An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code...
5.3CVSS
5.6AI Score
0.0004EPSS
An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code...
5.3CVSS
5.6AI Score
0.0004EPSS
An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code...
5.3CVSS
7.2AI Score
0.0004EPSS
An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code...
5.3CVSS
5.8AI Score
0.0004EPSS
An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code...
5.3CVSS
5.8AI Score
0.0004EPSS
RHEL 8 : Red Hat Product OCP Tools 4.14 Openshift Jenkins (RHSA-2023:7288)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7288 advisory. snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857) maven-shared-utils: Command...
9.8CVSS
9.1AI Score
0.972EPSS
RHEL 8 / 9 : OpenShift Container Platform 4.13.23 (RHSA-2023:7325)
The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:7325 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) Note that Nessus has not...
7.5CVSS
8.3AI Score
0.732EPSS
RHEL 9 : Red Hat OpenStack Platform 17.1.1 (RHSA-2023:5969)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5969 advisory. The etcd packages provide a highly available key-value store for shared configuration. Security Fix(es): * golang: net/http, x/net/http2:...
7.5CVSS
8.9AI Score
0.732EPSS
Elber Wayber Analog/Digital Audio STL 4.00 Insecure Direct Object Reference Vulnerability
Elber Wayber Analog/Digital Audio STL version 4.00 suffers from an unauthenticated device configuration and client-side hidden functionality disclosure...
7.5AI Score
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Insecure Direct Object Reference Vulnerability
Elber Cleber/3 Broadcast Multi-Purpose Platform version 1.0.0 suffers from an unauthenticated device configuration and client-side hidden functionality disclosure...
7.5AI Score
Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Insecure Direct Object Reference Vulnerability
Elber Signum DVB-S/S2 IRD for Radio Networks version 1.999 suffers from an unauthenticated device configuration and client-side hidden functionality disclosure...
7.5AI Score
Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Insecure Direct Object Reference Vulnerability
Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link suffers from an unauthenticated device configuration and client-side hidden functionality disclosure...
7.5AI Score
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Insecure Direct Object Reference Vulnerability
Elber ESE DVB-S/S2 Satellite Receiver version 1.5.x suffers from an unauthenticated device configuration and client-side hidden functionality disclosure...
7.5AI Score
RHEL 7 : python-django (RHSA-2015:1894)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1894 advisory. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as...
6.5AI Score
0.024EPSS
[SECURITY] Fedora 38 Update: python-django3-3.2.25-2.fc38
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don't Repeat Yourself)...
7.5CVSS
7.6AI Score
0.001EPSS
Exploit for Command Injection in Paloaltonetworks Pan-Os
PAN Rapid Check Simple(you should probably just do this in...
7.2AI Score
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1321-1)
The remote host is missing an update for...
7.8CVSS
7.2AI Score
EPSS
(RHSA-2024:1765) Important: OpenShift Container Platform 4.14.21 bug fix and security update
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.14.21. See the following advisory for the RPM...
7.4AI Score
0.732EPSS
[SECURITY] Fedora 39 Update: python-django-4.2.11-2.fc39
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don't Repeat Yourself)...
7.5CVSS
7.3AI Score
0.001EPSS
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Insecure Direct Object Reference
...
7.4AI Score
7.4AI Score
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1321-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1321-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...
7.8CVSS
8AI Score
EPSS
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1322-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1322-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...
7.8CVSS
8.4AI Score
EPSS
7.4AI Score
7.4AI Score
7.4AI Score
Oracle Patch Update, April 2024 Security Update Review
Oracle released its second quarterly edition of Critical Patch Update, which contains patches for 441 security vulnerabilities. Some of the vulnerabilities addressed in this update impact more than one product. These patches address vulnerabilities in various product families, including...
9.8CVSS
10AI Score
0.023EPSS
GenAI: A New Headache for SaaS Security Teams
The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI....
6.9AI Score
In the Linux kernel, the following vulnerability has been resolved: i2c: qcom-geni: Correct I2C TRE sequence For i2c read operation in GSI mode, we are getting timeout due to malformed TRE basically incorrect TRE sequence in gpi(drivers/dma/qcom/gpi.c) driver. I2C driver has...
6.3AI Score
0.0004EPSS
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Config
Title: Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Config Advisory ID: ZSL-2024-5821 Type: Local/Remote Impact: Security Bypass, Privilege Escalation, System Access, DoS Risk: (5/5) Release Date: 17.04.2024 Summary ESE (Elber Satellite Equipment) product line, designed for the high-end...
7.4AI Score
Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Device Config
Title: Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Device Config Advisory ID: ZSL-2024-5815 Type: Local/Remote Impact: Security Bypass, Privilege Escalation, System Access, DoS Risk: (5/5) Release Date: 17.04.2024 Summary The SIGNUM controller from Elber satellite equipment demodulates...
7.3AI Score
RHEL 8 / 9 : OpenShift Container Platform 4.12.45 (RHSA-2023:7610)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7610 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) ...
8CVSS
8.1AI Score
0.732EPSS
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Device Config
Title: Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Device Config Advisory ID: ZSL-2024-5817 Type: Local/Remote Impact: Security Bypass, Privilege Escalation, System Access, DoS Risk: (5/5) Release Date: 17.04.2024 Summary Cleber offers a powerful, flexible and modular hardware and...
7.3AI Score
Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Device Config
Title: Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Device Config Advisory ID: ZSL-2024-5819 Type: Local/Remote Impact: Security Bypass, Privilege Escalation, System Access, DoS Risk: (5/5) Release Date: 17.04.2024 Summary The REBLE610 features an accurate hardware design, absence of...
7.4AI Score
RHEL 8 : OpenShift Container Platform 4.11.54 (RHSA-2023:7481)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:7481 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private...
7.5CVSS
8.8AI Score
0.732EPSS
Elber Wayber Analog/Digital Audio STL 4.00 Device Config
Title: Elber Wayber Analog/Digital Audio STL 4.00 Device Config Advisory ID: ZSL-2024-5823 Type: Local/Remote Impact: Security Bypass, Privilege Escalation, System Access, DoS Risk: (5/5) Release Date: 17.04.2024 Summary Wayber II is the name of an analogue/digital microwave link able to...
7.3AI Score
Summary There are vulnerabilities in IBM® Semeru Java™ Version 11, Apache Commons Compress and Apache Commons Configuration used by IBM Cognos Command Center. IBM Cognos Command Center 10.2.5 IF2 has addressed the applicable CVEs by upgrading to non-vulnerable versions of these libraries. Please...
8.1CVSS
8.3AI Score
0.001EPSS
(RHSA-2024:1770) Important: OpenShift Container Platform 4.15.9 bug fix and security update
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.15.9. See the following advisory for the RPM...
7.3AI Score
0.732EPSS
Five Key Takeaways from the 2024 Imperva Bad Bot Report
Bad bots continue to affect consumers and organizations across all sectors. For over eleven years, Imperva has been dedicated to helping organizations manage and mitigate the threat of bad bots. We’ve published the 2024 Imperva Bad Bot Report as part of our commitment to helping organizations...
7AI Score
Keras 2 Lambda Layers Allow Arbitrary Code Injection in TensorFlow Models
Overview Lambda Layers in third party TensorFlow-based Keras models allow attackers to inject arbitrary code into versions built prior to Keras 2.13 that may then unsafely run with the same permissions as the running application. For example, an attacker could use this feature to trojanize a...
7.1AI Score
0.0004EPSS
Debian dsa-5662 : apache2 - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5662 advisory. Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. (CVE-2023-31122) Faulty...
7.5CVSS
8.2AI Score
0.732EPSS
AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead
Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn't a plot from the latest cyber-thriller; it's actually been a reality for years now....
8.3AI Score
[SECURITY] Fedora 40 Update: python-django-4.2.11-2.fc40
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don't Repeat Yourself)...
7.5CVSS
7.3AI Score
0.001EPSS
Debian dsa-5658 : affs-modules-6.1.0-11-4kc-malta-di - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5658 advisory. A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in...
8CVSS
7.6AI Score
EPSS
Summary Db2 may be vulnerable to an Information Disclosure when using the LOAD utility as under certain circumstances the LOAD utility does not enforce directory restrictions. Vulnerability Details ** CVEID: CVE-2021-20373 DESCRIPTION: **IBM Db2 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable...
7.5CVSS
7.6AI Score
0.001EPSS
QIDs/CVEs When it comes to cybersecurity, speed is key in getting an edge over attackers. But when you consider that vulnerabilities weaponize 24 days faster than then they are remediated on average, cybersecurity stakeholders have a lot of catching up to do. While there are many ways defenders...
7AI Score
PoC for CVE-2023-45288 This is a proof-of-concept code for...
7.3AI Score
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: kTLS, Fix crash in RX resync flow For the TLS RX resync flow, we maintain a list of TLS contexts that require some attention, to communicate their resync information to the HW. Here we fix list corruptions, by...
6.6AI Score
0.0004EPSS
Qualys Endpoint Detection & Response Validated by Top Independent Testing Labs
Qualys is proud to announce that our Endpoint Detection & Response solution has earned top certifications from two of the most respected independent anti-virus testing organizations - SE Labs and AV-Test. These prestigious validations underscore Qualys' mission to deliver best-in-class malware...
7.4AI Score
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: kTLS, Fix crash in RX resync flow For the TLS RX resync flow, we maintain a list of TLS contexts that require some attention, to communicate their resync information to the HW. Here we fix list corruptions, by...
6.4AI Score
0.0004EPSS