Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information...
5.4CVSS
6.3AI Score
0.0004EPSS
Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information...
5.4CVSS
5.2AI Score
0.0004EPSS
XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML...
7.8CVSS
8.4AI Score
0.0004EPSS
XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML...
7.8CVSS
8AI Score
0.0004EPSS
CVE-2024-4429 Cross Site Request Forgery vulnerability in iManager
Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information...
5.4CVSS
5.2AI Score
0.0004EPSS
CVE-2024-4429 Cross Site Request Forgery vulnerability in iManager
Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information...
5.4CVSS
6.4AI Score
0.0004EPSS
CVE-2024-3969 XML External Entity injection vulnerability in iManager
XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML...
7.8CVSS
8AI Score
0.0004EPSS
Fedora: Security Advisory for libcoap (FEDORA-2024-450b75e4a0)
The remote host is missing an update for...
6.7AI Score
0.0004EPSS
Fedora: Security Advisory for libcoap (FEDORA-2024-75863445ff)
The remote host is missing an update for...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: driver core: auxiliary bus: Fix memory leak when driver_register() fail If driver_register() returns with error we need to free the memory allocated for auxdrv->driver.name before returning from...
6.6AI Score
0.0004EPSS
Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details Refer to the security bulletin(s)...
5.9CVSS
6.5AI Score
0.001EPSS
Summary IBM® SDK Java™ Technology Edition is shipped as a component of IBM Tivoli Netcool Impact. IBM Tivoli Netcool Impact has addressed the applicable issues, CVE-2023-22081, CVE-2023-22067, and CVE-2023-5676 Vulnerability Details ** CVEID: CVE-2023-22081 DESCRIPTION: **An unspecified...
5.9CVSS
5.6AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: driver core: auxiliary bus: Fix memory leak when driver_register() fail If driver_register() returns with error we need to free the memory allocated for auxdrv->driver.name before returning from...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: driver core: auxiliary bus: Fix memory leak when driver_register() fail If driver_register() returns with error we need to free the memory allocated for auxdrv->driver.name before returning from...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: driver core: auxiliary bus: Fix memory leak when driver_register() fail If driver_register() returns with error we need to free the memory allocated for auxdrv->driver.name before returning from...
7.1AI Score
0.0004EPSS
CVE-2021-47287 driver core: auxiliary bus: Fix memory leak when driver_register() fail
In the Linux kernel, the following vulnerability has been resolved: driver core: auxiliary bus: Fix memory leak when driver_register() fail If driver_register() returns with error we need to free the memory allocated for auxdrv->driver.name before returning from...
6.5AI Score
0.0004EPSS
CVE-2021-47287 driver core: auxiliary bus: Fix memory leak when driver_register() fail
In the Linux kernel, the following vulnerability has been resolved: driver core: auxiliary bus: Fix memory leak when driver_register() fail If driver_register() returns with error we need to free the memory allocated for auxdrv->driver.name before returning from...
6.9AI Score
0.0004EPSS
SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure
The persistent threat actors behind the SolarMarker information-stealing malware have established a multi-tiered infrastructure to complicate law enforcement takedown efforts, new findings from Recorded Future show. "The core of SolarMarker's operations is its layered infrastructure, which...
6.7AI Score
In the Linux kernel, the following vulnerability has been resolved: driver core: auxiliary bus: Fix memory leak when driver_register() fail If driver_register() returns with error we need to free the memory allocated for auxdrv->driver.name before returning from...
6.6AI Score
0.0004EPSS
Introducing FIM 4.0 with File Access Monitoring (FAM) and Agentless FIM to ensure compliance with the new PCI 4.0 File Integrity Monitoring (FIM) solutions are essential for virtually any organization to help identify suspicious activities across critical system files and registries, diagnose...
7.3AI Score
Security Bulletin: IBM Integration Designer is vulnerable to a denial of service (CVE-2023-38264)
Summary Vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed the following CVE. Vulnerability Details ** CVEID: CVE-2023-38264 DESCRIPTION: **The IBM SDK, Java Technology Edition's Object Request Broker (ORB) 7.1.0.0...
5.9CVSS
6.1AI Score
0.0004EPSS
LDAP Authentication Improvements This week, in Metasploit v6.4.9, the team has added multiple improvements for LDAP related attacks. Two improvements relating to authentication is the new support for Signing and Channel Binding. Microsoft has been making changes to harden the communications to...
7.5AI Score
Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details ** CVEID: CVE-2023-22081 ...
5.9CVSS
7AI Score
0.001EPSS
Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking
The cryptojacking group known as Kinsing has demonstrated an ability to continuously evolve and adapt, proving to be a persistent threat by swiftly integrating newly disclosed vulnerabilities to the exploit arsenal and expand its botnet. The findings come from cloud security firm Aqua, which...
7.4AI Score
New XM Cyber Research: 80% of Exposures from Misconfigurations, Less Than 1% from CVEs
A new report from XM Cyber has found – among other insights - a dramatic gap between where most organizations focus their security efforts, and where the most serious threats actually reside. The new report, Navigating the Paths of Risk: The State of Exposure Management in 2024, is based on...
7.8AI Score
An unquoted executable path exists in the Rockwell Automation FactoryTalk® Remote Access™ possibly resulting in remote code execution if exploited. While running the FTRA installer package, the executable path is not properly quoted, which could allow a threat actor to enter a malicious executable....
7.9AI Score
0.0004EPSS
An unquoted executable path exists in the Rockwell Automation FactoryTalk® Remote Access™ possibly resulting in remote code execution if exploited. While running the FTRA installer package, the executable path is not properly quoted, which could allow a threat actor to enter a malicious executable....
7.8AI Score
0.0004EPSS
CVE-2024-3640 Rockwell Automation FactoryTalk® Remote Access™ has Unquoted Executables
An unquoted executable path exists in the Rockwell Automation FactoryTalk® Remote Access™ possibly resulting in remote code execution if exploited. While running the FTRA installer package, the executable path is not properly quoted, which could allow a threat actor to enter a malicious executable....
7.8AI Score
0.0004EPSS
CVE-2024-3640 Rockwell Automation FactoryTalk® Remote Access™ has Unquoted Executables
An unquoted executable path exists in the Rockwell Automation FactoryTalk® Remote Access™ possibly resulting in remote code execution if exploited. While running the FTRA installer package, the executable path is not properly quoted, which could allow a threat actor to enter a malicious executable....
7.9AI Score
0.0004EPSS
How the Qualys Enterprise TruRisk™ Platform Supports CISA Vulnrichment
Introduction In today's interconnected digital landscape, cybersecurity threats pose significant risks to organizations across various sectors. Recognizing the need for a structured approach to identify, prioritize, and address vulnerabilities, the Cybersecurity and Infrastructure Security Agency.....
6.9AI Score
TotalCloud Container Security Best Practices
Qualys Container Security (CS), an integral part of TotalCloud 2.0, provides a comprehensive view of the security posture of containerized applications. Operationalizing a new technology tool in an enterprise often presents its own challenges. This blog seeks to help the operations team...
7.1AI Score
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1659-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1659-1 advisory. In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi:...
7.8CVSS
7.7AI Score
0.0005EPSS
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1650-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1650-1 advisory. In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4...
7.8CVSS
8.1AI Score
0.0004EPSS
Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure by directory...
5.3CVSS
6.5AI Score
0.0004EPSS
Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure by directory...
5.3CVSS
5.2AI Score
0.0004EPSS
Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution unisng unsafe java object...
7.6CVSS
8AI Score
0.0004EPSS
Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. This vulnerability allows an attacker to manipulate certain parameters to bypass...
3.5CVSS
6.8AI Score
0.0004EPSS
File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant attacker to upload a file without...
5.6CVSS
5.5AI Score
0.0004EPSS
File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant attacker to upload a file without...
5.6CVSS
6.8AI Score
0.0004EPSS
Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. This vulnerability allows an attacker to manipulate certain parameters to bypass...
3.5CVSS
4AI Score
0.0004EPSS
Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution using custom file upload...
7.8CVSS
8AI Score
0.0004EPSS
Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution using custom file upload...
7.8CVSS
8.2AI Score
0.0004EPSS
Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution unisng unsafe java object...
7.6CVSS
7.9AI Score
0.0004EPSS
Path Traversal found in OpenText™ iManager 3.2.6.0200. This can lead to privilege escalation or file...
5.7CVSS
5.6AI Score
0.0004EPSS
Path Traversal found in OpenText™ iManager 3.2.6.0200. This can lead to privilege escalation or file...
5.7CVSS
6.8AI Score
0.0004EPSS
Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information...
5.3CVSS
6.4AI Score
0.0004EPSS
XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to information disclosure and remote code...
7.8CVSS
7.4AI Score
0.0004EPSS
Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information...
5.3CVSS
5AI Score
0.0004EPSS
XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to information disclosure and remote code...
7.8CVSS
7.7AI Score
0.0004EPSS
Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger command injection and insecure deserialization...
7.8CVSS
8.1AI Score
0.0004EPSS