	Tags
CVE-2024-6327	9.9	July 24, 2024, 2:15 p.m.	Progress Telerik Report Server	security@progress.com CWE-502 2024-07-24 CVE-2024-6327
CVE-2024-41110	9.9	July 24, 2024, 5:15 p.m.	Docker Engine	security-advisories@github.com CWE-187 2024-07-24 CVE-2024-41110
CVE-2023-45249	9.8	July 24, 2024, 2:15 p.m.	Acronis Cyber Infrastructure (ACI)	security@acronis.com 2024-07-24 CVE-2023-45249 CWE-1393
CVE-2024-6756	8.8	July 24, 2024, 3:15 a.m.	Social Auto Poster plugin for WordPress	security@wordfence.com CWE-434 2024-07-24 CVE-2024-6756
CVE-2024-6096	8.8	July 24, 2024, 2:15 p.m.	Telerik Reporting	security@progress.com CWE-470 2024-07-24 CVE-2024-6096
CVE-2024-41667	8.8	July 24, 2024, 6:15 p.m.	OpenAM	security-advisories@github.com CWE-94 2024-07-24 CVE-2024-41667
CVE-2024-41662	8.6	July 24, 2024, 5:15 p.m.	VNote	security-advisories@github.com CWE-79 2024-07-24 CVE-2024-41662
CVE-2024-41914	8.1	July 24, 2024, 3:15 p.m.	EdgeConnect SD-WAN Orchestrator	security-alert@hpe.com 2024-07-24 CVE-2024-41914
CVE-2024-41672	7.5	July 24, 2024, 6:15 p.m.	DuckDB	security-advisories@github.com CWE-200 2024-07-24 CVE-2024-41672
CVE-2024-6750	7.3	July 24, 2024, 3:15 a.m.	Social Auto Poster plugin for WordPress	security@wordfence.com CWE-862 2024-07-24 CVE-2024-6750
CVE-2024-7027	7.3	July 24, 2024, 3:15 a.m.	WooCommerce - PDF Vouchers plugin for WordPress	security@wordfence.com CWE-288 2024-07-24 CVE-2024-7027
CVE-2024-7066	7.3	July 24, 2024, 11:15 a.m.	F-logic DataCube3	CWE-78 cna@vuldb.com 2024-07-24 CVE-2024-7066
CVE-2024-6753	7.2	July 24, 2024, 3:15 a.m.	Social Auto Poster plugin for WordPress	CWE-79 security@wordfence.com 2024-07-24 CVE-2024-6753
CVE-2024-22443	7.2	July 24, 2024, 3:15 p.m.	EdgeConnect SD-WAN Orchestrator	security-alert@hpe.com 2024-07-24 CVE-2024-22443
CVE-2024-33519	7.2	July 24, 2024, 8:15 p.m.	HPE Aruba Networking EdgeConnect SD-WAN gateway	security-alert@hpe.com 2024-07-24 CVE-2024-33519
CVE-2024-41133	7.2	July 24, 2024, 8:15 p.m.	HPE Aruba Networking EdgeConnect SD-WAN gateway	security-alert@hpe.com 2024-07-24 CVE-2024-41133
CVE-2024-41134	7.2	July 24, 2024, 8:15 p.m.	HPE Aruba Networking EdgeConnect SD-WAN gateway	security-alert@hpe.com 2024-07-24 CVE-2024-41134
CVE-2024-41135	7.2	July 24, 2024, 8:15 p.m.	HPE Aruba Networking EdgeConnect SD-WAN gateway	security-alert@hpe.com 2024-07-24 CVE-2024-41135
CVE-2024-41136	6.8	July 24, 2024, 9:15 p.m.	HPE Aruba Networking EdgeConnect SD-WAN gateways	security-alert@hpe.com 2024-07-24 CVE-2024-41136
CVE-2024-6755	6.5	July 24, 2024, 3:15 a.m.	Social Auto Poster plugin for WordPress	security@wordfence.com CWE-862 2024-07-24 CVE-2024-6755
CVE-2024-3297	6.5	July 24, 2024, 8:15 a.m.	Matter protocol	CWE-400 cve-requests@bitdefender.com 2024-07-24 CVE-2024-3297
CVE-2024-6752	6.4	July 24, 2024, 3:15 a.m.	Social Auto Poster plugin for WordPress	CWE-79 security@wordfence.com 2024-07-24 CVE-2024-6752
CVE-2024-6629	6.4	July 24, 2024, 7:15 a.m.	All-in-One Video Gallery plugin for WordPress	CWE-79 security@wordfence.com 2024-07-24 CVE-2024-6629
CVE-2024-6930	6.4	July 24, 2024, 8:15 a.m.	WP Booking Calendar plugin	CWE-79 security@wordfence.com 2024-07-24 CVE-2024-6930
CVE-2024-6896	6.4	July 24, 2024, 11:15 a.m.	AMP for WP - Accelerated Mobile Pages plugin	CWE-79 security@wordfence.com 2024-07-24 CVE-2024-6896
CVE-2024-3896	6.4	July 24, 2024, 1:15 p.m.	Rbs Image Gallery plugin for WordPress	CWE-79 security@wordfence.com 2024-07-24 CVE-2024-3896
CVE-2024-5818	6.4	July 24, 2024, 1:15 p.m.	Royal Elementor Addons and Templates plugin for WordPress	CWE-79 security@wordfence.com 2024-07-24 CVE-2024-5818
CVE-2024-6751	6.3	July 24, 2024, 3:15 a.m.	Social Auto Poster plugin for WordPress	security@wordfence.com CWE-352 2024-07-24 CVE-2024-6751
CVE-2024-7067	6.3	July 24, 2024, 2:15 p.m.	Ecommerce-Laravel-Bootstrap	CWE-502 cna@vuldb.com 2024-07-24 CVE-2024-7067
CVE-2024-7069	6.3	July 24, 2024, 4:15 p.m.	SourceCodester Employee and Visitor Gate Pass Logging System	CWE-89 cna@vuldb.com 2024-07-24 CVE-2024-7069
CVE-2024-7081	6.3	July 24, 2024, 9:15 p.m.	Tailoring Management System	CWE-89 cna@vuldb.com 2024-07-24 CVE-2024-7081
CVE-2024-3246	6.1	July 24, 2024, 4:15 a.m.	LiteSpeed Cache plugin for WordPress	security@wordfence.com CWE-352 2024-07-24 CVE-2024-3246
CVE-2024-22444	6.1	July 24, 2024, 4:15 p.m.	EdgeConnect SD-WAN Orchestrator	security-alert@hpe.com 2024-07-24 CVE-2024-22444
CVE-2023-32471	6.0	July 24, 2024, 8:15 a.m.	Dell Edge Gateway BIOS	security_alert@emc.com CWE-125 2024-07-24 CVE-2023-32471
CVE-2023-32466	5.7	July 24, 2024, 7:15 a.m.	Dell Edge Gateway BIOS	security_alert@emc.com CWE-787 2024-07-24 CVE-2023-32466
CVE-2024-6754	5.4	July 24, 2024, 3:15 a.m.	Social Auto Poster plugin for WordPress	security@wordfence.com CWE-862 2024-07-24 CVE-2024-6754
CVE-2024-7079	5.4	July 24, 2024, 4:15 p.m.	Openshift console	secalert@redhat.com CWE-306 2024-07-24 CVE-2024-7079
CVE-2024-5861	5.3	July 24, 2024, 4:15 a.m.	WP EasyPay - Square for WordPress plugin	security@wordfence.com CWE-862 2024-07-24 CVE-2024-5861
CVE-2024-6553	5.3	July 24, 2024, 7:15 a.m.	WP Meteor Website Speed Optimization Addon plugin	CWE-200 security@wordfence.com 2024-07-24 CVE-2024-6553
CVE-2024-6571	5.3	July 24, 2024, 7:15 a.m.	Optimize Images ALT Text (alt tag) & names for SEO using AI plugin for WordPress	CWE-200 security@wordfence.com 2024-07-24 CVE-2024-6571
CVE-2024-7080	5.3	July 24, 2024, 8:15 p.m.	SourceCodester Insurance Management System	cna@vuldb.com CWE-425 2024-07-24 CVE-2024-7080
CVE-2024-41666	4.7	July 24, 2024, 6:15 p.m.	Argo CD	security-advisories@github.com CWE-269 2024-07-24 CVE-2024-41666
CVE-2024-6836	4.3	July 24, 2024, 6:15 a.m.	Funnel Builder for WordPress by FunnelKit	security@wordfence.com CWE-862 2024-07-24 CVE-2024-6836
CVE-2024-7065	4.3	July 24, 2024, 10:15 a.m.	Spina CMS	CWE-352 cna@vuldb.com 2024-07-24 CVE-2024-7065
CVE-2024-3454	3.5	July 24, 2024, 8:15 a.m.	Connectivity Standards Alliance Matter protocol	CWE-209 cve-requests@bitdefender.com 2024-07-24 CVE-2024-3454
CVE-2024-7068	3.5	July 24, 2024, 3:15 p.m.	SourceCodester Insurance Management System	CWE-79 cna@vuldb.com 2024-07-24 CVE-2024-7068
CVE-2024-21684	3.1	July 24, 2024, 6:15 p.m.	Bitbucket Data Center	security@atlassian.com 2024-07-24 CVE-2024-21684
CVE-2024-37533	2.4	July 24, 2024, 6:15 p.m.	IBM InfoSphere Information Server	psirt@us.ibm.com CWE-359 2024-07-24 CVE-2024-37533
CVE-2024-40767	None	July 24, 2024, 5:15 a.m.	OpenStack Nova	cve@mitre.org 2024-07-24 CVE-2024-40767
CVE-2024-6094	None	July 24, 2024, 6:15 a.m.	WP ULike WordPress plugin	contact@wpscan.com 2024-07-24 CVE-2024-6094
CVE-2023-48362	None	July 24, 2024, 8:15 a.m.	Apache Drill	CWE-611 security@apache.org 2024-07-24 CVE-2023-48362
CVE-2024-39676	None	July 24, 2024, 8:15 a.m.	Apache Pinot	CWE-200 security@apache.org 2024-07-24 CVE-2024-39676
CVE-2024-6197	None	July 24, 2024, 8:15 a.m.	libcurl	2024-07-24 CVE-2024-6197 2499f714-1537-4658-8207-48ae4bb9eae9
CVE-2024-6874	None	July 24, 2024, 8:15 a.m.	libcurl	2024-07-24 2499f714-1537-4658-8207-48ae4bb9eae9 CVE-2024-6874
CVE-2024-31971	None	July 24, 2024, 3:15 p.m.	AdTran NetVanta 3120	cve@mitre.org 2024-07-24 CVE-2024-31971
CVE-2024-31977	None	July 24, 2024, 3:15 p.m.	Adtran 834-5	cve@mitre.org 2024-07-24 CVE-2024-31977
CVE-2024-39345	None	July 24, 2024, 3:15 p.m.	AdTran 834-5 HDC17600021F1 (SmartOS 11.1.1.1) devices	cve@mitre.org 2024-07-24 CVE-2024-39345
CVE-2024-31970	None	July 24, 2024, 4:15 p.m.	AdTran SRG 834-5 HDC17600021F1 devices	cve@mitre.org 2024-07-24 CVE-2024-31970
CVE-2024-36541	None	July 24, 2024, 4:15 p.m.	logging-operator	cve@mitre.org 2024-07-24 CVE-2024-36541
CVE-2024-40422	None	July 24, 2024, 4:15 p.m.	stitionai devika v1	cve@mitre.org 2024-07-24 CVE-2024-40422
CVE-2024-40575	None	July 24, 2024, 4:15 p.m.	Huawei Technologies opengauss	cve@mitre.org 2024-07-24 CVE-2024-40575
CVE-2024-36539	None	July 24, 2024, 5:15 p.m.	contour	cve@mitre.org 2024-07-24 CVE-2024-36539
CVE-2024-36540	None	July 24, 2024, 5:15 p.m.	external-secrets	cve@mitre.org 2024-07-24 CVE-2024-36540
CVE-2024-36536	None	July 24, 2024, 7:15 p.m.	fabedge	cve@mitre.org 2024-07-24 CVE-2024-36536
CVE-2024-36537	None	July 24, 2024, 7:15 p.m.	cert-manager	cve@mitre.org 2024-07-24 CVE-2024-36537
CVE-2024-36538	None	July 24, 2024, 7:15 p.m.	Chaos Mesh	cve@mitre.org 2024-07-24 CVE-2024-36538
CVE-2024-40137	None	July 24, 2024, 7:15 p.m.	Dolibarr ERP CRM	cve@mitre.org 2024-07-24 CVE-2024-40137
CVE-2024-40495	None	July 24, 2024, 7:15 p.m.	Linksys Router E2500	cve@mitre.org 2024-07-24 CVE-2024-40495
CVE-2024-36533	None	July 24, 2024, 8:15 p.m.	volcano	cve@mitre.org 2024-07-24 CVE-2024-36533
CVE-2024-36534	None	July 24, 2024, 8:15 p.m.	hwameistor	cve@mitre.org 2024-07-24 CVE-2024-36534
CVE-2024-36535	None	July 24, 2024, 8:15 p.m.	meshery	cve@mitre.org 2024-07-24 CVE-2024-36535
CVE-2024-41550	None	July 24, 2024, 8:15 p.m.	CampCodes Supplier Management System	cve@mitre.org 2024-07-24 CVE-2024-41550
CVE-2024-41551	None	July 24, 2024, 8:15 p.m.	CampCodes Supplier Management System	cve@mitre.org 2024-07-24 CVE-2024-41551
CVE-2024-41459	None	July 24, 2024, 9:15 p.m.	Tenda FH1201	cve@mitre.org 2024-07-24 CVE-2024-41459
CVE-2024-41460	None	July 24, 2024, 9:15 p.m.	Tenda FH1201	cve@mitre.org 2024-07-24 CVE-2024-41460
CVE-2024-41461	None	July 24, 2024, 9:15 p.m.	Tenda FH1201	cve@mitre.org 2024-07-24 CVE-2024-41461
CVE-2024-41462	None	July 24, 2024, 9:15 p.m.	Tenda FH1201	cve@mitre.org 2024-07-24 CVE-2024-41462
CVE-2024-41463	None	July 24, 2024, 9:15 p.m.	Tenda FH1201	cve@mitre.org 2024-07-24 CVE-2024-41463
CVE-2024-41464	None	July 24, 2024, 9:15 p.m.	Tenda FH1201	cve@mitre.org 2024-07-24 CVE-2024-41464
CVE-2024-41465	None	July 24, 2024, 9:15 p.m.	Tenda FH1201	cve@mitre.org 2024-07-24 CVE-2024-41465
CVE-2024-41466	None	July 24, 2024, 9:15 p.m.	Tenda FH1201	cve@mitre.org 2024-07-24 CVE-2024-41466

» Click here to see all Vulnerabilities «

Tag : 2024-07-24

Attack Reports

Vulnerabilities