CVE-2024-8932, -8929, -11233, -11236, -11234: Multiple vulnerabilities in PHP, 4.8 - 9.8 rating π₯
Five vulnerabilities in some PHP versions, which allowing attackers to leak sensitive information, execute arbitrary code, or launch DoS attacks.
More then 700k instances at Netlas.io:
π Link 1 (tag, more precisely): https://nt.ls/yIHH8
π Dork: tag.php.version:(>=8.1.0 AND <8.1.31) OR tag.php.version:(>=8.2.0 AND <8.2.26) OR tag.php.version:(>=8.3.0 AND <8.3.14)
π Link 2 (not tag, all PHP instances): https://nt.ls/9GJlg
π Dork: http.headers.x_powered_by:"php" OR http.headers.set_cookie:"PHPSESSID" OR http.headers.server:"PHP"
Vendor's advisories: https://github.com/php/php-src/security
Five vulnerabilities in some PHP versions, which allowing attackers to leak sensitive information, execute arbitrary code, or launch DoS attacks.
More then 700k instances at Netlas.io:
π Link 1 (tag, more precisely): https://nt.ls/yIHH8
π Dork: tag.php.version:(>=8.1.0 AND <8.1.31) OR tag.php.version:(>=8.2.0 AND <8.2.26) OR tag.php.version:(>=8.3.0 AND <8.3.14)
π Link 2 (not tag, all PHP instances): https://nt.ls/9GJlg
π Dork: http.headers.x_powered_by:"php" OR http.headers.set_cookie:"PHPSESSID" OR http.headers.server:"PHP"
Vendor's advisories: https://github.com/php/php-src/security
1π₯4πΎ4
Black Friday & Cyber Monday Discount at Netlas π
Take advantage of our exclusive Black Friday & Cyber Monday deal: 20% off Freelancer and Business subscriptions for both monthly and annual billing cycles!
The best part? This isnβt just a one-time discount β itβs your forever price as long as your subscription remains active or until base prices are reconsidered π₯
All you need to claim your forever discount is the code: BFCM2024.
π Learn more here: https://nt.ls/2WiQ0
Take advantage of our exclusive Black Friday & Cyber Monday deal: 20% off Freelancer and Business subscriptions for both monthly and annual billing cycles!
The best part? This isnβt just a one-time discount β itβs your forever price as long as your subscription remains active or until base prices are reconsidered π₯
All you need to claim your forever discount is the code: BFCM2024.
π Learn more here: https://nt.ls/2WiQ0
1π₯4πΎ3π2
CVE-2024-8114, -8177, -11669, -11668: Multiple vulnerabilities in GitLab, 4.2 - 8.2 ratingβοΈ
GitLab has posted an advisory about several vulnerabilities. These include Privilege Escalation, DoS, Authentication Bypass, and others.
Search at Netlas.io:
π Link: https://nt.ls/xgD6x
π Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2024/11/26/patch-release-gitlab-17-6-1-released/
GitLab has posted an advisory about several vulnerabilities. These include Privilege Escalation, DoS, Authentication Bypass, and others.
Search at Netlas.io:
π Link: https://nt.ls/xgD6x
π Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2024/11/26/patch-release-gitlab-17-6-1-released/
π4πΎ3
CVE-2024-42327: SQL Injection in Zabbix, 9.9 rating π₯
The discovered vulnerability allows any Zabbix user to perform Privilege Escalation via SQL injection.
Search at Netlas.io:
π Link: https://nt.ls/qH7Ao
π Dork: http.favicon.hash_sha256:22b06a141c425c92951056805f46691c4cd8e7547ed90b8836a282950d4b4be2
Vendor's advisory: https://support.zabbix.com/browse/ZBX-25623
The discovered vulnerability allows any Zabbix user to perform Privilege Escalation via SQL injection.
Search at Netlas.io:
π Link: https://nt.ls/qH7Ao
π Dork: http.favicon.hash_sha256:22b06a141c425c92951056805f46691c4cd8e7547ed90b8836a282950d4b4be2
Vendor's advisory: https://support.zabbix.com/browse/ZBX-25623
1π₯4πΎ4π1
CVE-2024-11667: Directory Traversal in Zyxel Firewalls, 7.3 ratingβοΈ
A vulnerability in the web interface of some firewalls allows an attacker to download or upload files using a special URL.
Search at Netlas.io:
π Link: https://nt.ls/agozE
π Dork: http.favicon.hash_sha256:9a02f3cf948f9409c25070f2f057b69dda5d0aaf7fa8d056552e8bda8295ca1f
Vendor's advisory: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-protecting-against-recent-firewall-threats-11-27-2024
A vulnerability in the web interface of some firewalls allows an attacker to download or upload files using a special URL.
Search at Netlas.io:
π Link: https://nt.ls/agozE
π Dork: http.favicon.hash_sha256:9a02f3cf948f9409c25070f2f057b69dda5d0aaf7fa8d056552e8bda8295ca1f
Vendor's advisory: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-protecting-against-recent-firewall-threats-11-27-2024
πΎ4π3π₯2
CVE-2024-8672: Code Injection in Widget Options WordPress Plugin, 9.9 rating π₯
The vulnerability allows an attacker to enter data that is transmitted without proper filtering. This could potentially lead to remote code execution.
Search at Netlas.io:
π Link: https://nt.ls/xOEZp
π Dork: http.body:"plugins/widget-options"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/widget-options/widget-options-the-1-wordpress-widget-block-control-plugin-407-authenticated-contributor-remote-code-execution
The vulnerability allows an attacker to enter data that is transmitted without proper filtering. This could potentially lead to remote code execution.
Search at Netlas.io:
π Link: https://nt.ls/xOEZp
π Dork: http.body:"plugins/widget-options"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/widget-options/widget-options-the-1-wordpress-widget-block-control-plugin-407-authenticated-contributor-remote-code-execution
π₯5πΎ4
π¨ Netlas is down due to issues with a planned update. Weβre rolling back and working to restore service ASAP. Apologies for the inconvenienceβupdates to follow.
π2
β
Netlas is back online, and all services are operational.
However, our team is continuing to monitor the system and address any lingering issues to ensure full stability. We apologize for the disruption and thank you for your patience and understanding.
However, our team is continuing to monitor the system and address any lingering issues to ensure full stability. We apologize for the disruption and thank you for your patience and understanding.
β€2π2
β οΈ Private Scanner Temporarily Unavailable
Since yesterday, weβve been addressing technical issues affecting parts of our infrastructure. Most Netlas App features were fully restored within an hour after an incident and are now working smoothly. However, the Private Scanner feature remains temporarily disabled.
Our team is working diligently to fully restore our scanning infrastructure and will update you as soon as the feature is back online. We sincerely apologize for the inconvenience this has caused and deeply appreciate your patience and understanding.
Since yesterday, weβve been addressing technical issues affecting parts of our infrastructure. Most Netlas App features were fully restored within an hour after an incident and are now working smoothly. However, the Private Scanner feature remains temporarily disabled.
Our team is working diligently to fully restore our scanning infrastructure and will update you as soon as the feature is back online. We sincerely apologize for the inconvenience this has caused and deeply appreciate your patience and understanding.
π5π2π1
CVE-2024-48651: Vulnerability in ProFTPD Server, 7.5 ratingβοΈ
A bug discovered a few days ago allows attackers to gain root level access on vulnerable systems.
Search at Netlas.io:
π Link: https://nt.ls/eKpeY
π Dork: ftp.banner:"ProFTPD"
Read more: https://github.com/proftpd/proftpd/issues/1830
A bug discovered a few days ago allows attackers to gain root level access on vulnerable systems.
Search at Netlas.io:
π Link: https://nt.ls/eKpeY
π Dork: ftp.banner:"ProFTPD"
Read more: https://github.com/proftpd/proftpd/issues/1830
π3π₯3πΎ2β€1
CVE-2024-53907, -53908: DoS and SCLi in Django, high ratingβοΈ
Some versions of Django are susceptible to vulnerabilities in the django.utils.html.strip_tags() and in the lookup django.db.models.fields.json.HasKey method, which allow DoS or SQL injection.
Search at Netlas.io:
π Link: https://nt.ls/VbueR
π Dork: tag.name:"django"
Vendor's advisory: https://www.djangoproject.com/weblog/2024/dec/04/security-releases/
Some versions of Django are susceptible to vulnerabilities in the django.utils.html.strip_tags() and in the lookup django.db.models.fields.json.HasKey method, which allow DoS or SQL injection.
Search at Netlas.io:
π Link: https://nt.ls/VbueR
π Dork: tag.name:"django"
Vendor's advisory: https://www.djangoproject.com/weblog/2024/dec/04/security-releases/
π₯4πΎ4π±1
CVE-2024-55579, -55580: RCE and Broken Access Control in Qlik Sense, 7.5 - 8.8 ratingβοΈ
Vulnerabilities discovered in Qlik Sense allow attackers to run EXE files on the server, as well as remotely execute commands, potentially affecting confidentiality and integrity.
Search at Netlas.io:
π Link: https://nt.ls/9ok2E
π Dork: http.title:"Qlik Sense"
Vendor's advisory: https://community.qlik.com/t5/Official-Support-Articles/High-Security-fixes-for-Qlik-Sense-Enterprise-for-Windows-CVEs/tac-p/2496004
Vulnerabilities discovered in Qlik Sense allow attackers to run EXE files on the server, as well as remotely execute commands, potentially affecting confidentiality and integrity.
Search at Netlas.io:
π Link: https://nt.ls/9ok2E
π Dork: http.title:"Qlik Sense"
Vendor's advisory: https://community.qlik.com/t5/Official-Support-Articles/High-Security-fixes-for-Qlik-Sense-Enterprise-for-Windows-CVEs/tac-p/2496004
π₯3πΎ3
β
Private Scanner Restored
Weβre happy to share that the Private Scanner feature is now fully restored and operational.
Thank you for your patience and understanding. All systems are working fineβhappy scanning!
Weβre happy to share that the Private Scanner feature is now fully restored and operational.
Thank you for your patience and understanding. All systems are working fineβhappy scanning!
π₯3π2
CVE-2024-11205: Missing Authorization in WPForms WordPress Plugin, 8.5 ratingβοΈ
A vulnerability affecting several functions allows attackers to return payments made through the Stripe system.
Search at Netlas.io:
π Link: https://nt.ls/tFWxo
π Dork: http.body:"plugins/wpforms-lite"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wpforms-lite/wpforms-184-1921-missing-authorization-to-authenticated-subscriber-payment-refund-and-subscription-cancellation
A vulnerability affecting several functions allows attackers to return payments made through the Stripe system.
Search at Netlas.io:
π Link: https://nt.ls/tFWxo
π Dork: http.body:"plugins/wpforms-lite"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wpforms-lite/wpforms-184-1921-missing-authorization-to-authenticated-subscriber-payment-refund-and-subscription-cancellation
π3πΎ3π₯2
CVE-2024-49106 and other: Multiple vulnerabilities in Microsoft RDP Services, 8.1 ratingβοΈ
In the latest advisories, Microsoft notifies about nine vulnerabilities in RDP protocol services. These include many RCEs as well as DoS.
Search at Netlas.io:
π Link: https://nt.ls/cfRLq
π Dork: rdp:*
Vendor's advisory: https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-49106
In the latest advisories, Microsoft notifies about nine vulnerabilities in RDP protocol services. These include many RCEs as well as DoS.
Search at Netlas.io:
π Link: https://nt.ls/cfRLq
π Dork: rdp:*
Vendor's advisory: https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-49106
π₯3πΎ3π1
CVE-2024-11274, -8233, other: Multiple vulnerabilities in GitLab, 7.5 - 8.7 ratingβ
In a new release, GitLab talked about two important vulnerabilities. One of them allows attacker to carry out DoS, the second allows to steal session data and potentially gain unauthorized access to accounts. Several smaller vulnerabilities are also mentioned.
Search at Netlas.io:
π Link: https://nt.ls/xM1vs
π Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2024/12/11/patch-release-gitlab-17-6-2-released/
In a new release, GitLab talked about two important vulnerabilities. One of them allows attacker to carry out DoS, the second allows to steal session data and potentially gain unauthorized access to accounts. Several smaller vulnerabilities are also mentioned.
Search at Netlas.io:
π Link: https://nt.ls/xM1vs
π Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2024/12/11/patch-release-gitlab-17-6-2-released/
π3π₯3πΎ3
CVE-2024-38819: Path Traversal in Spring Framework, 7.5 ratingβοΈ
Another Path Traversal vulnerability in the Spring framework. This time there is even a PoC!
Search at Netlas.io:
π Link: https://nt.ls/AzCtg
π Dork: tag.name:"spring"
Vendor's advisory: https://spring.io/security/cve-2024-38819
Another Path Traversal vulnerability in the Spring framework. This time there is even a PoC!
Search at Netlas.io:
π Link: https://nt.ls/AzCtg
π Dork: tag.name:"spring"
Vendor's advisory: https://spring.io/security/cve-2024-38819
π4π₯2πΎ1
Private Scanner API Documentation π
Weβve updated the Netlas documentation with a significant addition: a detailed guide on using the Private Scanner API.
π Read the docs: https://docs.netlas.io/automation/scanner_api/
Weβve updated the Netlas documentation with a significant addition: a detailed guide on using the Private Scanner API.
π Read the docs: https://docs.netlas.io/automation/scanner_api/
π4πΎ3
CVE-2024-50379, -54677: RCE and DoS in Apache Tomcat, 5.3 - 9.8 rating π₯
New vulnerabilities allow attackers to upload and execute malicious files disguised as legitimate ones, as well as cause OutOfMemoryError to shut down the server.
Search at Netlas.io:
π Link: https://nt.ls/WHRGO
π Dork: http.favicon.hash_sha256:64a3170a912786e9eece7e347b58f36471cb9d0bc790697b216c61050e6b1f08 OR http.headers.server:"Apache-Coyote"
Read more: https://lists.apache.org/thread/y6lj6q1xnp822g6ro70tn19sgtjmr80r
New vulnerabilities allow attackers to upload and execute malicious files disguised as legitimate ones, as well as cause OutOfMemoryError to shut down the server.
Search at Netlas.io:
π Link: https://nt.ls/WHRGO
π Dork: http.favicon.hash_sha256:64a3170a912786e9eece7e347b58f36471cb9d0bc790697b216c61050e6b1f08 OR http.headers.server:"Apache-Coyote"
Read more: https://lists.apache.org/thread/y6lj6q1xnp822g6ro70tn19sgtjmr80r
π₯5πΎ3
π§ Cryptopayments Temporarily Unavailable
Due to a system failure, weβre resynchronizing our nodes. Bitcoin payments are expected to restore in 12 hours, while Litecoin payments may take up to 48 hours.
Sorry for any inconvenience.
Due to a system failure, weβre resynchronizing our nodes. Bitcoin payments are expected to restore in 12 hours, while Litecoin payments may take up to 48 hours.
Sorry for any inconvenience.
π5