Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated local attacker to execute code in the context of the...
7.2CVSS
6.9AI Score
0.0004EPSS
Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated local attacker to execute code in the context of the...
7.2CVSS
6.9AI Score
0.0004EPSS
CVE-2021-22280 DLL Hijacking Vulnerability in Automation Studio
Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated local attacker to execute code in the context of the...
7.2CVSS
7AI Score
0.0004EPSS
5 key MDR differentiators to look for to build stronger security resilience
Organizations looking to address the skills gap and bring greater efficiency as their business grows and their attack surface sprawls are turning to MDR providers at an accelerated pace. We’ve seen predictions from top analyst firms signaling the rapid rate of adoption of an MDR provider by 2025......
7.2AI Score
An Uncontrolled Search Path Element vulnerability in B&R Industrial Automation Scene Viewer, B&R Industrial Automation Automation Runtime, B&R Industrial Automation mapp Vision, B&R Industrial Automation mapp View, B&R Industrial Automation mapp Cockpit, B&R Industrial Automation mapp Safety, B&R.....
7.2CVSS
6.9AI Score
0.0004EPSS
CVE-2024-2637 Insecure Loading of Code in B&R Products
An Uncontrolled Search Path Element vulnerability in B&R Industrial Automation Scene Viewer, B&R Industrial Automation Automation Runtime, B&R Industrial Automation mapp Vision, B&R Industrial Automation mapp View, B&R Industrial Automation mapp Cockpit, B&R Industrial Automation mapp Safety, B&R.....
7.2CVSS
7.2AI Score
0.0004EPSS
CVE-2024-2637 Insecure Loading of Code in B&R Products
An Uncontrolled Search Path Element vulnerability in B&R Industrial Automation Scene Viewer, B&R Industrial Automation Automation Runtime, B&R Industrial Automation mapp Vision, B&R Industrial Automation mapp View, B&R Industrial Automation mapp Cockpit, B&R Industrial Automation mapp Safety, B&R.....
7.2CVSS
7AI Score
0.0004EPSS
A deserialization of untrusted data vulnerability exists in common code used by FlexLogger and InstrumentStudio that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability affects NI FlexLogger...
7.8CVSS
7.8AI Score
0.001EPSS
Mitsubishi Electric Multiple FA Engineering Software Products
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.0 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Equipment: Multiple FA Engineering Software Products Vulnerabilities: Improper Privilege Management, Uncontrolled Resource Consumption, Out-of-bounds Write, Improper Privilege Management 2....
8AI Score
EPSS
Johnson Controls Software House C-CURE 9000
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Low attack complexity Vendor: Johnson Controls Equipment: Software House C●CURE 9000 Vulnerability: Insertion of Sensitive Information into Log File 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to...
7.1AI Score
0.0004EPSS
Rockwell Automation FactoryTalk Remote Access
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: Factory Talk Remote Access Vulnerability: Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to enter a...
7.5CVSS
7.5AI Score
0.0004EPSS
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Low attack complexity Vendor: Subnet Solutions Inc. Equipment: PowerSYSTEM Center Vulnerabilities: Reliance on Insufficiently Trustworthy Component 2. RISK EVALUATION Successful exploitation of the vulnerabilities in components used by...
8.4CVSS
8.1AI Score
0.0004EPSS
May 14, 2024—KB5037771 (OS Builds 22621.3593 and 22631.3593)
May 14, 2024—KB5037771 (OS Builds 22621.3593 and 22631.3593) For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 23H2, see its update history page. Note Follow...
8.8CVSS
7.7AI Score
0.008EPSS
Intel Arc™ & Iris® Xe Graphics Software May 2024 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Arc™ & Iris® Xe Graphics software which may allow escalation of privilege. Intel is releasing updates to mitigate the potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...
7.8CVSS
7.4AI Score
0.0004EPSS
Brother Printers Multiple Vulnerabilities (Mar 2024)
Multiple Brother printers are prone to multiple...
6.7AI Score
0.0004EPSS
Ubuntu 20.04 LTS : Linux kernel (BlueField) vulnerabilities (USN-6767-2)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6767-2 advisory. In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able to crash the...
7.8CVSS
8AI Score
0.0004EPSS
Rocky Linux 9 : kernel (RLSA-2024:2758)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2758 advisory. A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker...
6.5CVSS
6.7AI Score
EPSS
7.4AI Score
Brother Printers Improper Authentication Vulnerability (Mar 2024)
Multiple Brother printers are prone to an improper authentication ...
6.7AI Score
0.0004EPSS
Ubuntu 22.04 LTS : strongSwan vulnerability (USN-6772-1)
The remote Ubuntu 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6772-1 advisory. strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch (CWE-297). When...
7.7CVSS
7.7AI Score
0.0004EPSS
Rapid7 Recognized in the 2024 Gartner® Magic Quadrant™ for SIEM
Command Your Attack Surface with a next-gen SIEM built for the Cloud First Era Rapid7 is excited to share that we are named a Challenger for InsightIDR in the 2024 Gartner Magic Quadrant for SIEM. In a crowded and constantly changing space, this is our sixth time to be recognized in the report....
7.3AI Score
BypassFuzzer - Fuzz 401/403/404 Pages For Bypasses
The original 403fuzzer.py :) Fuzz 401/403ing endpoints for bypasses This tool performs various checks via headers, path normalization, verbs, etc. to attempt to bypass ACL's or URL validation. It will output the response codes and length for each request, in a nicely organized, color coded way so.....
7.5AI Score
Ubuntu 22.04 LTS / 23.10 / 24.04 LTS : SQL parse vulnerability (USN-6771-1)
The remote Ubuntu 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6771-1 advisory. Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError. (CVE-2024-4340) Note that Nessus...
7.5CVSS
7.5AI Score
0.0004EPSS
7.4AI Score
7.4AI Score
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2024-12380)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12380 advisory. This CVE was assigned by Intel. Please see CVE-2024-2201 on CVE.org for more information. (CVE-2024-2201) Note that Nessus has not tested for this issue...
7.1AI Score
EPSS
7.4AI Score
About the security content of iOS 16.7.8 and iPadOS 16.7.8
About the security content of iOS 16.7.8 and iPadOS 16.7.8 This document describes the security content of iOS 16.7.8 and iPadOS 16.7.8. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...
8.8CVSS
8.3AI Score
0.002EPSS
RHEL 8 : libyang (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libyang: NULL pointer dereference in read_yin_leaf() (CVE-2021-28906) libyang: NULL pointer dereference...
8.1AI Score
0.001EPSS
SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP5) (SUSE-SU-2024:1582-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1582-1 advisory. A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to...
7.8CVSS
8AI Score
0.002EPSS
RHEL 6 : php (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: buffer overflow in handling of long link names in tar phar archives (CVE-2016-2554) php:...
10AI Score
EPSS
RHEL 7 : php (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: buffer overflow in handling of long link names in tar phar archives (CVE-2016-2554) php: Use of...
10AI Score
EPSS
RHEL 6 : python-lxml (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through (CVE-2021-43818) An...
7.6AI Score
0.013EPSS
RHEL 7 : python-lxml (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through (CVE-2021-43818) An...
6.8AI Score
0.013EPSS
RHEL 6 : python (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python: Heap overflow in zipimporter module (CVE-2016-5636) python: XML External Entity in XML...
9.5AI Score
0.038EPSS
RHEL 5 : python (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python: Heap overflow in zipimporter module (CVE-2016-5636) python: Stack-based buffer overflow in...
9.4AI Score
0.038EPSS