Customer portal
Articles Tagged with

CVE intelligence

"SOS
CVE Top 10

The SOS Intelligence CVE Chatter Weekly Top Ten – 27 June 2022

 

This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.

There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.

We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.

If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!

 


 

1.  CVE-2018-17144

Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoind or Bitcoin-Qt crash.

https://nvd.nist.gov/vuln/detail/CVE-2018-17144

 


 

2. CVE-2012-2459

Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.6, 0.5.x before 0.5.5, 0.6.0.x before 0.6.0.7, and 0.6.x before 0.6.2 allows remote attackers to cause a denial of service (block-processing outage and incorrect block count) via unknown behavior on a Bitcoin network.

https://nvd.nist.gov/vuln/detail/CVE-2012-2459

 


 

3. CVE-2022-26134

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.

https://nvd.nist.gov/vuln/detail/CVE-2022-26134

 


 

4. CVE-2017-7508

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.

https://nvd.nist.gov/vuln/detail/CVE-2017-7508

 


 

5. CVE-2017-7520

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.

https://nvd.nist.gov/vuln/detail/CVE-2017-7520

 


 

6. CVE-2017-7521

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.

https://nvd.nist.gov/vuln/detail/CVE-2017-7521

 


 

7. CVE-2017-7512

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.

https://nvd.nist.gov/vuln/detail/CVE-2017-7512

 


 

8. CVE-2016-6316

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.

https://nvd.nist.gov/vuln/detail/CVE-2016-6316

 


 

9. CVE-2017-7522

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.

https://nvd.nist.gov/vuln/detail/CVE-2017-7522

 


 

10. CVE-2022-32969

Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Exploitation can result in remote code execution. (As of 2020.1.114, a default setting prevents the exploit. In 2019.3.1023, but not earlier versions, a non-default setting can prevent exploitation.)

https://nvd.nist.gov/vuln/detail/CVE-2022-32969

 


"SOS
CVE Top 10

The SOS Intelligence CVE Chatter Weekly Top Ten – 20 June 2022

 

This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.

There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.

We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.

If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!

 


 

1.  CVE-2018-17144

Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoind or Bitcoin-Qt crash.

https://nvd.nist.gov/vuln/detail/CVE-2018-17144

 


 

2. CVE-2012-2459

Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.6, 0.5.x before 0.5.5, 0.6.0.x before 0.6.0.7, and 0.6.x before 0.6.2 allows remote attackers to cause a denial of service (block-processing outage and incorrect block count) via unknown behavior on a Bitcoin network.

https://nvd.nist.gov/vuln/detail/CVE-2012-2459

 


 

3. CVE-2021-44228

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.

https://nvd.nist.gov/vuln/detail/CVE-2021-44228

 


 

4. CVE-2017-7521

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.

https://nvd.nist.gov/vuln/detail/CVE-2017-7521

 


 

5. CVE-2017-7508

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.

https://nvd.nist.gov/vuln/detail/CVE-2017-7508

 


 

6. CVE-2017-7520

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.

https://nvd.nist.gov/vuln/detail/CVE-2017-7520

 


 

7. CVE-2022-26134

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.

https://nvd.nist.gov/vuln/detail/CVE-2022-26134

 


 

8. CVE-2021-4034

A local privilege escalation vulnerability was found on polkit’s pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn’t handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it’ll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.

https://nvd.nist.gov/vuln/detail/CVE-2021-4034

 


 

9. CVE-2017-7479

The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.

https://nvd.nist.gov/vuln/detail/CVE-2017-7479

 


 

10. CVE-2017-8109

The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.

https://nvd.nist.gov/vuln/detail/CVE-2017-8109

 


"SOS
CVE Top 10, Product news

Announcing The SOS Intelligence CVE Chatter Weekly Top Ten

Keeping track of the number of CVEs can be a daunting task. We’ve got something that is going to help…

We’ve developed a process which gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.

Firstly, what is a CVE?

The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The system was launched for the public in September 1999.

The United States’ National Cybersecurity FFRDC, operated by The Mitre Corporation, maintains the system. They do this with funding from the US National Cyber Security Division of the US Department of Homeland Security.

What is a vulnerability?

A vulnerability is a weakness which can be used to access things one should not be able to gain access to. Obviously this is less than ideal! What would an attacker do? Well, they could run some malicious code or install malware. There could even be the option to copy useful data, or delete it.

What is an exposure?

An exposure is different. It’s a mistake made within the network or system, or code, that gives an intruder access to where they shouldn’t be.

Exposures are often mistakes. For example a GitHub repository which is open or an accessible Amazon S3 folder. These can be found accidentally and never become disclosed. What can happen is that they are found by the kind of people who you really don’t want snooping around.

CVE Identifiers give each one a different name, so people can talk about a specific vulnerability by using their name. At the time of writing, there are over 18800 CVEs listed!

So how are we going to help you keep track of CVEs?

We’ve developed a process which gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.  

This is via our unique intelligence collection pipelines, which include the Dark Web.

Every Monday, you’ll see a blog post appear with the latest CVEs which have been discussed the most over the previous 7 days. This is the first one from the 14th June.

If you use RSS (https://en.wikipedia.org/wiki/RSS), then add http://sosintel.co.uk/feed to your reader and you’ll see these automatically.

We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.

If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!

We are your eyes and ears online, even in the darkest places.

Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from Youtube
Vimeo
Consent to display content from Vimeo
Google Maps
Consent to display content from Google
Spotify
Consent to display content from Spotify
Sound Cloud
Consent to display content from Sound