Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers

CVE-2024-22399

10/1/2024

16/9/2024

Apache Seata

Remote code execution

9.8

Deserialization of Untrusted Data vulnerability in Apache Seata. When developers disable authentication on the Seata-Server and do not use the Seata client SDK dependencies, they may construct uncontrolled serialized malicious requests by directly sending bytecode based on the Seata private protocol. This issue affects Apache Seata: 2.0.0, from 1.0.0 through 1.8.0. Users are recommended to upgrade to version 2.1.0/1.8.1, which fixes the issue.

Update version1.8.1
Update version 2.1.0

https://app.opencve.io/cve/CVE-2024-22399

CVE-2024-45593

10/9/2024

20/9/2024

Nix

Privilege Escalation

9.1

Nix is a package manager for Linux and other Unix systems. A bug in Nix 2.24 prior to 2.24.6 allows a substituter or malicious user to craft a NAR that, when unpacked by Nix, causes Nix to write to arbitrary file system locations to which the Nix process has access. This will be with root permissions when using the Nix daemon. This issue is fixed in Nix 2.24.6.

Update version 2.24.6

https://nvd.nist.gov/vuln/detail/CVE-2024-45593

CVE-2023-32154

3/5/2024

21/9/2024

Mikrotik RouterOS

Out-Of-Bounds Write Remote Code Execution

7.5

Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Router Advertisement Daemon. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-19797

Update version

https://mikrotik.com/supportsec/cve-2023-32154

CVE-2024-8907

16/9/2024

18/9/2024

Google Chrome on Android

Cross-Site Scripting

6.1

medium-severity vulnerability that allows a remote attacker to inject arbitrary scripts or HTML into the browser. This can occur when a user is tricked into performing specific UI gestures. The lack of proper validation in the Omnibox component enables the attacker to exploit this weakness, potentially leading to unauthorized actions or data exposure. The vulnerability affects multiple versions of Chromium across different Debian ecosystems, including Debian 11, 12, and 13

Update web browser

https://vulert.com/vuln-db/debian-11-chromium-171225

CVE-2024-36148

21/5/2024

23/9/2024

Adobe Experience

Stored Cross-Site Scripting (XSS)

5.4

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

Update Adobe Experience Manager

https://app.opencve.io/cve/CVE-2024-36148

Beware Of Weaponized Excel Document That Delivers Fileless Remcos RAT

13/09/2024

Phishing, malware

   Medusa is a new ransomware group that uses unconventional tactics, with a presence on both the public and dark web. They use a Ransomware-as-a-Service (RaaS) model and attack sectors such as healthcare and education. The group disseminates information via blogs and Telegram to intimidate victims, while also using sophisticated techniques such as SQL injection and PowerShell to carry out their attacks. ​

1.Regularly update and install security patches​

2.Regularly back up and store your data in a location that is isolated from the network to prevent data loss​

3.Use multi-factor authentication to reduce the chance of unauthorized access​