Lucene search

K

BIG-IP (AFM, ASM) Security Vulnerabilities

nessus
nessus

Hirschmann HiOS Switches Argument Injection or Modification (CVE-2019-12258)

An attacker with the source and destination TCP-port and IP-addresses of a session can inject invalid TCP-segments into the flow, causing the TCP-session to be reset. An application will see this as an ECONNRESET error message when using the socket after such an attack. The most likely outcome...

7.5CVSS

6.9AI Score

0.078EPSS

2024-06-10 12:00 AM
nessus
nessus

Hirschmann HiOS Switches Argument Injection or Modification (CVE-2019-12264)

An attacker residing on the LAN may choose to hijack a DHCP-client session that requests an IPv4 address. The attacker can send a multicast IP-address in the DHCP offer/ack message, which the victim system then incorrectly assigns. This vulnerability can be combined with CVE-2019-12259 to create...

7.5CVSS

7.2AI Score

0.011EPSS

2024-06-10 12:00 AM
nessus
nessus

Hirschmann HiOS Switches Race Condition (CVE-2019-12263)

This vulnerability relies on a race-condition between the network task (tNet0) and the receiving application. It is very difficult to trigger the race on a system with a single CPU-thread enabled, and there is no way to reliably trigger a race on SMP targets. This plugin only works with...

8.1CVSS

6.9AI Score

0.018EPSS

2024-06-10 12:00 AM
nessus
nessus

Hirschmann Automation and Control HiOS and HiSecOS Products Buffer Copy Without Checking Size of Input (CVE-2020-6994)

A buffer overflow vulnerability was found in some devices of Hirschmann Automation and Control HiOS and HiSecOS. The vulnerability is due to improper parsing of URL arguments. An attacker could exploit this vulnerability by specially crafting HTTP requests to overflow an internal buffer. The...

9.8CVSS

7.8AI Score

0.002EPSS

2024-06-10 12:00 AM
nessus
nessus

Hirschmann HiOS Switches Classic Buffer Overflow (CVE-2019-12260)

This vulnerability could lead to a buffer overflow of up to a full TCP receive-window (by default, 10k-64k depending on version). The buffer overflow happens in the task calling recv()/recvfrom()/recvmsg(). Applications that pass a buffer equal to or larger than a full TCP-window are not...

9.8CVSS

8AI Score

0.289EPSS

2024-06-10 12:00 AM
nessus
nessus

Hirschmann HiOS Switches Heap-based Buffer Overflow (CVE-2019-12257)

DHCP packets may go past the local area network (LAN) via DHCP-relays, but are otherwise confined to the LAN. The DHCP-client may be used by VxWorks and in the bootrom. Bootrom, using DHCP/BOOTP, is only vulnerable during the boot-process. This vulnerability may be used to overwrite the heap,...

8.8CVSS

7.4AI Score

0.93EPSS

2024-06-10 12:00 AM
1
nessus
nessus

Hirschmann HiOS Switches Stack-based Buffer Overflow (CVE-2019-12256)

This vulnerability resides in the IPv4 option parsing and may be triggered by IPv4 packets containing invalid options. The most likely outcome of triggering this defect is that the tNet0 task crashes. This vulnerability can result in remote code execution. This plugin only works with Tenable.ot....

9.8CVSS

7.5AI Score

0.059EPSS

2024-06-10 12:00 AM
nessus
nessus

Hirschmann HiOS Switches Null Pointer Dereference (CVE-2019-12259)

This vulnerability requires that at least one IPv4 multicast address has been assigned to the target in an incorrect way (e.g., using the API intended for assigning unicast-addresses). An attacker may use CVE-2019-12264 to incorrectly assign a multicast IP-address. An attacker on the same LAN as...

7.5CVSS

7.5AI Score

0.011EPSS

2024-06-10 12:00 AM
nessus
nessus

RHEL 7 : bind, bind-dyndb-ldap, and dhcp (RHSA-2024:3741)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3741 advisory. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named);.....

7.5CVSS

7.4AI Score

0.05EPSS

2024-06-10 12:00 AM
nessus
nessus

Hirschmann HiOS Switches Classic Buffer Overflow (CVE-2019-12261)

The impact of this vulnerability is a buffer overflow of up to a full TCP receive-window (by default, 10k-64k depending on version). The buffer overflow happens in the task calling recv()/recvfrom()/recvmsg(). Applications that pass a buffer equal to or larger than a full TCP-window are not...

9.8CVSS

8.4AI Score

0.065EPSS

2024-06-10 12:00 AM
nessus
nessus

Hirschmann HiOS Switches Argument Injection or Modification (CVE-2019-12265)

The IGMPv3 reception handler does not expect packets to be spread across multiple IP-fragments. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

5.3CVSS

7AI Score

0.009EPSS

2024-06-10 12:00 AM
nessus
nessus

Hirschmann HiOS Switches Integer Underflow (CVE-2019-12255)

An attacker can either hijack an existing TCP-session and inject bad TCP-segments or establish a new TCP-session on any TCP-port listened to by the target. This vulnerability could lead to a buffer overflow of up to a full TCP receive-window (by default, 10k-64k depending on version). The buffer...

9.8CVSS

8.1AI Score

0.937EPSS

2024-06-10 12:00 AM
1
nessus
nessus

Amazon Linux 2023 : bouncycastle, bouncycastle-javadoc, bouncycastle-mail (ALAS2023-2024-636)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-636 advisory. An issue was discovered in Bouncy Castle Java Cryptography APIs before ... NOTE: https://github.com/bcgit/bc-java/issues/1635NOTE: https://www.bouncycastle.org/latest_releases.htmlDEBIANBUG:...

7.6AI Score

EPSS

2024-06-10 12:00 AM
githubexploit
githubexploit

Exploit for Deserialization of Untrusted Data in Apache Log4J

Exploiting-CVE-2021-44228-Log4Shell-in-a-Banking-Environment...

10CVSS

10AI Score

0.975EPSS

2024-06-09 02:49 AM
100
nvd
nvd

CVE-2024-36969

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a...

0.0004EPSS

2024-06-08 01:15 PM
2
cve
cve

CVE-2024-36969

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a...

6AI Score

0.0004EPSS

2024-06-08 01:15 PM
23
debiancve
debiancve

CVE-2024-36969

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a...

6.1AI Score

0.0004EPSS

2024-06-08 01:15 PM
1
cvelist
cvelist

CVE-2024-36969 drm/amd/display: Fix division by zero in setup_dsc_config

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a...

0.0004EPSS

2024-06-08 12:53 PM
2
vulnrichment
vulnrichment

CVE-2024-36969 drm/amd/display: Fix division by zero in setup_dsc_config

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a...

6.4AI Score

0.0004EPSS

2024-06-08 12:53 PM
kitploit
kitploit

Sttr - Cross-Platform, Cli App To Perform Various Operations On String

sttr is command line software that allows you to quickly run various transformation operations on the string. // With input prompt sttr // Direct input sttr md5 "Hello World" // File input sttr md5 file.text sttr base64-encode image.jpg // Reading from different processor like cat,...

7.4AI Score

2024-06-08 12:30 PM
8
githubexploit

8.6CVSS

8.6AI Score

0.945EPSS

2024-06-08 10:17 AM
83
osv
osv

ZendFramework Potential Proxy Injection Vulnerabilities

Zend\Session\Validator\RemoteAddr and Zend\View\Helper\ServerUrl were found to be improperly parsing HTTP headers for proxy information, which could potentially allow an attacker to spoof a proxied IP or host name. In Zend\Session\Validator\RemoteAddr, if the client is behind a proxy server, the...

7.1AI Score

2024-06-07 08:46 PM
1
github
github

ZendFramework Potential Proxy Injection Vulnerabilities

Zend\Session\Validator\RemoteAddr and Zend\View\Helper\ServerUrl were found to be improperly parsing HTTP headers for proxy information, which could potentially allow an attacker to spoof a proxied IP or host name. In Zend\Session\Validator\RemoteAddr, if the client is behind a proxy server, the...

7.1AI Score

2024-06-07 08:46 PM
2
osv
osv

Zendframework Remote Address Spoofing Vector in `Zend\Http\PhpEnvironment\RemoteAddress`

The Zend\Http\PhpEnvironment\RemoteAddress class provides features around detecting the internet protocol (IP) address for an incoming proxied request via the X-Forwarded-For header, taking into account a provided list of trusted proxy server IPs. Prior to 2.2.5, the class was not taking into...

7AI Score

2024-06-07 08:02 PM
github
github

Zendframework Remote Address Spoofing Vector in `Zend\Http\PhpEnvironment\RemoteAddress`

The Zend\Http\PhpEnvironment\RemoteAddress class provides features around detecting the internet protocol (IP) address for an incoming proxied request via the X-Forwarded-For header, taking into account a provided list of trusted proxy server IPs. Prior to 2.2.5, the class was not taking into...

7AI Score

2024-06-07 08:02 PM
1
kitploit
kitploit

PIP-INTEL - OSINT and Cyber Intelligence Tool

Pip-Intel is a powerful tool designed for OSINT (Open Source Intelligence) and cyber intelligence gathering activities. It consolidates various open-source tools into a single user-friendly interface simplifying the data collection and analysis processes for researchers and cybersecurity...

7AI Score

2024-06-07 12:30 PM
19
schneier
schneier

The Justice Department Took Down the 911 S5 Botnet

The US Justice Department has dismantled an enormous botnet: According to an indictment unsealed on May 24, from 2014 through July 2022, Wang and others are alleged to have created and disseminated malware to compromise and amass a network of millions of residential Windows computers worldwide....

7.4AI Score

2024-06-07 11:04 AM
3
openvas
openvas

Fedora: Security Advisory for rust-local_ipaddress (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for...

7.5AI Score

2024-06-07 12:00 AM
1
f5
f5

K000139953: PHP vulnerability CVE-2024-4577

Security Advisory Description In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API...

9.8CVSS

9.5AI Score

0.932EPSS

2024-06-07 12:00 AM
34
talosblog
talosblog

The sliding doors of misinformation that come with AI-generated search results

As someone who used to think that his entire livelihood would come from writing, I've long wondered if any sort of computer or AI could replace my essential functions at work. For now, it seems there are enough holes in AI-generated language that my ability to write down a complete, accurate and...

7.2AI Score

2024-06-06 06:00 PM
9
thn
thn

Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks

Muhstik botnet exploits a critical Apache RocketMQ flaw (CVE-2023-33246) for remote code execution, targeting Linux servers and IoT devices for DDoS attacks and cryptocurrency mining. Infection involves executing a shell script from a remote IP, downloading the Muhstik malware binary ("pty3"), and....

9.8CVSS

8.3AI Score

0.972EPSS

2024-06-06 01:14 PM
1
ics
ics

Emerson PACSystem and Fanuc

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.6 ATTENTION: Low attack complexity Vendor: Emerson Equipment: PACSystem, Fanuc Vulnerabilities: Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity Insufficiently Protected Credentials, Download of Code Without...

8.4AI Score

EPSS

2024-06-06 12:00 PM
4
packetstorm

7.4AI Score

2024-06-06 12:00 AM
75
f5
f5

K000139922: Open vSwitch vulnerabilities CVE-2023-3966 and CVE-2023-5366

Security Advisory Description CVE-2023-3966 A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is...

7.5CVSS

7.1AI Score

0.0004EPSS

2024-06-06 12:00 AM
7
cve
cve

CVE-2024-4084

A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of mintplex-labs/anything-llm, allowing attackers to bypass the official fix intended to restrict access to intranet IP addresses and protocols. Despite efforts to filter out intranet IP addresses starting with 192,...

7.5CVSS

7.2AI Score

0.001EPSS

2024-06-05 12:15 AM
4
nvd
nvd

CVE-2024-4084

A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of mintplex-labs/anything-llm, allowing attackers to bypass the official fix intended to restrict access to intranet IP addresses and protocols. Despite efforts to filter out intranet IP addresses starting with 192,...

7.5CVSS

7.6AI Score

0.001EPSS

2024-06-05 12:15 AM
cvelist
cvelist

CVE-2024-4084 SSRF vulnerability in mintplex-labs/anything-llm

A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of mintplex-labs/anything-llm, allowing attackers to bypass the official fix intended to restrict access to intranet IP addresses and protocols. Despite efforts to filter out intranet IP addresses starting with 192,...

7.7CVSS

7.6AI Score

0.001EPSS

2024-06-05 12:00 AM
2
f5
f5

K000139898: PyYAML vulnerabilities CVE-2020-1747 and CVE-2020-14343

Security Advisory Description CVE-2020-1747 A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use...

9.8CVSS

7.5AI Score

0.006EPSS

2024-06-05 12:00 AM
9
f5
f5

K000139901: PyYAML vulnerability CVE-2017-18342

Security Advisory Description In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function. (CVE-2017-18342) Impact.....

9.8CVSS

9.6AI Score

0.014EPSS

2024-06-05 12:00 AM
7
f5
f5

K000139917: Libxml2 vulnerability CVE-2022-40303

Security Advisory Description An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading....

7.5CVSS

7.6AI Score

0.004EPSS

2024-06-05 12:00 AM
4
nessus
nessus

F5 Networks BIG-IP : PyYAML vulnerability (K000139901)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000139901 advisory. In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load()...

9.8CVSS

8.1AI Score

0.014EPSS

2024-06-05 12:00 AM
openvas
openvas

openSUSE: Security Advisory for Java (SUSE-SU-2024:1874-1)

The remote host is missing an update for...

7.5CVSS

7.7AI Score

0.005EPSS

2024-06-05 12:00 AM
mssecure
mssecure

AI jailbreaks: What they are and how they can be mitigated

Generative AI systems are made up of multiple components that interact to provide a rich user experience between the human and the AI model(s). As part of a responsible AI approach, AI models are protected by layers of defense mechanisms to prevent the production of harmful content or being used...

7.4AI Score

2024-06-04 05:00 PM
3
cve
cve

CVE-2023-51543

Authentication Bypass by Spoofing vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through...

5.3CVSS

7.2AI Score

0.0004EPSS

2024-06-04 01:15 PM
15
nvd
nvd

CVE-2023-52176

Authentication Bypass by Spoofing vulnerability in miniorange Malware Scanner allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Malware Scanner: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-06-04 01:15 PM
1
cve
cve

CVE-2023-52176

Authentication Bypass by Spoofing vulnerability in miniorange Malware Scanner allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Malware Scanner: from n/a through...

5.3CVSS

7.2AI Score

0.0004EPSS

2024-06-04 01:15 PM
22
nvd
nvd

CVE-2023-51543

Authentication Bypass by Spoofing vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-06-04 01:15 PM
nvd
nvd

CVE-2023-51542

Authentication Bypass by Spoofing vulnerability in WPMU DEV Branda allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Branda: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-06-04 01:15 PM
cve
cve

CVE-2023-51542

Authentication Bypass by Spoofing vulnerability in WPMU DEV Branda allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Branda: from n/a through...

5.3CVSS

7.2AI Score

0.0004EPSS

2024-06-04 01:15 PM
7
cvelist
cvelist

CVE-2023-52176 WordPress Malware Scanner plugin <= 4.7.1 - IP Restriction Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in miniorange Malware Scanner allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Malware Scanner: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-06-04 12:43 PM
Total number of security vulnerabilities72054