Lucene search

K

Alaris GS, Alaris GH, Alaris CC, And Alaris TIVA Security Vulnerabilities

osv
osv

Low: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

6.9AI Score

0.0004EPSS

2024-06-14 01:59 PM
rocky
rocky

iotop bug fix and enhancement update

An update is available for iotop. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.10.....

6.8AI Score

2024-06-14 01:59 PM
rocky
rocky

mdadm bug fix and enhancement update

An update is available for mdadm. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.10.....

6.8AI Score

2024-06-14 01:59 PM
rocky
rocky

gdk-pixbuf2 security update

An update is available for gdk-pixbuf2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gdk-pixbuf2 packages provide an image loading library that can be...

7.8CVSS

7.1AI Score

0.001EPSS

2024-06-14 01:59 PM
rocky
rocky

freeipmi bug fix and enhancement update

An update is available for freeipmi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...

6.8AI Score

2024-06-14 01:59 PM
rocky
rocky

glibc security update

An update is available for glibc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries (libc), POSIX thread...

7.5AI Score

0.0004EPSS

2024-06-14 01:59 PM
osv
osv

Moderate: cockpit security update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fix(es): cockpit: command injection when deleting a sosreport with a...

7.3CVSS

7.2AI Score

0.0004EPSS

2024-06-14 01:59 PM
rocky
rocky

fuse bug fix and enhancement update

An update is available for fuse. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.10...

6.8AI Score

2024-06-14 01:59 PM
rocky
rocky

dnf-plugins-core bug fix and enhancement update

An update is available for dnf-plugins-core. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky.....

6.8AI Score

2024-06-14 01:59 PM
rocky
rocky

rdma-core bug fix and enhancement update

An update is available for rdma-core. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...

6.8AI Score

2024-06-14 01:59 PM
rocky
rocky

numactl bug fix and enhancement update

An update is available for numactl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...

6.8AI Score

2024-06-14 01:59 PM
rocky
rocky

bind and dhcp security update

An update is available for dhcp, bind. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Berkeley Internet Name Domain (BIND) is an implementation of the...

7.5CVSS

7.8AI Score

0.05EPSS

2024-06-14 01:59 PM
1
rocky
rocky

sssd security update

An update is available for sssd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The System Security Services Daemon (SSSD) service provides a set of daemons to....

7.1CVSS

7.2AI Score

0.0004EPSS

2024-06-14 01:59 PM
rocky
rocky

gcc bug fix update

An update is available for gcc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and...

7.3AI Score

2024-06-14 01:59 PM
rocky
rocky

libsoup bug fix and enhancement update

An update is available for libsoup. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.1....

6.8AI Score

2024-06-14 01:59 PM
rocky
rocky

libssh security update

An update is available for libssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...

5.3CVSS

7.2AI Score

0.001EPSS

2024-06-14 01:59 PM
rocky
rocky

acl bug fix and enhancement update

An update is available for acl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.1...

6.8AI Score

2024-06-14 01:59 PM
rocky
rocky

intel-cmt-cat bug fix and enhancement update

An update is available for intel-cmt-cat. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

6.8AI Score

2024-06-14 01:59 PM
rocky
rocky

tuned bug fix and enhancement update

An update is available for tuned. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.10.....

6.8AI Score

2024-06-14 01:59 PM
osv
osv

Moderate: squashfs-tools security update

SquashFS is a highly compressed read-only file system for Linux. These packages contain the utilities for manipulating squashfs file systems. Security Fix(es): squashfs-tools: unvalidated filepaths allow writing outside of destination (CVE-2021-40153) squashfs-tools: possible Directory...

8.1CVSS

6.7AI Score

0.009EPSS

2024-06-14 01:59 PM
rocky
rocky

kexec-tools bug fix and enhancement update

An update is available for kexec-tools. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux....

6.8AI Score

2024-06-14 01:59 PM
osv
osv

Moderate: sssd security update

The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end...

7.1CVSS

7.1AI Score

0.0004EPSS

2024-06-14 01:59 PM
osv
osv

Moderate: kernel update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) kernel: Information disclosure in vhost/vhost.c:vhost_new_msg() (CVE-2024-0340) kernel:...

7.8CVSS

7.7AI Score

0.001EPSS

2024-06-14 01:59 PM
rocky
rocky

c-ares bug fix and enhancement update

An update is available for c-ares. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.10....

6.8AI Score

2024-06-14 01:59 PM
rocky
rocky

realmd bug fix and enhancement update

An update is available for realmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.10....

6.8AI Score

2024-06-14 01:59 PM
rocky
rocky

grub2 security update

An update is available for grub2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB),.....

7.8CVSS

7AI Score

0.001EPSS

2024-06-14 01:59 PM
rocky
rocky

krb5 security update

An update is available for krb5. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kerberos is a network authentication system, which can improve the security of.....

7AI Score

0.0004EPSS

2024-06-14 01:59 PM
rocky
rocky

perl-HTTP-Tiny bug fix and enhancement update

An update is available for perl-HTTP-Tiny. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

6.8AI Score

2024-06-14 01:59 PM
rocky
rocky

alsa-sof-firmware bug fix and enhancement update

An update is available for alsa-sof-firmware. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky....

6.8AI Score

2024-06-14 01:59 PM
rocky
rocky

traceroute security update

An update is available for traceroute. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The traceroute utility displays the route used by IP packets on their way....

5.5CVSS

6.6AI Score

0.0004EPSS

2024-06-14 01:59 PM
1
cvelist
cvelist

CVE-2024-5731

A vulnerability in the IPS Manager, Central Manager, and Local Manager communication workflow allows an attacker to control the destination of a request by manipulating the parameter, thereby leveraging sensitive...

6.8CVSS

0.0004EPSS

2024-06-14 01:57 PM
2
vulnrichment
vulnrichment

CVE-2024-5731

A vulnerability in the IPS Manager, Central Manager, and Local Manager communication workflow allows an attacker to control the destination of a request by manipulating the parameter, thereby leveraging sensitive...

6.8CVSS

6.5AI Score

0.0004EPSS

2024-06-14 01:57 PM
cvelist
cvelist

CVE-2024-5671

Insecure Deserialization in some workflows of the IPS Manager allows unauthenticated remote attackers to perform arbitrary code execution and access to the vulnerable Trellix IPS...

9.8CVSS

0.0004EPSS

2024-06-14 01:52 PM
4
vulnrichment
vulnrichment

CVE-2024-5671

Insecure Deserialization in some workflows of the IPS Manager allows unauthenticated remote attackers to perform arbitrary code execution and access to the vulnerable Trellix IPS...

9.8CVSS

8.2AI Score

0.0004EPSS

2024-06-14 01:52 PM
3
redhatcve
redhatcve

CVE-2024-26594

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate mech token in session setup If client send invalid mech token in session setup request, ksmbd validate and make the error if it is...

7.1CVSS

6.8AI Score

0.0004EPSS

2024-06-14 01:43 PM
redhatcve
redhatcve

CVE-2024-26592

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix UAF issue in ksmbd_tcp_new_connection() The race is between the handling of a new TCP connection and its disconnection. It leads to UAF on struct tcp_transport in ksmbd_tcp_new_connection()...

7.8CVSS

6.7AI Score

0.0004EPSS

2024-06-14 01:43 PM
thn
thn

Learn to Secure Petabyte-Scale Data in a Webinar with Industry Titans

Data is growing faster than ever. Remember when petabytes (that's 1,000,000 gigabytes!) were only for tech giants? Well, that's so last decade! Today, businesses of all sizes are swimming in petabytes. But this isn't just about storage anymore. This data is ALIVE—it's constantly accessed,...

7.1AI Score

2024-06-14 01:21 PM
10
thn
thn

Google's Privacy Sandbox Accused of User Tracking by Austrian Non-Profit

Google's plans to deprecate third-party tracking cookies in its Chrome web browser with Privacy Sandbox has run into fresh trouble after Austrian privacy non-profit noyb (none of your business) said the feature can still be used to track users. "While the so-called 'Privacy Sandbox' is advertised.....

6.8AI Score

2024-06-14 01:21 PM
4
cve
cve

CVE-2024-2024

The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_folders_file_upload' function in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with author access and above, to upload...

8.8CVSS

8.9AI Score

0.001EPSS

2024-06-14 01:15 PM
9
nvd
nvd

CVE-2024-2024

The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_folders_file_upload' function in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with author access and above, to upload...

8.8CVSS

0.001EPSS

2024-06-14 01:15 PM
3
nvd
nvd

CVE-2024-2023

The Folders and Folders Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.0 in Folders and 3.0.2 in Folders Pro via the 'handle_folders_file_upload' function. This makes it possible for authenticated attackers, with author access and above, to...

4.3CVSS

0.001EPSS

2024-06-14 01:15 PM
4
cve
cve

CVE-2024-2023

The Folders and Folders Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.0 in Folders and 3.0.2 in Folders Pro via the 'handle_folders_file_upload' function. This makes it possible for authenticated attackers, with author access and above, to...

4.3CVSS

4.5AI Score

0.001EPSS

2024-06-14 01:15 PM
7
vulnrichment
vulnrichment

CVE-2024-2024 Folders Pro <= 3.0.2 - Authenticated(Author+) Arbitrary File Upload via handle_folders_file_upload

The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_folders_file_upload' function in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with author access and above, to upload...

8.8CVSS

7.7AI Score

0.001EPSS

2024-06-14 12:51 PM
cvelist
cvelist

CVE-2024-2024 Folders Pro <= 3.0.2 - Authenticated(Author+) Arbitrary File Upload via handle_folders_file_upload

The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_folders_file_upload' function in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with author access and above, to upload...

8.8CVSS

0.001EPSS

2024-06-14 12:51 PM
1
vulnrichment
vulnrichment

CVE-2024-2023 Folders <= 3.0 and Folders Pro <= 3.0.2 - Directory Traversal via handle_folders_file_upload

The Folders and Folders Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.0 in Folders and 3.0.2 in Folders Pro via the 'handle_folders_file_upload' function. This makes it possible for authenticated attackers, with author access and above, to...

4.3CVSS

7AI Score

0.001EPSS

2024-06-14 12:50 PM
cvelist
cvelist

CVE-2024-2023 Folders <= 3.0 and Folders Pro <= 3.0.2 - Directory Traversal via handle_folders_file_upload

The Folders and Folders Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.0 in Folders and 3.0.2 in Folders Pro via the 'handle_folders_file_upload' function. This makes it possible for authenticated attackers, with author access and above, to...

4.3CVSS

0.001EPSS

2024-06-14 12:50 PM
2
openbugbounty
openbugbounty

twojadieta.iq.pl Cross Site Scripting vulnerability OBB-3935258

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-14 12:24 PM
4
cve
cve

CVE-2024-36459

A CRLF cross-site scripting vulnerability has been identified in certain configurations of the SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server. As a result, an attacker can execute arbitrary Javascript code in a client...

7AI Score

0.0004EPSS

2024-06-14 12:15 PM
9
nvd
nvd

CVE-2024-36459

A CRLF cross-site scripting vulnerability has been identified in certain configurations of the SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server. As a result, an attacker can execute arbitrary Javascript code in a client...

0.0004EPSS

2024-06-14 12:15 PM
1
openbugbounty
openbugbounty

viciochat.org Cross Site Scripting vulnerability OBB-3935254

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-14 12:14 PM
3
Total number of security vulnerabilities2647848