The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_folders_file_upload' function in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with author access and above, to upload...
8.8CVSS
0.001EPSS
The Folders and Folders Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.0 in Folders and 3.0.2 in Folders Pro via the 'handle_folders_file_upload' function. This makes it possible for authenticated attackers, with author access and above, to...
4.3CVSS
7AI Score
0.001EPSS
The Folders and Folders Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.0 in Folders and 3.0.2 in Folders Pro via the 'handle_folders_file_upload' function. This makes it possible for authenticated attackers, with author access and above, to...
4.3CVSS
0.001EPSS
A CRLF cross-site scripting vulnerability has been identified in certain configurations of the SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server. As a result, an attacker can execute arbitrary Javascript code in a client...
7AI Score
0.0004EPSS
A CRLF cross-site scripting vulnerability has been identified in certain configurations of the SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server. As a result, an attacker can execute arbitrary Javascript code in a client...
0.0004EPSS
A possible request smuggling vulnerability exists through Envoy. This issue occurs if a server can be tricked into adding an upgrade header into a...
8.2CVSS
7.2AI Score
0.001EPSS
CVE-2024-36459 Cross-Site Scripting Vulnerability in Symantec SiteMinder Web Agent
A CRLF cross-site scripting vulnerability has been identified in certain configurations of the SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server. As a result, an attacker can execute arbitrary Javascript code in a client...
0.0004EPSS
github.com/klauspost/compress/zstd is vulnerable to a Denial of service (DoS). The vulnerability is due to its zstd decompression implementation not respecting the limits imposed by gRPC, which allows attacker to trigger rapid and uncontrolled increases in memory usage on the server or...
7AI Score
The ElementsKit PRO plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.6.2 via the 'render_raw' function. This can allow authenticated attackers, with contributor-level permissions and above, to make web requests to arbitrary locations originating....
8.5CVSS
0.0005EPSS
The ElementsKit PRO plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.6.2 via the 'render_raw' function. This can allow authenticated attackers, with contributor-level permissions and above, to make web requests to arbitrary locations originating....
8.5CVSS
8.3AI Score
0.0005EPSS
org.elasticsearch: elasticsearch is vulnerable to Denial of Service (DoS). The vulnerability is due to a StackOverflow exception caused by dynamic field mapping of the passthrough type in an index template. An attacker can exploit this vulnerability by ingesting documents under specific conditions....
4.9CVSS
6.9AI Score
0.0004EPSS
CVE-2024-4404 ElementsKit PRO <= 3.6.1 - Authenticated (Contributor+) Server-Side Request Forgery
The ElementsKit PRO plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.6.2 via the 'render_raw' function. This can allow authenticated attackers, with contributor-level permissions and above, to make web requests to arbitrary locations originating....
8.5CVSS
0.0005EPSS
CVE-2024-4404 ElementsKit PRO <= 3.6.1 - Authenticated (Contributor+) Server-Side Request Forgery
The ElementsKit PRO plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.6.2 via the 'render_raw' function. This can allow authenticated attackers, with contributor-level permissions and above, to make web requests to arbitrary locations originating....
8.5CVSS
6.7AI Score
0.0005EPSS
github.com/projectdiscovery/interactsh is vulnerable to Arbitrary File Read/Write. The vulnerability is due to improper smb server restrictions which allows an attacker to read/write any files in the directory and subdirectories of where the victim runs interactsh-server via anonymous...
9.8CVSS
7AI Score
0.001EPSS
The Canto plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 3.0.8 via the abspath parameter. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. This required allow_url_include to...
9.8CVSS
0.001EPSS
The Canto plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 3.0.8 via the abspath parameter. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. This required allow_url_include to...
9.8CVSS
9.7AI Score
0.001EPSS
Path traversal vulnerability in the web server of the Toshiba printer enables attacker to overwrite orginal files or add new ones to the printer. As for the affected products/models/versions, see the reference...
8.8CVSS
0.0004EPSS
Path traversal vulnerability in the web server of the Toshiba printer enables attacker to overwrite orginal files or add new ones to the printer. As for the affected products/models/versions, see the reference...
8.8CVSS
8.7AI Score
0.0004EPSS
[SECURITY] Fedora 39 Update: cyrus-imapd-3.8.3-1.fc39
The Cyrus IMAP (Internet Message Access Protocol) server provides access to personal mail, system-wide bulletin boards, news-feeds, calendar and contac ts through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. The Cyrus IMAP server is a scalable enterprise groupware system designed for use...
6.5CVSS
7.1AI Score
0.0005EPSS
CVE-2024-4936 Canto <= 3.0.8 - Unauthenticated Remote File Inclusion
The Canto plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 3.0.8 via the abspath parameter. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. This required allow_url_include to...
9.8CVSS
0.001EPSS
CVE-2024-4936 Canto <= 3.0.8 - Unauthenticated Remote File Inclusion
The Canto plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 3.0.8 via the abspath parameter. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. This required allow_url_include to...
9.8CVSS
7.5AI Score
0.001EPSS
CVE-2024-3497 Directory Traversal Remote Code Execution Vulnerability
Path traversal vulnerability in the web server of the Toshiba printer enables attacker to overwrite orginal files or add new ones to the printer. As for the affected products/models/versions, see the reference...
8.8CVSS
0.0004EPSS
CVE-2024-3497 Directory Traversal Remote Code Execution Vulnerability
Path traversal vulnerability in the web server of the Toshiba printer enables attacker to overwrite orginal files or add new ones to the printer. As for the affected products/models/versions, see the reference...
8.8CVSS
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_init() can cause both div-by-zero and an integer overflow since hdev->le_mtu may not fall in the valid range. Move MTU from hci_dev to hci_conn to...
7AI Score
0.0004EPSS
Exploit for Path Traversal in Solarwinds Serv-U
CVE-2024-28995 (PoC) SolarWinds Serv-U was susceptible to a...
8.6CVSS
6.8AI Score
0.001EPSS
[SECURITY] Fedora 40 Update: cyrus-imapd-3.8.3-1.fc40
The Cyrus IMAP (Internet Message Access Protocol) server provides access to personal mail, system-wide bulletin boards, news-feeds, calendar and contac ts through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. The Cyrus IMAP server is a scalable enterprise groupware system designed for use...
6.5CVSS
7.1AI Score
0.0005EPSS
Rejetto HFS (HTTP File Server) CVE-2024-23692 Vulnerability...
9.8CVSS
10AI Score
0.002EPSS
NVIDIA GPU software for Linux contains a vulnerability where it can expose sensitive information to an actor that is not explicitly authorized to have access to that information. A successful exploit of this vulnerability might lead to information disclosure. Notes Author| Note ---|--- mdeslaur |.....
6.5CVSS
6.9AI Score
0.0004EPSS
Rocky Linux 8 : bind and dhcp (RLSA-2024:3271)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3271 advisory. * bind9: Parsing large DNS messages may cause excessive CPU load (CVE-2023-4408) * bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator...
7.5CVSS
9.3AI Score
0.05EPSS
Rocky Linux 8 : idm:DL1 and idm:client (RLSA-2024:3267)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3267 advisory. * JWCrypto: denail of service Via specifically crafted JWE (CVE-2023-6681) * python-jwcrypto: malicious JWE token can cause denial of service...
6.8CVSS
7AI Score
0.0004EPSS
Rocky Linux 8 : xorg-x11-server-Xwayland (RLSA-2024:3343)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3343 advisory. * xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents (CVE-2024-31080) * xorg-x11-server: Heap buffer overread/data leakage in.....
7.8CVSS
8AI Score
0.0005EPSS
7.4AI Score
AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)
...
7.4AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
Rocky Linux 8 : kernel (RLSA-2024:3138)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3138 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): For more details about the security issue(s),...
9.8CVSS
7.7AI Score
EPSS
AlmaLinux 9 : libreoffice (ALSA-2024:3835)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3835 advisory. * libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution (CVE-2023-6185) * libreoffice: Insufficient macro permission...
8.8CVSS
9.2AI Score
0.001EPSS
Rocky Linux 8 : pcp (RLSA-2024:3264)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3264 advisory. * pcp: exposure of the redis server backend allows remote command execution via pmproxy (CVE-2024-3019) Tenable has extracted the preceding description block...
8.8CVSS
7.2AI Score
0.0004EPSS
Ubuntu 22.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-6818-3)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6818-3 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer...
7.8CVSS
7.2AI Score
0.001EPSS
Oracle Linux 8 : ruby:3.1 (ELSA-2024-3546)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3546 advisory. ruby [3.1.5-143] - Upgrade to Ruby 3.1.5. Resolves: RHEL-35748 - Fix buffer overread vulnerability in StringIO. Resolves: RHEL-35749 - Fix RCE...
7AI Score
EPSS
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2019-1)
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2019-1 advisory. The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following...
9.8CVSS
8.4AI Score
0.005EPSS
Rejetto HTTP File Server 2.x Remote Code Execution
Rejetto HTTP File Server 2.x, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP...
8.4AI Score
Report Generation Fails with "lookup prometheus-server-exp: no such host"
Report Generation Fails with "lookup prometheus-server-exp: no such...
7.1AI Score
Rocky Linux 8 : kernel-rt (RLSA-2024:2950)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2950 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. ...
9.8CVSS
7.8AI Score
EPSS
tagDiv Composer < 4.9 - Authenticated (Contributor+) Local File Inclusion via Shortcode
Description The tagDiv Composer plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8 via the 'td_block_title' shortcode 'block_template_id' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions,...
8.8CVSS
7.9AI Score
0.001EPSS
Rocky Linux 9 : libreoffice (RLSA-2024:3835)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3835 advisory. * libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution (CVE-2023-6185) * libreoffice: Insufficient macro permission...
8.8CVSS
9.2AI Score
0.001EPSS
7.4AI Score
Hardcoded credentials in TerraMaster TOS firmware through 5.1 allow a remote attacker to successfully login to the mail or webmail server. These credentials can also be used to login to the administration panel and to perform privileged...
0.0004EPSS
Rocky Linux 9 : glibc (RLSA-2024:3339)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3339 advisory. * glibc: Out of bounds write in iconv conversion to ISO-2022-CN-EXT (CVE-2024-2961) * glibc: stack-based buffer overflow in netgroup cache...
7.7AI Score
0.0005EPSS
Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2024:3253)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3253 advisory. * libvirt: negative g_new0 length can lead to unbounded memory allocation (CVE-2024-2494) Tenable has extracted the preceding description block directly from the.....
6.2CVSS
9.4AI Score
0.001EPSS
Rocky Linux 8 : tomcat (RLSA-2024:3666)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3666 advisory. * Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) * Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) Bug...
7.1AI Score
0.0004EPSS