Tag: 2024-12-24

2 Attack Reports | 61 Vulnerabilities

Attack reports

More SSH Fun!

A Windows batch file has been discovered that abuses the ssh.exe tool in modern Windows versions to create a backdoor. The script adds a registry entry for persistence and uses SSH to set up a reverse tunnel, allowing remote access. It also downloads and executes a malicious file using a Dev Tunnel…
ssh
2024-12-24
dev tunnels
Published: December 24, 2024
Downloadable IOCs: 2

Analyzing Malicious Intent in Python Code: A Case Study

Two malicious packages, Zebo-0.1.0 and Cometlogger-0.1, were identified by an AI-driven OSS malware detection system. These packages contain Python scripts designed for surveillance, data exfiltration, and unauthorized control. Zebo-0.1.0 uses obfuscation techniques, keylogging, screen capturing, a…
python
2024-12-24
zebo-0.1.0
cometlogger-0.1
Published: December 24, 2024
Downloadable IOCs: 3
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-43441

9.8
    Apache HugeGraph-Server
  • Version(s): 1.0.0 - 1.5.0
Published: December 24, 2024

CVE-2024-12594

8.8
    Custom Login Page Styler plugin for WordPress
  • Version(s): up to 7.1.1
Published: December 24, 2024

CVE-2024-12881

8.8
    WordPress PlugVersions plugin
  • Version(s): up to 0.0.7
Published: December 24, 2024

CVE-2019-2483

8.2
    Oracle E-Business Suite
  • Version(s): 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7, 12.2.8
Published: December 24, 2024

CVE-2024-47515

8.1
    Pagure
Published: December 24, 2024

CVE-2024-12744

8.0
    Amazon Redshift JDBC Driver
  • Version(s): 2.1.0.31
Published: December 24, 2024

CVE-2024-12745

8.0
    Amazon Redshift Python Connector
  • Version(s): 2.1.4
Published: December 24, 2024

CVE-2024-12746

8.0
    Amazon Redshift ODBC Driver
  • Version(s): 2.1.5.0
Published: December 24, 2024

CVE-2024-53156

7.8
    Linux
  • Linux Kernel
Published: December 24, 2024

CVE-2024-12582

7.1
    skupper console
Published: December 24, 2024

CVE-2024-53150

7.1
    Linux
  • Linux Kernel
Published: December 24, 2024

CVE-2024-53155

7.1
    Linux
  • Linux Kernel
Published: December 24, 2024

CVE-2022-21505

6.7
    Linux Kernel
Published: December 24, 2024

CVE-2024-12266

6.5
    ELEX WooCommerce Dynamic Pricing and Discounts plugin for WordPress
  • Version(s): up to 2.1.7
Published: December 24, 2024

CVE-2024-12031

6.5
    Advanced Floating Content plugin for WordPress
  • Version(s): up to 3.8.2
Published: December 24, 2024

CVE-2024-10856

6.5
    Booking Calendar WpDevArt plugin
  • Version(s): up to 3.2.19
Published: December 24, 2024

CVE-2024-11726

6.5
    Appointment Booking Calendar Plugin and Scheduling Plugin - BookingPress plugin for WordPress
  • Version(s): up to 1.1.21
Published: December 24, 2024

CVE-2024-12507

6.4
    Optio Dentistry plugin for WordPress
  • Version(s): up to 2.1
Published: December 24, 2024

CVE-2024-12518

6.4
    ShMapper by Teplitsa plugin for WordPress
  • Version(s): up to 1.4.18
Published: December 24, 2024

CVE-2024-11885

6.4
    NinjaTeam Chat for Telegram plugin for WordPress
  • Version(s): up to 1.0
Published: December 24, 2024

CVE-2024-12622

6.4
    WordPress Simple Shopping Cart plugin
  • Version(s): up to 5.0.7
Published: December 24, 2024

CVE-2024-12814

6.4
    Loan Comparison plugin for WordPress
  • Version(s): up to 2.0
Published: December 24, 2024

CVE-2024-11896

6.4
    Text Prompter plugin for WordPress
  • Version(s): up to 1.0.7
Published: December 24, 2024

CVE-2024-8721

6.4
    WordPress Tracking Code Manager plugin
  • Version(s): up to 2.3.0
Published: December 24, 2024

CVE-2024-12268

6.4
    Responsive Blocks - WordPress Gutenberg Blocks plugin
  • Version(s): up to 1.9.7
Published: December 24, 2024

CVE-2024-12710

6.1
    WP-Appbox plugin for WordPress
  • Version(s): up to 4.5.3
Published: December 24, 2024

CVE-2024-12096

6.1
    Exhibit to WP Gallery WordPress plugin
  • Version(s): 0.0.2
Published: December 24, 2024

CVE-2024-12100

6.1
    Bitcoin Lightning Publisher for WordPress plugin
  • Version(s): up to 1.4.1
Published: December 24, 2024

CVE-2024-12405

6.1
    Export Customers Data plugin for WordPress
  • Version(s): up to 1.2.3
Published: December 24, 2024

CVE-2024-12468

6.1
    WP Datepicker plugin for WordPress
  • Version(s): up to 2.1.4
Published: December 24, 2024

CVE-2024-53145

5.5
    Linux
  • Linux Kernel
Published: December 24, 2024

CVE-2024-53146

5.5
    Linux
  • Linux Kernel
Published: December 24, 2024

CVE-2024-53151

5.5
    Linux
  • Linux Kernel
Published: December 24, 2024

CVE-2024-53154

5.5
    Linux
  • Linux Kernel
Published: December 24, 2024

CVE-2024-53157

5.5
    Linux
  • Linux Kernel
Published: December 24, 2024

CVE-2024-9427

5.4
    Koji
Published: December 24, 2024

CVE-2024-12617

5.4
    WC Price History for Omnibus plugin for WordPress
  • Version(s): up to 2.1.3
Published: December 24, 2024

CVE-2024-10584

5.4
    DirectoryPress - Business Directory And Classified Ad Listing plugin for WordPress
  • Version(s): up to 3.6.16
Published: December 24, 2024

CVE-2024-12034

5.3
    Advanced Google reCAPTCHA plugin for WordPress
  • Version(s): up to 1.25
Published: December 24, 2024

CVE-2024-12103

5.3
    WordPress plugin: Content No Cache
  • Version(s): up to 0.1.2
Published: December 24, 2024

CVE-2024-12850

4.9
    WordPress Database Backup and check Tables Automated With Scheduler plugin
  • Version(s): up to 2.32
Published: December 24, 2024

CVE-2024-53149

4.6
    Linux
  • Linux Kernel
Published: December 24, 2024

CVE-2024-12210

4.3
    Print Invoice & Delivery Notes for WooCommerce plugin
  • Version(s): up to 5.4.0
Published: December 24, 2024

CVE-2024-41882

None
    NVR
Published: December 24, 2024

CVE-2024-41883

None
    NVR
Published: December 24, 2024

CVE-2024-41884

None
    NVR
Published: December 24, 2024

CVE-2024-41885

None
    NVR
Published: December 24, 2024

CVE-2024-41886

None
    NVR
Published: December 24, 2024

CVE-2024-41887

None
    NVR
Published: December 24, 2024

CVE-2024-53240

None
    Linux kernel
Published: December 24, 2024

CVE-2024-53241

None
    Linux kernel
Published: December 24, 2024

CVE-2024-53147

None
    Linux kernel
Published: December 24, 2024

CVE-2024-53148

None
    Linux kernel
Published: December 24, 2024

CVE-2024-53152

None
    Linux kernel
Published: December 24, 2024

CVE-2024-53153

None
    Linux kernel
Published: December 24, 2024

CVE-2024-53158

None
    Linux kernel
Published: December 24, 2024

CVE-2024-53159

None
    Linux Kernel
Published: December 24, 2024

CVE-2024-53160

None
    Linux kernel
Published: December 24, 2024

CVE-2024-53161

None
    Linux kernel
Published: December 24, 2024

CVE-2024-53162

None
    Linux Kernel
Published: December 24, 2024

CVE-2024-53163

None
    Linux kernel
Published: December 24, 2024
Click here to see more Vulnerabilities