CVE-2024-7102

Barracuda Zero-Day Used to Target Government, Tech Organizations in US, APJ - The recently disclosed vulnerability affecting Barracuda Email Security Gateway appliances has been exploited as a zero-day to target government, high-tech and IT organizations, according to Mandiant. The ESG vulnerability, tracked as CVE-2023-7102, ...
1 year ago Securityweek.com CVE-2023-7102 CVE-2023-2868

AWS LetsEncrypt Lambda: Custom TLS Provider - DZone - Trying to renew ... INFO[0000] Checking certificate for domain 'hackernoon.referrs.me' with arn 'arn:aws:acm:us-east-2:004867756392:certificate/72f872fd-e577-43f4-ae38-6833962630af' INFO[0000] Certificate status is 'ISSUED' INFO[0000] Certificate in ...
5 months ago Feeds.dzone.com

Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
11 months ago Cisa.gov

Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
11 months ago Cisa.gov

CVE-2024-7102 - An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0 which allows an attacker to trigger a pipeline as another user under certain circumstances. ...
3 weeks ago Tenable.com

CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
8 months ago Tenable.com

CVE-2015-7048 - WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than ...
6 years ago

CVE-2015-7100 - WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than ...
6 years ago

CVE-2015-7097 - WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than ...
6 years ago

CVE-2015-7095 - WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than ...
6 years ago

CVE-2015-7099 - WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than ...
6 years ago

CVE-2015-7101 - WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than ...
6 years ago

CVE-2015-7096 - WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than ...
6 years ago

CVE-2015-7098 - WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than ...
6 years ago

CVE-2015-7102 - WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than ...
6 years ago

CVE-2015-7103 - WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than ...
6 years ago

Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day - China-linked hackers continue to target Barracuda Email Security Gateway appliances, with recent attacks involving exploitation of a new zero-day vulnerability. It came to light in May 2023 that a Barracuda ESG zero-day tracked as CVE-2023-2868 had ...
1 year ago Securityweek.com CVE-2023-2868 CVE-2023-7102 CVE-2023-7101

Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day - China-linked hackers continue to target Barracuda Email Security Gateway appliances, with recent attacks involving exploitation of a new zero-day vulnerability. It came to light in May 2023 that a Barracuda ESG zero-day tracked as CVE-2023-2868 had ...
1 year ago Packetstormsecurity.com CVE-2023-2868 CVE-2023-7102 CVE-2023-7101

Barracuda fixes new ESG zero-day exploited by Chinese hackers - Network and email security firm Barracuda says it remotely patched all active Email Security Gateway appliances on December 21 against a zero-day bug exploited by UNC4841 Chinese hackers. The company deployed a second wave of security updates a day ...
1 year ago Bleepingcomputer.com CVE-2023-7102 CVE-2023-7101

CVE-2013-7102 - Multiple unrestricted file upload vulnerabilities in (1) media-upload.php, (2) media-upload-lncthumb.php, and (3) media-upload-sq_button.php in lib/admin/ in the OptimizePress theme before 1.61 for WordPress allow remote attackers to execute ...
11 years ago

CVE-2014-7102 - The Car Insurance Quote Comparison (aka com.seopa.quotezone) application 2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted ...
10 years ago

CVE-2008-7102 - DotNetNuke 2.0 through 4.8.4 allows remote attackers to load .ascx files instead of skin files, and possibly access privileged functionality, via unknown vectors related to parameter validation. ...
7 years ago

CVE-2006-7102 - Multiple PHP remote file inclusion vulnerabilities in phpBurningPortal quiz-modul 1.0.1, and possibly earlier, allow remote attackers to execute arbitrary PHP code via a URL in the lang_path parameter to (1) quest_delete.php, (2) quest_edit.php, or ...
7 years ago

CVE-2018-7102 - A security vulnerability in HPE Intelligent Management Center (iMC) PLAT E0506P09, createFabricAutoCfgFile could be remotely exploited via directory traversal to allow remote arbitrary file modification. ...
6 years ago

CVE-2017-7102 - An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the ...
6 years ago