A user with device administrative privileges can change existing SMTP server settings on the device, without having to re-enter SMTP server credentials. By redirecting send-to-email traffic to the new server, the original SMTP server credentials may potentially be...
7.4AI Score
0.0004EPSS
Certain HP LaserJet Pro devices are potentially vulnerable to a Cross-Site Scripting (XSS) attack via the web management interface of the...
6.4AI Score
0.0004EPSS
A user with device administrative privileges can change existing SMTP server settings on the device, without having to re-enter SMTP server credentials. By redirecting send-to-email traffic to the new server, the original SMTP server credentials may potentially be...
7.2AI Score
0.0004EPSS
Certain HP LaserJet Pro devices are potentially vulnerable to a Cross-Site Scripting (XSS) attack via the web management interface of the...
6.2AI Score
0.0004EPSS
Certain HP LaserJet Pro Printers – Potential Information Disclosure
A user with device administrative privileges can change existing SMTP server settings on the device, without having to re-enter SMTP server credentials. By redirecting send-to-email traffic to the new server, the original SMTP server credentials may potentially be exposed. Update your printer...
7.1AI Score
0.0004EPSS
Certain HP LaserJet Pro – Potential Cross-Site Scripting (XSS)
Certain HP LaserJet Pro devices are potentially vulnerable to a Cross-Site Scripting (XSS) attack via the web management interface of the device. Update your printer...
5.9AI Score
0.0004EPSS
kernel security, bug fix, and enhancement update
[4.18.0-553.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with...
8AI Score
0.007EPSS
Fuji Xerox / Fujifilm Printers CSRF Vulnerability (CVE-2024-22475)
Multiple Fuji Xerox / Fujifilm printers are prone to a cross-site request forgery (CSRF) vulnerability in the Web Based...
6.8AI Score
0.0004EPSS
Fuji Xerox / Fujifilm Printers Multiple Vulnerabilities (Mar 2024)
Multiple Fuji Xerox / Fujifilm printers are prone to multiple vulnerabilities in the Web Based...
6.8AI Score
0.0004EPSS
HP Exposes Low-Effort, High-Impact Cat-Phishing Targeting Users
By Waqas New HP report reveals cybercriminals are increasingly leveraging "cat-phishing" techniques, exploiting open redirects in legitimate websites to deceive users and deliver malware. This is a post from HackRead.com Read the original post: HP Exposes Low-Effort, High-Impact Cat-Phishing...
7.2AI Score
A buffer overflow vulnerability was identified in some Lenovo printers that could allow an unauthenticated user to trigger a device restart by sending a specially crafted web...
7.5CVSS
7.3AI Score
0.0005EPSS
A buffer overflow vulnerability was identified in some Lenovo printers that could allow an unauthenticated user to trigger a device restart by sending a specially crafted web...
7.8AI Score
0.0005EPSS
Impact of TunnelVision Vulnerability
The Palo Alto Networks Product Security Assurance team has evaluated the TunnelVision vulnerability as it relates to our products. This issue allows an attacker with the ability to send DHCP messages on the same local area network, such as a rogue Wi-Fi network, to leak traffic outside of the...
6.3AI Score
0.0005EPSS
Unbreakable Enterprise kernel security update
[5.15.0-206.153.7] - mmc: core: Initialize mmc_blk_ioc_data (Mikko Rapeli) - ahci: asm1064: asm1166: don't limit reported ports (Conrad Kostecki) - mmc: core: Fix switch on gp3 partition (Dominique Martinet) - Drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory (Michael....
8.3AI Score
OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.10.0 contain a vulnerability that allows an unauthenticated attacker to completely bypass the authentication if the autologinLocal option is enabled within config.yaml, even if they....
7.1CVSS
7.1AI Score
0.0004EPSS
OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.10.0 contain a vulnerability that allows an unauthenticated attacker to completely bypass the authentication if the autologinLocal option is enabled within config.yaml, even if they....
6.8AI Score
0.0004EPSS
7.1AI Score
0.0004EPSS
OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.10.0 contain a vulnerability that allows an unauthenticated attacker to completely bypass the authentication if the autologinLocal option is enabled within config.yaml, even if they....
7.1AI Score
0.0004EPSS
A flaw was found in Emacs. When Emacs is used as an email client, a preview of a crafted LaTeX document attached to an email can exhaust the disk space or the inodes allocated for the partition where the /tmp directory is located. This issue possibly results in a denial of service. Mitigation Do...
7AI Score
0.0005EPSS
A flaw was found in Emacs. When Emacs is used as an email client, inline MIME attachments are considered to be trusted by default, allowing a crafted LaTeX document to exhaust the disk space or the inodes allocated for the partition where the /tmp directory is located. This issue possibly results.....
6.1AI Score
0.0005EPSS
Intel BIOS Guard and PPAM Firmware May 2024 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® BIOS Guard and Platform Properties Assessment Module (PPAM) firmware, which might allow escalation of privilege. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Intel has released updates...
7.6AI Score
0.0004EPSS
Intel Graphics Command Center Service Software May 2024 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Graphics Command Center Service software (bundled in some Intel® Graphics Windows DCH driver software), which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential...
7.5AI Score
0.0004EPSS
A potential security vulnerability has been identified in certain HP PC products using HP Sure Admin, which might allow escalation of privilege. HP is releasing mitigation for the potential vulnerability. HP has identified affected platforms and corresponding SoftPaqs with minimum versions that...
7.5AI Score
Intel Arc™ & Iris® Xe Graphics Software May 2024 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Arc™ & Iris® Xe Graphics software which may allow escalation of privilege. Intel is releasing updates to mitigate the potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...
7.4AI Score
0.0004EPSS
Intel PROSet/Wireless WiFi and Bluetooth May 2024 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® PROSet/Wireless WiFi and Bluetooth® products, which might allow denial of service. Intel is releasing firmware and software updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the...
7.2AI Score
0.0004EPSS
Intel Ethernet Controller I225 May 2024 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® Ethernet Controller I225 Manageability firmware, which might allow escalation of privilege or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Intel has released updates...
7.5AI Score
0.0004EPSS
Intel Extreme Tuning Utility (XTU) May 2024 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Extreme Tuning Utility (XTU) software, which might allow escalation of privilege. Intel is releasing updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP...
7.4AI Score
0.0004EPSS
Brother Printers Multiple Vulnerabilities (Mar 2024)
Multiple Brother printers are prone to multiple...
6.7AI Score
0.0004EPSS
Intel Thunderbolt Driver May 2024 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Thunderbolt driver software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP...
7.4AI Score
0.0004EPSS
Brother Printers Improper Authentication Vulnerability (Mar 2024)
Multiple Brother printers are prone to an improper authentication ...
6.7AI Score
0.0004EPSS
Fuji Xerox / Fujifilm Printers CSRF Vulnerability (Mar 2024)
Multiple Fuji Xerox / Fujifilm printers are prone to cross-site request forgery (CSRF)...
7.4AI Score
0.0004EPSS
Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server...
7.4AI Score
0.001EPSS
Unbreakable Enterprise kernel security update
[5.4.17-2136.331.7] - Revert 'tracing/trigger: Fix to return error if failed to alloc snapshot' (Siddh Raman Pant) - Revert 'selftests: mm: fix map_hugetlb failure on 64K page size systems' (Harshit Mogalapalli) [Orabug: 36584568] - Revert 'net/mlx5: Enable SW-defined RoCEv2 UDP source port'...
8.3AI Score
Unbreakable Enterprise kernel-container security update
[5.4.17-2136.331.7.el7] - Revert 'tracing/trigger: Fix to return error if failed to alloc snapshot' (Siddh Raman Pant) - Revert 'selftests: mm: fix map_hugetlb failure on 64K page size systems' (Harshit Mogalapalli) [Orabug: 36584568] - Revert 'net/mlx5: Enable SW-defined RoCEv2 UDP source port'...
8.3AI Score
6.8AI Score
0.0004EPSS
Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition
Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their April 2024 Critical Patch Update, plus CVE-2023-38264. For more information please refer to Oracle's April 2024 CPU Advisory and the X-Force database entries...
6.4AI Score
0.001EPSS
Summary There are vulnerabilities in IBM WebSphere Application Server Liberty related packages that are shipped with IBM TXSeries for Multiplatforms. The version of IBM WebSphere Application Server Liberty shipped with IBM TXSeries for Multiplatforms has been updated to address the applicable...
7.1AI Score
0.0004EPSS
Summary There are vulnerabilities in the Administration console shipped with IBM TXSeries for Multiplatforms. IBM TXSeries for Multiplatforms has been updated to address the applicable issues. Vulnerability Details ** CVEID: CVE-2024-22343 DESCRIPTION: **IBM TXSeries for Multiplatforms allows...
7.2AI Score
0.0004EPSS
7.1AI Score
0.0005EPSS
A potential security vulnerability has been identified in the HP Application Enabling Software Driver for certain HP PC products, which might allow escalation of privilege. HP is releasing software updates to mitigate this potential...
7.8AI Score
0.0004EPSS
A potential security vulnerability has been identified in the HP Application Enabling Software Driver for certain HP PC products, which might allow escalation of privilege. HP is releasing software updates to mitigate this potential...
7.1AI Score
0.0004EPSS
Zebra Industrial Printers Insufficiently Protected Credentials (CVE-2019-10960)
Zebra Industrial Printers All Versions, Zebra printers are shipped with unrestricted end-user access to front panel options. If the option to use a passcode to limit the functionality of the front panel is applied, specially crafted packets could be sent over the same network to a port on the...
6.5AI Score
Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d Authentication Bypass (CVE-2023-4957)
A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the...
7.3AI Score
HP Application Enabling Software Driver - Privileged File Overwrite
A potential security vulnerability has been identified in the HP Application Enabling Software Driver for certain HP PC products, which might allow escalation of privilege. HP is releasing software updates to mitigate this potential vulnerability. Mitigation is available in HP Application...
7.5AI Score
0.0004EPSS
Security Bulletin:IBM MQ is vulnerable to a buffer overflow issue (CVE-2024-25048)
Summary An issue was identified with IBM MQ when a client sends a malformed xa_recover request. This can result in a memory overwrite or buffer overflow within the queue manager. Vulnerability Details ** CVEID: CVE-2024-25048 DESCRIPTION: **IBM MQ Appliance 9.3 CD and LTS are vulnerable to a...
8AI Score
0.0004EPSS
Certain HP software packages (SoftPaqs) are potentially vulnerable to arbitrary code execution when the SoftPaq configuration file has been modified after extraction. HP has released updated software packages...
8.2AI Score
0.0004EPSS
Certain HP software packages (SoftPaqs) are potentially vulnerable to arbitrary code execution when the SoftPaq configuration file has been modified after extraction. HP has released updated software packages...
7.4AI Score
0.0004EPSS
[SECURITY] [DLA 3802-1] org-mode security update
Debian LTS Advisory DLA-3802-1 [email protected] https://www.debian.org/lts/security/ Sean Whitton April 30, 2024 https://wiki.debian.org/LTS Package : org-mode Version : 9.1.14+dfsg-3+deb10u2 CVE...
7.1AI Score
0.0004EPSS
(RHSA-2024:2433) Moderate: avahi security update
Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other.....
5.5AI Score
0.0004EPSS
Debian dla-3802 : elpa-org - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3802 advisory. In Emacs before 29.3, Gnus treats inline MIME contents as trusted. (CVE-2024-30203) In Emacs before 29.3, LaTeX preview is enabled by default for e-mail...
6.8AI Score