Lucene search

K

3com – Asesor De Cookies Para Normativa Española Security Vulnerabilities

oraclelinux
oraclelinux

Unbreakable Enterprise kernel security update

[4.14.35-2047.536.5] - mmc: core: Fix switch on gp3 partition (Dominique Martinet) - Revert 'Revert 'md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d'' (Song Liu) - mm/memory-failure: fix an incorrect use of tail pages (Liu Shixin) - Revert 'x86/mm/ident_map: Use gbpages only where full GB page...

7.8CVSS

7.6AI Score

0.011EPSS

2024-05-13 12:00 AM
6
oraclelinux
oraclelinux

Unbreakable Enterprise kernel-container security update

[5.4.17-2136.331.7.el7] - Revert 'tracing/trigger: Fix to return error if failed to alloc snapshot' (Siddh Raman Pant) - Revert 'selftests: mm: fix map_hugetlb failure on 64K page size systems' (Harshit Mogalapalli) [Orabug: 36584568] - Revert 'net/mlx5: Enable SW-defined RoCEv2 UDP source port'...

8.3AI Score

EPSS

2024-05-13 12:00 AM
8
zdi
zdi

Delta Electronics CNCSoft-B DOPSoft Uncontrolled Search Path Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-B. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS

7.2AI Score

0.001EPSS

2024-05-13 12:00 AM
2
zdt
zdt

Openmediavault Remote Code Execution / Local Privilege Escalation Exploit

Openmediavault versions prior to 7.0.32 have a vulnerability that occurs when users in the web-admin group enter commands on the crontab by selecting the root shell. As a result of exploiting the vulnerability, authenticated web-admin users can run commands with root privileges and receive reverse....

7.4AI Score

2024-05-13 12:00 AM
19
nessus
nessus

RHEL 5 : mozilla (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Mozilla: Sandbox escape with improperly separated process types (CVE-2020-12389) Mozilla: Memory safety...

10AI Score

0.924EPSS

2024-05-11 12:00 AM
3
nessus
nessus

RHEL 5 : python (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python: Heap overflow in zipimporter module (CVE-2016-5636) python: Stack-based buffer overflow in...

9.4AI Score

0.038EPSS

2024-05-11 12:00 AM
4
nessus
nessus

RHEL 7 : php (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: buffer overflow in handling of long link names in tar phar archives (CVE-2016-2554) php: Use of...

10AI Score

EPSS

2024-05-11 12:00 AM
3
nessus
nessus

RHEL 6 : python (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python: Heap overflow in zipimporter module (CVE-2016-5636) python: XML External Entity in XML...

9.5AI Score

0.038EPSS

2024-05-11 12:00 AM
4
nessus
nessus

RHEL 6 : php (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: buffer overflow in handling of long link names in tar phar archives (CVE-2016-2554) php:...

10AI Score

EPSS

2024-05-11 12:00 AM
8
nessus
nessus

RHEL 7 : libtiff (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libtiff: Heap-based buffer over-read in bmp2tiff (CVE-2017-9117) Heap-based buffer overflow in the...

10AI Score

0.126EPSS

2024-05-11 12:00 AM
5
nessus
nessus

RHEL 6 : tomcat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. tomcat: request mixup (CVE-2022-25762) When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80...

8.5AI Score

0.922EPSS

2024-05-11 12:00 AM
6
nessus
nessus

RHEL 5 : php (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: buffer overflow in handling of long link names in tar phar archives (CVE-2016-2554) php:...

10AI Score

0.969EPSS

2024-05-11 12:00 AM
nessus
nessus

RHEL 6 : mozilla (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Mozilla: Stack overflow due to incorrect parsing of SMTP server response codes (CVE-2020-26970) Mozilla:...

9.7AI Score

0.38EPSS

2024-05-11 12:00 AM
1
nessus
nessus

RHEL 6 : firefox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. firefox: Possible integer overflow to fix inside XML_Parse in Expat (CVE-2016-9063) firefox: arbitrary...

8AI Score

0.012EPSS

2024-05-11 12:00 AM
5
nessus
nessus

RHEL 6 : kernel (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: Buffer overflow due to unbounded strcpy in ISDN I4L driver (CVE-2017-12762) kernel: lack of port...

8.7AI Score

EPSS

2024-05-11 12:00 AM
43
nessus
nessus

RHEL 8 : firefox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. firefox: mixed content warning is not displayed when HTTPS page loads a favicon over HTTP...

7.4AI Score

0.012EPSS

2024-05-11 12:00 AM
1
nessus
nessus

RHEL 7 : firefox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. firefox: Possible integer overflow to fix inside XML_Parse in Expat (CVE-2016-9063) firefox: arbitrary...

8AI Score

0.012EPSS

2024-05-11 12:00 AM
2
rocky
rocky

libreoffice security update

An update is available for libreoffice. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibreOffice is an open source, community-developed office productivity...

8.8CVSS

7.2AI Score

0.001EPSS

2024-05-10 02:32 PM
6
rocky
rocky

golang security update

An update is available for golang. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The golang packages provide the Go programming language compiler. Security...

7.5CVSS

7.3AI Score

0.0005EPSS

2024-05-10 02:32 PM
10
osv
osv

Important: git-lfs security update

Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS...

7.6AI Score

0.0004EPSS

2024-05-10 02:32 PM
8
openbugbounty
openbugbounty

watchband24.de Cross Site Scripting vulnerability OBB-3927281

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-05-10 01:02 PM
7
githubexploit
githubexploit

Exploit for Improper Preservation of Permissions in Mobyproject Moby

CVE-2021-41091 Un bug en Moby (Docker Engine) permite a...

6.3CVSS

7.1AI Score

0.0005EPSS

2024-05-10 04:42 AM
136
zdt
zdt

Openmediavault Remote Code Execution / Local Privilege Escalation Exploit

Openmediavault versions prior to 7.0.32 have a vulnerability that occurs when users in the web-admin group enter commands on the crontab by selecting the root shell. As a result of exploiting the vulnerability, authenticated web-admin users can run commands with root privileges and receive reverse....

7.4AI Score

2024-05-10 12:00 AM
44
rocky
rocky

glibc security update

An update is available for glibc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries (libc), POSIX thread...

9.8AI Score

0.0005EPSS

2024-05-09 06:50 PM
36
wordfence
wordfence

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 29, 2024 to May 5, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 164 vulnerabilities disclosed in 145...

9.8CVSS

9.7AI Score

EPSS

2024-05-09 04:49 PM
13
redhat
redhat

(RHSA-2024:2799) Important: glibc security update

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security...

8.8AI Score

0.0005EPSS

2024-05-09 02:11 PM
9
ibm
ibm

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components (e.g., framework libraries) that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details ** CVEID: CVE-2019-13224 DESCRIPTION: **oniguruma is vulnerable to a denial of service,...

10CVSS

10AI Score

0.05EPSS

2024-05-09 12:31 PM
12
securelist
securelist

APT trends report Q1 2024

For more than six years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research. They provide a representative snapshot of what we have published.....

7.7AI Score

2024-05-09 10:00 AM
20
nessus
nessus

AlmaLinux 8 : glibc (ALSA-2024:2722)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:2722 advisory. The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the...

7.7AI Score

0.0005EPSS

2024-05-09 12:00 AM
10
nessus
nessus

Oracle Linux 8 : glibc (ELSA-2024-2722)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2722 advisory. The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to...

7.4AI Score

0.0005EPSS

2024-05-09 12:00 AM
9
nessus
nessus

Rocky Linux 8 : glibc (RLSA-2024:2722)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:2722 advisory. The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the...

7.6AI Score

0.0005EPSS

2024-05-09 12:00 AM
11
packetstorm

7.4AI Score

2024-05-09 12:00 AM
143
securelist
securelist

State of ransomware in 2024

Ransomware attacks continue to be one of the biggest contemporary cybersecurity threats, affecting organizations and individuals alike on a global scale. From high-profile breaches in healthcare and industrial sectors – compromising huge volumes of sensitive data or halting production entirely –...

8.5AI Score

2024-05-08 10:00 AM
8
githubexploit
githubexploit

Exploit for Code Injection in Vmware Spring Cloud Function

CVE-2022-22963 En las versiones 3.1.6, 3.2.2 y versiones...

9.8CVSS

9.8AI Score

0.975EPSS

2024-05-08 04:25 AM
171
oraclelinux
oraclelinux

glibc security update

[2.28-236.0.1.13] - Forward port of Oracle patches. Reviewed-by: Jose E....

6.3AI Score

0.0005EPSS

2024-05-08 12:00 AM
9
openvas
openvas

Ubuntu: Security Advisory (USN-6766-1)

The remote host is missing an update for...

7.8CVSS

8.1AI Score

EPSS

2024-05-08 12:00 AM
16
openvas
openvas

Ubuntu: Security Advisory (USN-6765-1)

The remote host is missing an update for...

7.8CVSS

8.1AI Score

EPSS

2024-05-08 12:00 AM
5
ibm
ibm

Security Bulletin: IBM Planning Analytics Local - Planning Analytics Workspace is affected by vulnerabilities in multiple Open Source Software (OSS) components

Summary There are vulnerabilities in multiple Open Source Software (OSS) components consumed by IBM Planning Analytics Local - Planning Analytics Workspace. These issues have been addressed in IBM Planning Analytics Local - Planning Analytics Workspace 2.1.2 and IBM Planning Analytics Local -...

9.8CVSS

10AI Score

EPSS

2024-05-07 07:21 PM
15
ibm
ibm

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability Details...

9.8CVSS

9.9AI Score

0.073EPSS

2024-05-07 05:07 PM
8
Total number of security vulnerabilities51354