SecPod Community Forums Topics

Viewing 15 topics - 1 through 15 (of 100 total)
    • Topic
    • Voices
    • Posts
    • Last Post
    • Patch repository creation for ubuntu 18,20,22 LTS Ubuntu ClientSide #!/bin/sh log_file="/var/log/create_sources_list.log" ip_address="192.168.2.50" # Replace with your desired IP address protocol="https" # Replace with your desired protocol (http/https) # Create a backup of the existing sources.list mv /etc/apt/sources.list /etc/apt/sources.list...Ubuntu ClientSide #!/bin/sh log_file="/var/log/create_sources_list.log" ip_address="192.168.2.50" # Replace with your desired IP address protocol="https" # Replace with your desired protocol (http/https) # Create a backup of the existing sources.list mv /etc/apt/sources.list /etc/apt/sources.list...

      Started by: Shreya in: SanerScript

    • 1
    • 2
    • Shreya

    • Patch repository creation for RHEL 8 and 9 RHEL 8 and 9 ClientSide #!/bin/bash # Specify the values ip_address="192.168.2.50" protocol="https" rhel_version="8" # Generate the repository configuration dynamically repo_filename="/etc/yum.repos.d/rhel${rhel_version}.repo" cat <<EOL > "$repo_filename" [RepoBaseOS] name = rhel-${rhel_...RHEL 8 and 9 ClientSide #!/bin/bash # Specify the values ip_address="192.168.2.50" protocol="https" rhel_version="8" # Generate the repository configuration dynamically repo_filename="/etc/yum.repos.d/rhel${rhel_version}.repo" cat <<EOL > "$repo_filename" [RepoBaseOS] name = rhel-${rhel_...

      Started by: Shreya in: SanerScript

    • 1
    • 3
    • Shreya

    • SecPod Cyber Bulletin 32nd Issue 1. Windows Zero-Days and Firefox Issues The RomCom group has been exploiting zero-day vulnerabilities (CVE-2024-9680 and CVE-2024-49039) in Windows and Firefox, emphasizing the need for continuous monitoring and timely updates. CVSS Score: 9.8,8.8 2. Critical Flaw Detected in ProjectSend A criti...1. Windows Zero-Days and Firefox Issues The RomCom group has been exploiting zero-day vulnerabilities (CVE-2024-9680 and CVE-2024-49039) in Windows and Firefox, emphasizing the need for continuous monitoring and timely updates. CVSS Score: 9.8,8.8 2. Critical Flaw Detected in ProjectSend A criti...

      Started by: saanidhyadwivedi in: Cyber Bulletin

    • 1
    • 1
    • saanidhyadwivedi

    • CVE-2024-45710 SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation vulnerability. This requires a low-privilege account and local access to the affected node machine. CVSS SCORE: 7.8 (HIGH)SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation vulnerability. This requires a low-privilege account and local access to the affected node machine. CVSS SCORE: 7.8 (HIGH)

      Started by: saanidhyadwivedi in: Critical Vulnerability and Exploit Exchange

    • 1
    • 1
    • saanidhyadwivedi

    • CVE-2024-9486 Some Kubernetes Image Builder versions have a security vulnerability where default credentials remain active, potentially allowing root access in clusters using VM images from the Proxmox provider. CVSS SCORE : 9.8 (Critical)Some Kubernetes Image Builder versions have a security vulnerability where default credentials remain active, potentially allowing root access in clusters using VM images from the Proxmox provider. CVSS SCORE : 9.8 (Critical)

      Started by: saanidhyadwivedi in: Critical Vulnerability and Exploit Exchange

    • 1
    • 1
    • saanidhyadwivedi

    • Patch repository creation for RHEL 7 RHEL_7 ClientSide #!/bin/bash # Specify the values ip_address="192.168.2.60" protocol="https" rhel_version="7" # Generate the repository configuration dynamically repo_filename="/etc/yum.repos.d/rhel${rhel_version}_custom.repo" cat <<EOL > "$repo_filename" [RepoMainrepo] name = rhel-${rh...RHEL_7 ClientSide #!/bin/bash # Specify the values ip_address="192.168.2.60" protocol="https" rhel_version="7" # Generate the repository configuration dynamically repo_filename="/etc/yum.repos.d/rhel${rhel_version}_custom.repo" cat <<EOL > "$repo_filename" [RepoMainrepo] name = rhel-${rh...

      Started by: Shreya in: SanerScript

    • 1
    • 2
    • Shreya

    • CVE-2024-52799 Prior to Argo Workflows 0.44.0, the workflow-role granted excessive privileges, including pod/exec creation, enabling arbitrary code execution. This vulnerability was fixed in version 0.44.0, affecting Helm Chart users. CVSS SCORE: 8.3Prior to Argo Workflows 0.44.0, the workflow-role granted excessive privileges, including pod/exec creation, enabling arbitrary code execution. This vulnerability was fixed in version 0.44.0, affecting Helm Chart users. CVSS SCORE: 8.3

      Started by: saanidhyadwivedi in: Critical Vulnerability and Exploit Exchange

    • 1
    • 1
    • saanidhyadwivedi

    • CVE-2024-53912 A #vulnerability in Veritas Enterprise Vault (before 15.2), ZDI-CAN-24341, allows remote attackers to execute arbitrary code via deserialization of untrusted data on a .NET Remoting TCP port. CVSS SCORE: 9.8(CRITICAL)A #vulnerability in Veritas Enterprise Vault (before 15.2), ZDI-CAN-24341, allows remote attackers to execute arbitrary code via deserialization of untrusted data on a .NET Remoting TCP port. CVSS SCORE: 9.8(CRITICAL)

      Started by: saanidhyadwivedi in: Critical Vulnerability and Exploit Exchange

    • 1
    • 1
    • saanidhyadwivedi

    • CVE-2024-53674 An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases. CVSS SCORE: 7.3 (HIGH)An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases. CVSS SCORE: 7.3 (HIGH)

      Started by: saanidhyadwivedi in: Critical Vulnerability and Exploit Exchange

    • 1
    • 1
    • saanidhyadwivedi

    • CVE-2024-11789 The Fuji Electric Monitouch V-SFT V10 contains a stack-based buffer overflow #vulnerability (ZDI-CAN-24448) in the parsing of V10 files, allowing remote code execution. CVSS SCORE: 7.8 (HIGH)The Fuji Electric Monitouch V-SFT V10 contains a stack-based buffer overflow #vulnerability (ZDI-CAN-24448) in the parsing of V10 files, allowing remote code execution. CVSS SCORE: 7.8 (HIGH)

      Started by: saanidhyadwivedi in: Critical Vulnerability and Exploit Exchange

    • 1
    • 1
    • saanidhyadwivedi

    • CVE-2024-9852 The Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64, Mitsubishi Electric GENESIS64, and MC Works64 allows local authenticated attackers to execute malicious code, potentially leading to data loss or DoS. CVSS SCORE: 7.8 (HIGH)The Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64, Mitsubishi Electric GENESIS64, and MC Works64 allows local authenticated attackers to execute malicious code, potentially leading to data loss or DoS. CVSS SCORE: 7.8 (HIGH)

      Started by: saanidhyadwivedi in: Critical Vulnerability and Exploit Exchange

    • 1
    • 1
    • saanidhyadwivedi

    • SecPod Cyber Bulletin 31st Issue SecPod Cyber Bulletin 31st Issue Dell Enterprise SONiC Vulnerabilities Dell Technologies has disclosed three critical security vulnerabilities (CVE-2024-45763, CVE-2024-45764, and CVE-2024-45765) affecting its Enterprise SONiC (Software for Open Networking in the Cloud) operating system. CVSS Scor...SecPod Cyber Bulletin 31st Issue Dell Enterprise SONiC Vulnerabilities Dell Technologies has disclosed three critical security vulnerabilities (CVE-2024-45763, CVE-2024-45764, and CVE-2024-45765) affecting its Enterprise SONiC (Software for Open Networking in the Cloud) operating system. CVSS Scor...

      Started by: saanidhyadwivedi in: Cyber Bulletin

    • 1
    • 1
    • saanidhyadwivedi

    • SecPod Cyber Bulletin 29th Issue Apple VisionOS 2.1 Security Vulnerabilities Apple’s VisionOS 2.1 has been found to contain several critical vulnerabilities (CVE-2024-44255 and CVE-2024-44273) that could allow attackers to exploit the system. CVSS Score: 7.8, 8.4 Chrome Security: Out-of-Bounds WebRTC Vulnerability Google Chrome’...Apple VisionOS 2.1 Security Vulnerabilities Apple’s VisionOS 2.1 has been found to contain several critical vulnerabilities (CVE-2024-44255 and CVE-2024-44273) that could allow attackers to exploit the system. CVSS Score: 7.8, 8.4 Chrome Security: Out-of-Bounds WebRTC Vulnerability Google Chrome’...

      Started by: saanidhyadwivedi in: Cyber Bulletin

    • 1
    • 1
    • saanidhyadwivedi

    • SecPod CyberBulletin 29th Issue Apple VisionOS 2.1 Security Vulnerabilities Apple’s VisionOS 2.1 has been found to contain several critical vulnerabilities (CVE-2024-44255 and CVE-2024-44273) that could allow attackers to exploit the system. CVSS Score: 7.8, 8.4 Chrome Security: Out-of-Bounds WebRTC Vulnerability Google Chrome’...Apple VisionOS 2.1 Security Vulnerabilities Apple’s VisionOS 2.1 has been found to contain several critical vulnerabilities (CVE-2024-44255 and CVE-2024-44273) that could allow attackers to exploit the system. CVSS Score: 7.8, 8.4 Chrome Security: Out-of-Bounds WebRTC Vulnerability Google Chrome’...

      Started by: saanidhyadwivedi in: Security Intelligence

    • 1
    • 1
    • saanidhyadwivedi

Viewing 15 topics - 1 through 15 (of 100 total)