SecuriTricks - 2024-09-12

Attack Reports

Title	Published	Tags	Description	Number of indicators
DragonRank, a Chinese-speaking SEO manipulator service provider	Sept. 12, 2024, 9:27 p.m.	plugx black mimikatz badpotato metasploit 2024-09-12 illusion dragonrank plugx loader badiis malware c cd	Cisco Talos is disclosing a new threat called “DragonRank” that primarily targets countries in Asia and a few in Europe, operatin…	35
Phishing Via Typosquatting and Brand Impersonation: Trends and Tactics	Sept. 12, 2024, 8:23 a.m.	phishing typosquatting credential theft scams domain abuse 2024-09-12 brand impersonation certificate abuse	From February to July 2024, an analysis of over 500 popular domains revealed more than 10,000 malicious lookalike domains employi…	10
Targeted Iranian Attacks Against Iraqi Government Infrastructure	Sept. 12, 2024, 8:21 a.m.	backdoor iran government dns tunneling infrastructure 2024-09-12 spearal email c2 veaty cachehttp iis module iraq	Check Point Research uncovered a new malware campaign targeting Iraqi government entities, employing custom tools named Veaty and…	16
19 Websites Identified as Part of an Iranian Global Influence Operation	Sept. 12, 2024, 8:19 a.m.	disinformation 2024-09-12 election interference influence operation political manipulation	An investigation has uncovered a network of 19 websites created by Iran as part of a global influence operation. These sites, pre…	19

» Click here to see all Attack Reports «

Vulnerabilities

CVE	CVSS	Published	Product impacted	Tags
CVE-2024-8522	10.0	Sept. 12, 2024, 9:15 a.m.	LearnPress - WordPress LMS Plugin	security@wordfence.com CWE-89 2024-09-12 CVE-2024-8522
CVE-2024-8529	10.0	Sept. 12, 2024, 9:15 a.m.	LearnPress - WordPress LMS Plugin	security@wordfence.com CWE-89 2024-09-12 CVE-2024-8529
CVE-2024-29847	9.8	Sept. 12, 2024, 2:15 a.m.	Ivanti EPM	CWE-502 support@hackerone.com 2024-09-12 CVE-2024-29847
CVE-2024-45824	9.8	Sept. 12, 2024, 2:16 p.m.	UNKNOWN	CWE-77 PSIRT@rockwellautomation.com 2024-09-12 CVE-2024-45824
CVE-2024-40457	9.1	Sept. 12, 2024, 2:16 p.m.	No-IP Dynamic Update Client (DUC) v3.x	cve@mitre.org CWE-313 2024-09-12 CVE-2024-40457
CVE-2024-45856	9.0	Sept. 12, 2024, 1:15 p.m.	MindsDB platform	CWE-79 6f8de1f0-f67e-45a6-b68f-98777fdb759c 2024-09-12 CVE-2024-45856
CVE-2024-28991	9.0	Sept. 12, 2024, 2:16 p.m.	SolarWinds Access Rights Manager (ARM)	CWE-502 psirt@solarwinds.com 2024-09-12 CVE-2024-28991
CVE-2024-8749	8.8	Sept. 12, 2024, 12:15 p.m.	idoit pro	CWE-89 cve-coordination@incibe.es 2024-09-12 CVE-2024-8749
CVE-2024-45846	8.8	Sept. 12, 2024, 1:15 p.m.	MindsDB platform	6f8de1f0-f67e-45a6-b68f-98777fdb759c CWE-95 2024-09-12 CVE-2024-45846
CVE-2024-45847	8.8	Sept. 12, 2024, 1:15 p.m.	MindsDB platform	6f8de1f0-f67e-45a6-b68f-98777fdb759c CWE-95 2024-09-12 CVE-2024-45847
CVE-2024-45848	8.8	Sept. 12, 2024, 1:15 p.m.	MindsDB platform	6f8de1f0-f67e-45a6-b68f-98777fdb759c CWE-95 2024-09-12 CVE-2024-45848
CVE-2024-45849	8.8	Sept. 12, 2024, 1:15 p.m.	MindsDB platform	6f8de1f0-f67e-45a6-b68f-98777fdb759c CWE-95 2024-09-12 CVE-2024-45849
CVE-2024-45850	8.8	Sept. 12, 2024, 1:15 p.m.	MindsDB platform	6f8de1f0-f67e-45a6-b68f-98777fdb759c CWE-95 2024-09-12 CVE-2024-45850
CVE-2024-45851	8.8	Sept. 12, 2024, 1:15 p.m.	MindsDB platform	6f8de1f0-f67e-45a6-b68f-98777fdb759c CWE-95 2024-09-12 CVE-2024-45851
CVE-2024-45852	8.8	Sept. 12, 2024, 1:15 p.m.	MindsDB platform	CWE-502 6f8de1f0-f67e-45a6-b68f-98777fdb759c 2024-09-12 CVE-2024-45852
CVE-2024-28981	8.5	Sept. 12, 2024, 12:15 a.m.	Hitachi Vantara Pentaho Data Integration & Analytics	CWE-522 2024-09-12 CVE-2024-28981 security.vulnerabilities@hitachivantara.com
CVE-2024-6658	8.4	Sept. 12, 2024, 3:18 p.m.	LoadMaster	CWE-20 security@progress.com 2024-09-12 CVE-2024-6658
CVE-2024-37397	8.2	Sept. 12, 2024, 2:15 a.m.	Ivanti EPM	CWE-200 support@hackerone.com 2024-09-12 CVE-2024-37397
CVE-2024-45823	8.1	Sept. 12, 2024, 3:18 p.m.	UNKNOWN	CWE-287 PSIRT@rockwellautomation.com 2024-09-12 CVE-2024-45823
CVE-2024-27320	7.8	Sept. 12, 2024, 1:15 p.m.	Refuel Autolabel library	6f8de1f0-f67e-45a6-b68f-98777fdb759c CWE-95 2024-09-12 CVE-2024-27320
CVE-2024-27321	7.8	Sept. 12, 2024, 1:15 p.m.	Refuel Autolabel library	6f8de1f0-f67e-45a6-b68f-98777fdb759c CWE-95 2024-09-12 CVE-2024-27321
CVE-2024-45857	7.8	Sept. 12, 2024, 1:15 p.m.	Cleanlab project	CWE-502 6f8de1f0-f67e-45a6-b68f-98777fdb759c 2024-09-12 CVE-2024-45857
CVE-2024-6510	7.8	Sept. 12, 2024, 3:18 p.m.	AVG Internet Security	CWE-427 a341c0d1-ebf7-493f-a84e-38cf86618674 2024-09-12 CVE-2024-6510
CVE-2021-22532	7.6	Sept. 12, 2024, 1:15 p.m.	OpenText eDirectory	security@opentext.com CWE-770 2024-09-12 CVE-2021-22532
CVE-2024-45624	7.5	Sept. 12, 2024, 5:15 a.m.	Pgpool-II	CWE-200 vultures@jpcert.or.jp 2024-09-12 CVE-2024-45624
CVE-2024-45825	7.5	Sept. 12, 2024, 3:18 p.m.	Rockwell Automation products	CWE-20 PSIRT@rockwellautomation.com 2024-09-12 CVE-2024-45825
CVE-2021-38133	7.4	Sept. 12, 2024, 1:15 p.m.	OpenText eDirectory	security@opentext.com CWE-521 2024-09-12 CVE-2021-38133
CVE-2024-32840	7.2	Sept. 12, 2024, 2:15 a.m.	Ivanti EPM	CWE-89 support@hackerone.com 2024-09-12 CVE-2024-32840
CVE-2024-32842	7.2	Sept. 12, 2024, 2:15 a.m.	Ivanti EPM	CWE-89 support@hackerone.com 2024-09-12 CVE-2024-32842
CVE-2024-32843	7.2	Sept. 12, 2024, 2:15 a.m.	Ivanti EPM	CWE-89 support@hackerone.com 2024-09-12 CVE-2024-32843
CVE-2024-32845	7.2	Sept. 12, 2024, 2:15 a.m.	Ivanti EPM	CWE-89 support@hackerone.com 2024-09-12 CVE-2024-32845
CVE-2024-32846	7.2	Sept. 12, 2024, 2:15 a.m.	Ivanti EPM	CWE-89 support@hackerone.com 2024-09-12 CVE-2024-32846
CVE-2024-32848	7.2	Sept. 12, 2024, 2:15 a.m.	Ivanti EPM	CWE-89 support@hackerone.com 2024-09-12 CVE-2024-32848
CVE-2024-34779	7.2	Sept. 12, 2024, 2:15 a.m.	Ivanti EPM	CWE-89 support@hackerone.com 2024-09-12 CVE-2024-34779
CVE-2024-34783	7.2	Sept. 12, 2024, 2:15 a.m.	Ivanti EPM	CWE-89 support@hackerone.com 2024-09-12 CVE-2024-34783
CVE-2024-34785	7.2	Sept. 12, 2024, 2:15 a.m.	Ivanti EPM	CWE-89 support@hackerone.com 2024-09-12 CVE-2024-34785
CVE-2024-7766	7.2	Sept. 12, 2024, 6:15 a.m.	Adicon Server WordPress plugin	contact@wpscan.com 2024-09-12 CVE-2024-7766
CVE-2024-45853	7.1	Sept. 12, 2024, 1:15 p.m.	MindsDB platform	CWE-502 6f8de1f0-f67e-45a6-b68f-98777fdb759c 2024-09-12 CVE-2024-45853
CVE-2024-45854	7.1	Sept. 12, 2024, 1:15 p.m.	MindsDB platform	CWE-502 6f8de1f0-f67e-45a6-b68f-98777fdb759c 2024-09-12 CVE-2024-45854
CVE-2024-45855	7.1	Sept. 12, 2024, 1:15 p.m.	MindsDB platform	CWE-502 6f8de1f0-f67e-45a6-b68f-98777fdb759c 2024-09-12 CVE-2024-45855
CVE-2024-45826	6.8	Sept. 12, 2024, 3:18 p.m.	ThinManager	CWE-610 PSIRT@rockwellautomation.com 2024-09-12 CVE-2024-45826
CVE-2024-38222	6.5	Sept. 12, 2024, 3:15 a.m.	Microsoft Edge (Chromium-based)	CWE-276 secure@microsoft.com 2024-09-12 CVE-2024-38222
CVE-2024-7817	6.5	Sept. 12, 2024, 6:15 a.m.	Misiek Photo Album WordPress plugin	contact@wpscan.com CWE-352 2024-09-12 CVE-2024-7817
CVE-2024-7859	6.5	Sept. 12, 2024, 6:15 a.m.	Visual Sound WordPress plugin	contact@wpscan.com CWE-352 2024-09-12 CVE-2024-7859
CVE-2021-22533	6.5	Sept. 12, 2024, 1:15 p.m.	OpenText eDirectory	security@opentext.com CWE-532 2024-09-12 CVE-2021-22533
CVE-2024-42483	6.5	Sept. 12, 2024, 3:18 p.m.	ESP32	security-advisories@github.com CWE-349 2024-09-12 CVE-2024-42483
CVE-2024-42484	6.5	Sept. 12, 2024, 3:18 p.m.	ESP-NOW Component	security-advisories@github.com CWE-125 2024-09-12 CVE-2024-42484
CVE-2024-4660	6.5	Sept. 12, 2024, 5:15 p.m.	GitLab EE	CWE-862 cve@gitlab.com 2024-09-12 CVE-2024-4660
CVE-2024-4612	6.4	Sept. 12, 2024, 5:15 p.m.	GitLab EE	CWE-601 cve@gitlab.com 2024-09-12 CVE-2024-4612
CVE-2024-8709	6.3	Sept. 12, 2024, 3:15 a.m.	SourceCodester Best House Rental Management System	CWE-89 cna@vuldb.com 2024-09-12 CVE-2024-8709
CVE-2024-8710	6.3	Sept. 12, 2024, 3:15 a.m.	Inventory Management	CWE-89 cna@vuldb.com 2024-09-12 CVE-2024-8710
CVE-2024-28990	6.3	Sept. 12, 2024, 2:16 p.m.	SolarWinds Access Rights Manager (ARM)	CWE-798 psirt@solarwinds.com 2024-09-12 CVE-2024-28990
CVE-2024-6017	6.1	Sept. 12, 2024, 6:15 a.m.	Music Request Manager WordPress plugin	contact@wpscan.com 2024-09-12 CVE-2024-6017
CVE-2024-6018	6.1	Sept. 12, 2024, 6:15 a.m.	Music Request Manager WordPress plugin	contact@wpscan.com 2024-09-12 CVE-2024-6018
CVE-2024-6019	6.1	Sept. 12, 2024, 6:15 a.m.	Music Request Manager WordPress plugin	contact@wpscan.com 2024-09-12 CVE-2024-6019
CVE-2024-7816	6.1	Sept. 12, 2024, 6:15 a.m.	Gixaw Chat WordPress plugin	contact@wpscan.com 2024-09-12 CVE-2024-7816
CVE-2024-7818	6.1	Sept. 12, 2024, 6:15 a.m.	Misiek Photo Album WordPress plugin	CWE-79 contact@wpscan.com 2024-09-12 CVE-2024-7818
CVE-2024-7822	6.1	Sept. 12, 2024, 6:15 a.m.	Quick Code WordPress plugin	CWE-79 contact@wpscan.com 2024-09-12 CVE-2024-7822
CVE-2024-7860	6.1	Sept. 12, 2024, 6:15 a.m.	Simple Headline Rotator WordPress plugin	CWE-79 contact@wpscan.com 2024-09-12 CVE-2024-7860
CVE-2024-7861	6.1	Sept. 12, 2024, 6:15 a.m.	Misiek Paypal WordPress plugin	CWE-79 contact@wpscan.com 2024-09-12 CVE-2024-7861
CVE-2024-8054	6.1	Sept. 12, 2024, 6:15 a.m.	MM-Breaking News WordPress plugin	CWE-79 contact@wpscan.com 2024-09-12 CVE-2024-8054
CVE-2024-8056	6.1	Sept. 12, 2024, 6:15 a.m.	MM-Breaking News WordPress plugin	contact@wpscan.com 2024-09-12 CVE-2024-8056
CVE-2024-8622	6.1	Sept. 12, 2024, 9:15 a.m.	amCharts: Charts and Maps plugin for WordPress	CWE-79 security@wordfence.com 2024-09-12 CVE-2024-8622
CVE-2021-22518	5.8	Sept. 12, 2024, 1:15 p.m.	OpenText Identity Manager AzureAD Driver	security@opentext.com CWE-532 2024-09-12 CVE-2021-22518
CVE-2024-6700	5.5	Sept. 12, 2024, 3:18 p.m.	Pega Platform	CWE-79 2024-09-12 CVE-2024-6700 security@pega.com
CVE-2024-6701	5.5	Sept. 12, 2024, 3:18 p.m.	Pega Platform	CWE-79 2024-09-12 security@pega.com CVE-2024-6701
CVE-2024-8750	5.4	Sept. 12, 2024, 12:15 p.m.	idoit pro	CWE-79 cve-coordination@incibe.es 2024-09-12 CVE-2024-8750
CVE-2021-22503	5.4	Sept. 12, 2024, 1:15 p.m.	eDirectory	CWE-79 security@opentext.com 2024-09-12 CVE-2021-22503
CVE-2021-38131	5.4	Sept. 12, 2024, 1:15 p.m.	eDirectory	CWE-79 security@opentext.com 2024-09-12 CVE-2021-38131
CVE-2024-8711	5.3	Sept. 12, 2024, 4:15 a.m.	SourceCodester Food Ordering Management System	cna@vuldb.com CWE-548 2024-09-12 CVE-2024-8711
CVE-2021-38132	5.3	Sept. 12, 2024, 1:15 p.m.	eDirectory	security@opentext.com CWE-918 2024-09-12 CVE-2021-38132
CVE-2024-2743	5.3	Sept. 12, 2024, 5:15 p.m.	GitLab-EE	CWE-863 cve@gitlab.com 2024-09-12 CVE-2024-2743
CVE-2024-6702	5.2	Sept. 12, 2024, 3:18 p.m.	Pega Platform	CWE-74 2024-09-12 security@pega.com CVE-2024-6702
CVE-2022-26322	4.9	Sept. 12, 2024, 1:15 p.m.	OpenText Identity Manager REST Driver	security@opentext.com CWE-532 2024-09-12 CVE-2022-26322
CVE-2024-5799	4.8	Sept. 12, 2024, 6:15 a.m.	CM Pop-Up Banners for WordPress plugin	contact@wpscan.com 2024-09-12 CVE-2024-5799
CVE-2024-6887	4.8	Sept. 12, 2024, 6:15 a.m.	Giveaways and Contests by RafflePress WordPress plugin	contact@wpscan.com 2024-09-12 CVE-2024-6887
CVE-2024-5435	4.5	Sept. 12, 2024, 5:15 p.m.	GitLab	CWE-209 cve@gitlab.com 2024-09-12 CVE-2024-5435
CVE-2024-8706	4.3	Sept. 12, 2024, 12:15 a.m.	JFinalCMS	CWE-22 cna@vuldb.com 2024-09-12 CVE-2024-8706
CVE-2024-8707	4.3	Sept. 12, 2024, 1:15 a.m.	云课网络科技有限公司 Yunke Online School System	CWE-22 cna@vuldb.com 2024-09-12 CVE-2024-8707
CVE-2024-3163	4.3	Sept. 12, 2024, 6:15 a.m.	Easy Property Listings WordPress plugin	contact@wpscan.com CWE-352 2024-09-12 CVE-2024-3163
CVE-2024-7820	4.3	Sept. 12, 2024, 6:15 a.m.	ILC Thickbox WordPress plugin	contact@wpscan.com CWE-352 2024-09-12 CVE-2024-7820
CVE-2024-7862	4.3	Sept. 12, 2024, 6:15 a.m.	blogintroduction-wordpress-plugin	contact@wpscan.com CWE-352 2024-09-12 CVE-2024-7862
CVE-2024-6389	4.3	Sept. 12, 2024, 5:15 p.m.	GitLab-CE/EE	cve@gitlab.com CWE-497 2024-09-12 CVE-2024-6389
CVE-2024-8708	3.5	Sept. 12, 2024, 2:15 a.m.	SourceCodester Best House Rental Management System	CWE-79 cna@vuldb.com 2024-09-12 CVE-2024-8708
CVE-2024-6446	3.5	Sept. 12, 2024, 5:15 p.m.	GitLab	cve@gitlab.com CWE-840 2024-09-12 CVE-2024-6446
CVE-2024-2010	None	Sept. 12, 2024, 9:15 a.m.	TE Informatics	CWE-80 iletisim@usom.gov.tr 2024-09-12 CVE-2024-2010
CVE-2024-3305	None	Sept. 12, 2024, 1:15 p.m.	SoliClub	CWE-200 iletisim@usom.gov.tr 2024-09-12 CVE-2024-3305
CVE-2024-3306	None	Sept. 12, 2024, 1:15 p.m.	SoliClub	CWE-639 iletisim@usom.gov.tr 2024-09-12 CVE-2024-3306

» Click here to see all Vulnerabilities «

Tag : 2024-09-12