Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-3302)
The remote host is missing an update for the Huawei...
7.5CVSS
8.6AI Score
0.732EPSS
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-3273)
The remote host is missing an update for the Huawei...
7.5CVSS
8.6AI Score
0.732EPSS
Summary Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affects the product's management GUI. The Command Line Interface is unaffected. Vulnerability Details ** CVEID: CVE-2023-21930 DESCRIPTION: **An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise...
7.4CVSS
7AI Score
0.002EPSS
Story of the year: the impact of AI on cybersecurity
In the whirlwind of technological advancements and societal transformations, the term "AI" has undoubtedly etched itself into the forefront of global discourse. Over the past twelve months, this abbreviation has resonated across innumerable headlines, business surveys and tech reports, firmly...
7.7AI Score
(RHSA-2023:7710) Important: Red Hat OpenShift for Windows Containers 7.2.0 security update
Red Hat OpenShift for Windows Containers allows you to deploy Windows container workloads running on Windows Server nodes. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325) kubernetes: Insufficient input sanitization...
9.5AI Score
0.732EPSS
Summary IBM Operations Analytics Predictive Insights uses BM® SDK, Java™ Technology Edition, and vulnerability CVE-2022-40609 may expose Java process to a variety of malicious attacks Vulnerability Details ** CVEID: CVE-2022-40609 DESCRIPTION: **IBM SDK, Java Technology Edition 7.1.5.18 and...
9.8CVSS
7.4AI Score
0.003EPSS
Improper Input Validation in the processing of user-supplied splash screen during system boot in Phoenix SecureCore™ Technology™ 4 potentially allows denial-of-service attacks or arbitrary code...
7.8CVSS
0.0004EPSS
Improper Input Validation in the processing of user-supplied splash screen during system boot in Phoenix SecureCore™ Technology™ 4 potentially allows denial-of-service attacks or arbitrary code...
7.8CVSS
7.9AI Score
0.0004EPSS
Improper Input Validation in the processing of user-supplied splash screen during system boot in Phoenix SecureCore™ Technology™ 4 potentially allows denial-of-service attacks or arbitrary code...
7.8CVSS
7.9AI Score
0.0004EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 used by IBM System Networking Switch Center (SNSC). These issues were disclosed as part of the IBM Java SDK updates in January 2018 and April 2018. Vulnerability Details VEID: CVE-2018-2579 DESCRIPTION: An...
5.3CVSS
1.4AI Score
0.004EPSS
Improper Input Validation in the processing of user-supplied splash screen during system boot in Phoenix SecureCore™ Technology™ 4 potentially allows denial-of-service attacks or arbitrary code...
8.1AI Score
0.0004EPSS
(RHSA-2023:7704) Important: OpenShift Virtualization 4.14.1 security and bug fix update
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.14.1 images. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)...
7.3AI Score
0.732EPSS
(RHSA-2023:7703) Important: Red Hat OpenShift Pipelines 1.10.6 release and security update
Red Hat OpenShift Pipelines is a cloud-native continuous integration and delivery (CI/CD) solution for building pipelines using Tekton. Tekton is a flexible, Kubernetes-native, open-source CI/CD framework which enables automating deployments across multiple platforms such as Kubernetes,...
7.4AI Score
0.732EPSS
Red Hat OpenShift Pipelines Client, tkn for the 1.10.6 release, provides a CLI tool to interact with the Pipelines and Triggers components provided by Red Hat OpenShift Pipelines 1.10.6. The tkn CLI tool is delivered as an RPM package for installation on RHEL platforms, and as binaries for...
7.3AI Score
0.732EPSS
2024 Predictions for Cybersecurity: The Rise of AI Brings New Challenges
The emergence of generative AI has put new resources in the hands of both attackers and defenders, and in 2024, Imperva believes the technology will have an even greater impact. Understanding how attackers are leveraging the technology will be critical for organizations seeking to keep...
7.2AI Score
Integrated DFIR Tool Can Simplify and Accelerate Cyber Forensics
Explore real use cases demonstrating the transformative impact of Trend Vision One™ – Forensics, an integrated Digital Forensics and Incident Response (DFIR)...
7.4AI Score
(RHSA-2023:7610) Important: OpenShift Container Platform 4.12.45 packages and security update
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.45. See the following advisory for the container...
7.4AI Score
0.732EPSS
(RHSA-2023:7608) Important: OpenShift Container Platform 4.12.45 bug fix and security update
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.45. See the following advisory for the RPM...
7.4AI Score
0.732EPSS
First announced in March 2023, Microsoft Security Copilot—Microsoft's first generative AI security product—has sparked major interest. The widespread enthusiasm was on full display after announcing our Early Access Program in October 2023 and sharing our incredible Security Copilot innovations at.....
7.6AI Score
First announced in March 2023, Microsoft Security Copilot—Microsoft's first generative AI security product—has sparked major interest. The widespread enthusiasm was on full display after announcing our Early Access Program in October 2023 and sharing our incredible Security Copilot innovations at.....
7.6AI Score
(RHSA-2023:7607) Important: OpenShift Container Platform 4.12.45 security and extras update
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.45. See the following advisory for the container...
7.4AI Score
0.732EPSS
(RHSA-2023:7604) Important: OpenShift Container Platform 4.13.25 bug fix and security update
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.25. See the following advisory for the RPM...
8.3AI Score
0.002EPSS
(RHSA-2023:7662) Important: Red Hat OpenShift for Windows Containers 6.0.3 security update
Red Hat OpenShift for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325) kubernetes: Insufficient input...
8.5AI Score
0.732EPSS
(RHSA-2023:7602) Important: OpenShift Container Platform 4.13.25 security and extras update
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.25. See the following advisory for the container...
8.3AI Score
0.002EPSS
Imperva named an Overall Leader We're thrilled to share that Imperva has achieved the prestigious status of Overall Leader in the KuppingerCole Leadership Compass: API Security and Management report. Our Leadership excels across the sub-categories of Product, Innovation, and Market Leadership and.....
7.3AI Score
This release of Red Hat Integration - Service Registry 2.5.4 GA includes the following security fixes. Security Fix(es): undertow: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) [rhint-serv-2] (CVE-2023-44487) quarkus-vertx-http: quarkus: HTTP...
9.2AI Score
0.732EPSS
(RHSA-2023:7599) Important: OpenShift Container Platform 4.14.5 bug fix and security update
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.14.5. See the following advisory for the RPM...
7.7AI Score
0.732EPSS
7.8CVSS
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
7.8CVSS
7.4AI Score
0.0004EPSS
CVE-2023-33087 Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in Core
Memory corruption in Core while processing RX intent...
7.8CVSS
8AI Score
0.0004EPSS
(RHSA-2023:7641) Important: Red Hat JBoss Enterprise Application Platform 7.4.14 security update
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.14 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.13, and includes bug...
7AI Score
0.732EPSS
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.14 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.13, and includes bug...
7AI Score
0.732EPSS
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.14 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.13, and includes bug...
7AI Score
0.732EPSS
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.14 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.13, and includes bug...
9.1AI Score
0.732EPSS
New P2PInfect Botnet MIPS Variant Targeting Routers and IoT Devices
Cybersecurity researchers have discovered a new variant of an emerging botnet called P2PInfect that's capable of targeting routers and IoT devices. The latest version, per Cado Security Labs, is compiled for Microprocessor without Interlocked Pipelined Stages (MIPS) architecture, broadening its...
10CVSS
7.3AI Score
0.971EPSS
RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 9 (RHSA-2023:7639)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7639 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...
7.5CVSS
8.4AI Score
0.732EPSS
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 7 (RHSA-2023:7637)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7637 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...
7.5CVSS
8.4AI Score
0.732EPSS
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 8 (RHSA-2023:7638)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7638 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...
7.5CVSS
8.4AI Score
0.732EPSS
FreeBSD : varnish -- HTTP/2 Rapid Reset Attack (f25a34b1-910d-11ee-a1a2-641c67a117d8)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f25a34b1-910d-11ee-a1a2-641c67a117d8 advisory. The HTTP/2 protocol allows a denial of service (server resource consumption) because request...
7.5CVSS
7.5AI Score
0.732EPSS
Accelerating Cloud-Native Data Security Deployments at Scale with Imperva’s eDSF Kit
Today's evolving digital landscape and the rapid expansion of cloud technologies have necessitated a shift in the approach of deploying and managing data security across multiple platforms. Traditional methods of manual deployment of data activity monitoring, risk analytics, and threat detection...
7AI Score
Summary IBM® SDK Java™ Technology Edition is shipped as a component of IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable issues, CVE-2023-22045 and CVE-2023-22049 Vulnerability Details ** CVEID: CVE-2023-22045 DESCRIPTION: **An unspecified vulnerability in Java SE...
3.7CVSS
6.4AI Score
0.001EPSS
Discover How Gcore Thwarted Powerful 1.1Tbps and 1.6Tbps DDoS Attacks
The most recent Gcore Radar report and its aftermath have highlighted a dramatic increase in DDoS attacks across multiple industries. At the beginning of 2023, the average strength of attacks reached 800 Gbps, but now, even a peak as high as 1.5+ Tbps is unsurprising. To try and break through...
7.2AI Score
8.8CVSS
7AI Score
0.002EPSS
Summary IBM® Db2® is vulnerable to denial of service with a specially crafted XML query statement. Vulnerability Details ** CVEID: CVE-2023-38728 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service with a specially crafted XML query...
7.5CVSS
7.5AI Score
0.001EPSS
Summary IBM® Db2® is vulnerable to an information disclosure vulnerability due to the consumed GSKit library. Vulnerability Details ** CVEID: CVE-2023-33850 DESCRIPTION: **IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the...
7.5CVSS
7.4AI Score
0.001EPSS
Summary IBM® Db2® is vulnerable to denial of service with a specially crafted ALTER TABLE statement. Vulnerability Details ** CVEID: CVE-2023-38720 DESCRIPTION: **IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service with a specially crafted ALTER...
7.5CVSS
7.5AI Score
0.001EPSS
Summary IBM® Db2® is vulnerable to denial of service with a specially crafted query. Vulnerability Details ** CVEID: CVE-2023-30991 DESCRIPTION: **IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service with a specially crafted query. CVSS Base score:...
7.5CVSS
7.4AI Score
0.001EPSS
Summary IBM® Db2® is vulnerable to denial of service via a specially crafted query on certain databases. Vulnerability Details ** CVEID: CVE-2023-30987 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a...
7.5CVSS
7.5AI Score
0.001EPSS
Summary IBM® Db2® is vulnerable to denial of service with a specially crafted query containing common table expressions. Vulnerability Details ** CVEID: CVE-2023-40373 DESCRIPTION: **IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service with a...
7.5CVSS
7.8AI Score
0.001EPSS