Lucene search

K

Armoury Crate & Aura Creator Installer (ROG Live Service) Security Vulnerabilities

vulnrichment
vulnrichment

CVE-2022-40225

A vulnerability has been identified in SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). Casting an internal value could lead to floating point exception under certain circumstances. This could allow an attacker to cau...

6.5CVSS

6.8AI Score

0.0004EPSS

2024-06-11 02:19 PM
cve
cve

CVE-2022-40225

A vulnerability has been identified in SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). Casting an internal value could lead to floating point exception under certain circumstances. This could allow an attacker to cau...

6.5CVSS

6.2AI Score

0.0004EPSS

2024-06-11 02:19 PM
37
4
cvelist
cvelist

CVE-2024-37294 Aimeos denial of service vulnerability in SaaS and marketplace setups

Aimeos is an Open Source e-commerce framework for online shops. All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack. Users should upgrade to versions 2022.10.17, 2023.10.17, or 2024.04 of the aimeos/aimeos-core package to...

5.5CVSS

0.0004EPSS

2024-06-11 02:16 PM
1
vulnrichment
vulnrichment

CVE-2024-37294 Aimeos denial of service vulnerability in SaaS and marketplace setups

Aimeos is an Open Source e-commerce framework for online shops. All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack. Users should upgrade to versions 2022.10.17, 2023.10.17, or 2024.04 of the aimeos/aimeos-core package to...

5.5CVSS

6.8AI Score

0.0004EPSS

2024-06-11 02:16 PM
nvd
nvd

CVE-2024-2011

A heap-based buffer overflow vulnerability exists in the FOXMAN-UN/UNEM that if exploited will generally lead to a denial of service but can be used to execute arbitrary code, which is usually outside the scope of a program's implicit security...

8.6CVSS

0.0004EPSS

2024-06-11 02:15 PM
3
cve
cve

CVE-2024-2011

A heap-based buffer overflow vulnerability exists in the FOXMAN-UN/UNEM that if exploited will generally lead to a denial of service but can be used to execute arbitrary code, which is usually outside the scope of a program's implicit security...

8.6CVSS

8.8AI Score

0.0004EPSS

2024-06-11 02:15 PM
19
cvelist
cvelist

CVE-2024-2011

A heap-based buffer overflow vulnerability exists in the FOXMAN-UN/UNEM that if exploited will generally lead to a denial of service but can be used to execute arbitrary code, which is usually outside the scope of a program's implicit security...

8.6CVSS

0.0004EPSS

2024-06-11 01:24 PM
2
nvd
nvd

CVE-2024-35292

A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) (All...

8.2CVSS

0.0004EPSS

2024-06-11 12:15 PM
cve
cve

CVE-2024-35292

A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) (All...

8.2CVSS

6.9AI Score

0.0004EPSS

2024-06-11 12:15 PM
21
cve
cve

CVE-2023-50763

A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-...

4.9CVSS

6.8AI Score

0.0004EPSS

2024-06-11 12:15 PM
18
nvd
nvd

CVE-2023-50763

A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-...

4.9CVSS

0.0004EPSS

2024-06-11 12:15 PM
2
ics
ics

Schneider Electric APC Easy UPS Online Monitoring Software (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/Low attack complexity/Public exploits available Vendor: Schneider Electric Equipment: APC Easy UPS Online Monitoring Software Vulnerability: OS Command Injection, Missing Authentication for Critical Function 2. RISK...

9.8CVSS

10AI Score

0.003EPSS

2024-06-11 12:00 PM
14
malwarebytes
malwarebytes

23andMe data breach under joint investigation in two countries

The British and Canadian privacy authorities have announced they will undertake a joint investigation into the data breach at global genetic testing company 23andMe that was discovered in October 2023. On Friday October 6, 2023, 23andMe confirmed via a somewhat opaque blog post that cybercriminals....

6.8AI Score

2024-06-11 11:38 AM
1
vulnrichment
vulnrichment

CVE-2024-35292

A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) (All...

8.2CVSS

6.9AI Score

0.0004EPSS

2024-06-11 11:15 AM
1
cvelist
cvelist

CVE-2024-35292

A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All versions), SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) (All versions), SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) (All...

8.2CVSS

0.0004EPSS

2024-06-11 11:15 AM
2
vulnrichment
vulnrichment

CVE-2023-50763

A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-...

4.9CVSS

6.8AI Score

0.0004EPSS

2024-06-11 11:15 AM
1
cvelist
cvelist

CVE-2023-50763

A vulnerability has been identified in SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-...

4.9CVSS

0.0004EPSS

2024-06-11 11:15 AM
3
thn
thn

Top 10 Critical Pentest Findings 2024: What You Need to Know

One of the most effective ways for information technology (IT) professionals to uncover a company's weaknesses before the bad guys do is penetration testing. By simulating real-world cyberattacks, penetration testing, sometimes called pentests, provides invaluable insights into an organization's...

9.8CVSS

8.9AI Score

0.975EPSS

2024-06-11 11:00 AM
malwarebytes
malwarebytes

When things go wrong: A digital sharing warning for couples

“When things go wrong” is a troubling prospect for most couples to face, but the internet—and the way that romantic partners engage both with and across it—could require that this worst-case scenario become more of a best practice. In new research that Malwarebytes will release this month,...

6.9AI Score

2024-06-11 10:55 AM
3
nuclei
nuclei

SecurEnvoy Two Factor Authentication - LDAP Injection

Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. An unauthenticated remote attacker could exfiltrate data from Active Directory through blind LDAP injection attacks against the DESKTOP service exposed on the...

7.5CVSS

7.6AI Score

0.013EPSS

2024-06-11 10:28 AM
2
ibm
ibm

Security Bulletin: Spring vulnerability in embedded components may affect IBM Business Automation Workflow - CVE-2024-22243

Summary IBM Business Automation Workflow is vulnerable to a open redirect attack. Vulnerability Details ** CVEID: CVE-2024-22243 DESCRIPTION: **VMware Tanzu Spring Framework could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability when using...

8.1CVSS

6.5AI Score

0.0004EPSS

2024-06-11 09:50 AM
veracode
veracode

Denial Of Service (DoS)

langchain is vulnerable to a Denial-of-Service (DoS). The vulnerability is due to infinite recursion in the parse_sitemap method, which results in an infinite loop that exceeds the maximum recursion depth in...

4.2CVSS

6.7AI Score

0.0004EPSS

2024-06-11 08:54 AM
1
securelist
securelist

QR code SQL injection and other vulnerabilities in a popular biometric terminal

Biometric scanners offer a unique way to resolve the conflict between security and usability. They help to identify a person by their unique biological characteristics – a fairly reliable process that does not require the user to exert any extra effort. Yet, biometric scanners, as any other tech,.....

10CVSS

9AI Score

0.0004EPSS

2024-06-11 08:00 AM
6
mscve

7.3CVSS

7.1AI Score

0.0004EPSS

2024-06-11 07:00 AM
1
mscve

7.8CVSS

7.1AI Score

0.0004EPSS

2024-06-11 07:00 AM
3
mscve

7.8CVSS

7.1AI Score

0.001EPSS

2024-06-11 07:00 AM
5
mscve

8.8CVSS

7.1AI Score

0.001EPSS

2024-06-11 07:00 AM
127
mscve

7.5CVSS

7.1AI Score

0.0005EPSS

2024-06-11 07:00 AM
1
mscve

7.8CVSS

7.1AI Score

0.001EPSS

2024-06-11 07:00 AM
1
mscve

7.8CVSS

7.1AI Score

0.0004EPSS

2024-06-11 07:00 AM
2
mscve

7CVSS

7.1AI Score

0.0004EPSS

2024-06-11 07:00 AM
3
mscve

7.8CVSS

7.1AI Score

0.0004EPSS

2024-06-11 07:00 AM
1
mscve

7CVSS

7.1AI Score

0.0004EPSS

2024-06-11 07:00 AM
mscve

7.5CVSS

7.1AI Score

0.0005EPSS

2024-06-11 07:00 AM
2
mscve

8CVSS

7.1AI Score

0.001EPSS

2024-06-11 07:00 AM
3
mscve

9.8CVSS

7.1AI Score

0.003EPSS

2024-06-11 07:00 AM
4
mscve

7CVSS

7.1AI Score

0.0004EPSS

2024-06-11 07:00 AM
3
mscve

7.8CVSS

7.1AI Score

0.0004EPSS

2024-06-11 07:00 AM
mscve

5.5CVSS

7.1AI Score

0.0004EPSS

2024-06-11 07:00 AM
mscve

7.8CVSS

7.1AI Score

0.0004EPSS

2024-06-11 07:00 AM
1
mscve

6.8CVSS

7.1AI Score

0.0005EPSS

2024-06-11 07:00 AM
1
mscve

7.5CVSS

7.1AI Score

0.0005EPSS

2024-06-11 07:00 AM
2
mscve

6.7CVSS

7.1AI Score

0.0004EPSS

2024-06-11 07:00 AM
1
thn
thn

Snowflake Breach Exposes 165 Customers' Data in Ongoing Extortion Campaign

As many as 165 customers of Snowflake are said to have had their information potentially exposed as part of an ongoing campaign designed to facilitate data theft and extortion, indicating the operation has broader implications than previously thought. Google-owned Mandiant, which is assisting the.....

8AI Score

2024-06-11 06:52 AM
nvd
nvd

CVE-2024-31399

Excessive platform resource consumption within a loop issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, processing a crafted mail may cause a denial-of-service (DoS)...

0.0004EPSS

2024-06-11 06:15 AM
1
cve
cve

CVE-2024-31397

Improper handling of extra values issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product with the administrative privilege may be able to cause a denial-of-service (DoS)...

6.8AI Score

0.0004EPSS

2024-06-11 06:15 AM
20
nvd
nvd

CVE-2024-31397

Improper handling of extra values issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product with the administrative privilege may be able to cause a denial-of-service (DoS)...

0.0004EPSS

2024-06-11 06:15 AM
1
Total number of security vulnerabilities481402