9.8CVSS
9.5AI Score
0.001EPSS
Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo...
9.8CVSS
9.5AI Score
0.001EPSS
Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping...
9.8CVSS
9.5AI Score
0.001EPSS
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring...
7.8CVSS
7.7AI Score
0.0004EPSS
9.3CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Audio while processing IIR config data from AFE calibration...
7.8CVSS
7.8AI Score
0.0004EPSS
7.8CVSS
7.7AI Score
0.0004EPSS
Memory corruption in Audio while processing the calibration data returned from ACDB...
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap...
7.8CVSS
7.9AI Score
0.0004EPSS
Memory corruption in Core when updating rollback version for TA and OTA feature is...
7.8CVSS
7.8AI Score
0.0004EPSS
5.5CVSS
5.5AI Score
0.0004EPSS
9.1CVSS
8.9AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.0005EPSS
7.1CVSS
5.5AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.0005EPSS
7.1CVSS
6.8AI Score
0.0004EPSS
Memory corruption in Trusted Execution Environment while deinitializing an object used for license...
7.8CVSS
7.2AI Score
0.0004EPSS
Intelbras Action RF 1200 routers 1.2.2 and earlier and Action RG 1200 routers 2.1.7 and earlier expose the Password in Cookie resulting in Login...
8.1CVSS
8.1AI Score
0.001EPSS
Intelbras Action RF 1200 routers 1.2.2 and earlier and Action RG 1200 routers 2.1.7 and earlier expose the Password in Cookie resulting in Login...
8.1CVSS
8AI Score
0.001EPSS
Intelbras Roteador ACtion RF 1200 1.2.2 esposes the Password in Cookie resulting in Login...
8.1CVSS
7.2AI Score
0.001EPSS
Intelbras Action RF 1200 routers 1.2.2 and earlier and Action RG 1200 routers 2.1.7 and earlier expose the Password in Cookie resulting in Login...
8.3AI Score
0.001EPSS
GLSA-202402-07 : Xen: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202402-07 (Xen: Multiple Vulnerabilities) grant table v2 status pages may remain accessible after de-allocation (take two) Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain...
8.8CVSS
7.8AI Score
EPSS
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 8 used by IBM Installation Manager and IBM Packaging Utility. The IBM Installation Manager and IBM Packaging Utility have addressed the applicable CVEs and we recommend updating to the latest version to...
5.9CVSS
7AI Score
0.001EPSS
7.4AI Score
7.4AI Score
7.4AI Score
7.4AI Score
7.4AI Score
9.8CVSS
7.4AI Score
0.582EPSS
7.4AI Score
How to Implement a Secure Incident Response Plan
Understanding the Basics of Secure Incident Response Plan A proactive strategy for coping with digital dangers calls for a well-planned process that can neutralize and diminish the harmful aftermath of unauthorized intrusion attempts and neglect of security principles. The primary aim of this...
8.3AI Score
MinIO Bootstrap Verify Information Disclosure
MinIO is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including MINIO_SECRET_KEY and MINIO_ROOT_PASSWORD, resulting in information disclosure. Verified.....
6.9AI Score
An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function...
9.8CVSS
7.1AI Score
0.001EPSS
Jenkins cli Ampersand Replacement Arbitrary File Read
This module utilizes the Jenkins cli protocol to run the help command. The cli is accessible with read-only permissions by default, which are all thats required. Jenkins cli utilizes args4j's parseArgument, which calls expandAtFiles to replace any @ with the contents of a file. We are then able to....
9.8CVSS
7.1AI Score
0.961EPSS
Learn why Forrester recognized Wiz as the top ranked in the current offering category on the market out of the top 13 providers, and how their analysis connects with the Wiz...
7.2AI Score
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 that is used by Content Manager Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details If you run your own Java code using the IBM Java Runtime...
5.6CVSS
8AI Score
0.038EPSS
Summary IBM Virtualization Engine TS7700 is susceptible to denial of service due to the use of IBM SDK Java Technology Edition, Version 8 (CVE-2023-22081, CVE-2023-5676). The Java SDK is used by the TS7700 to provide the Management Interface, to perform cache management, and to provide Transparent....
5.9CVSS
5.9AI Score
0.001EPSS
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 5 and 7 that is used by Content Manager Enterprise Edition. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption (POODLE) SSLv3 vulnerability (CVE-2014-3566). These...
3.4CVSS
3.3AI Score
0.975EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.7 that is used by Content Manager Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”. ...
5.9CVSS
6.2AI Score
0.003EPSS
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 5 and 7, that is used by Content Manager Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the “FREAK: Factoring....
4.5AI Score
0.698EPSS
Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition that is shipped with IBM Content Management Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in July 2017. Information about the security vulnerability affecting IBM SDK Java...
7.1AI Score
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7 & 8 used by Content Manager Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in Oct 2017. Vulnerability Details If you run your own Java code using the IBM Java Runtime...
6.2CVSS
7AI Score
0.004EPSS
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7 & 8 used by Content Manager Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in Jan 2017. Vulnerability Details If you run your own Java code using the IBM Java Runtime...
7.5CVSS
7.7AI Score
0.005EPSS
Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition that is shipped with IBM Content Management Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in April 2017. Information about the security vulnerability affecting IBM SDK Java...
7.1AI Score
Fortra GoAnywhere MFT Unauthenticated Remote Code Execution
This module exploits a vulnerability in Fortra GoAnywhere MFT that allows an unauthenticated attacker to create a new administrator account. This can be leveraged to upload a JSP payload and achieve RCE. GoAnywhere MFT versions 6.x from 6.0.1, and 7.x before 7.4.1 are...
9.8CVSS
9.7AI Score
0.582EPSS
Introducing the Wallarm 2024 API ThreatStatsTM Report
The Wallarm Security Research team is pleased to share the latest version of our API ThreatStats report. This report serves as a key resource for API, Application security practitioners. It emphasizes the need for a proactive stance in API security, advocating for continuous monitoring, regular...
8.3AI Score
Riding the AI Waves: The Rise of Artificial Intelligence to Combat Cyber Threats
In nearly every segment of our lives, AI (artificial intelligence) now makes a significant impact: It can deliver better healthcare diagnoses and treatments; detect and reduce the risk of financial fraud; improve inventory management; and serve up the right recommendation for a streaming movie on.....
6.8AI Score
Prevent BEC with AI-Powered Email and Collaboration
Latest Trend Vision One™ platform integration addresses growing need for streamlined IT and security operations across email and messaging...
7.5AI Score
In our previous privacy predictions piece, we outlined trends for 2023. As expected, there was a notable increase in the adoption of digital IDs to replace paper documents. For example, California expanded a pilot program for digital driver's licenses, and Russia introduced laws enabling...
7.6AI Score
Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details ** CVEID: CVE-2023-22045 ...
3.7CVSS
6AI Score
0.001EPSS