Lucene search

K

BIG-IP (AFM, ASM) Security Vulnerabilities

cvelist
cvelist

CVE-2023-51543 WordPress RegistrationMagic plugin <= 5.2.5.0 - IP Limit Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-06-04 12:25 PM
1
vulnrichment
vulnrichment

CVE-2023-51543 WordPress RegistrationMagic plugin <= 5.2.5.0 - IP Limit Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through...

5.3CVSS

7AI Score

0.0004EPSS

2024-06-04 12:25 PM
vulnrichment
vulnrichment

CVE-2023-51542 WordPress Branda plugin <= 3.4.14 - IP Restriction Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in WPMU DEV Branda allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Branda: from n/a through...

5.3CVSS

7AI Score

0.0004EPSS

2024-06-04 12:23 PM
cvelist
cvelist

CVE-2023-51542 WordPress Branda plugin <= 3.4.14 - IP Restriction Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in WPMU DEV Branda allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Branda: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-06-04 12:23 PM
nvd
nvd

CVE-2023-49774

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Photo Album Plus: from n/a through...

5.3CVSS

5.2AI Score

0.0004EPSS

2024-06-04 12:15 PM
cve
cve

CVE-2023-49774

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Photo Album Plus: from n/a through...

5.3CVSS

7AI Score

0.0004EPSS

2024-06-04 12:15 PM
10
githubexploit
githubexploit

Exploit for Authentication Bypass by Spoofing in Telerik Report Server 2024

CVE-2024-4358 An Vulnerability detection and Mass...

9.8CVSS

9.7AI Score

0.938EPSS

2024-06-04 11:32 AM
166
cvelist
cvelist

CVE-2023-49774 WordPress WP Photo Album Plus plugin <= 8.5.02.005 - IP Bypass vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Photo Album Plus: from n/a through...

5.3CVSS

5.2AI Score

0.0004EPSS

2024-06-04 11:23 AM
1
cve
cve

CVE-2023-49741

Authentication Bypass by Spoofing vulnerability in wpdevart Coming soon and Maintenance mode allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coming soon and Maintenance mode: from n/a through...

3.7CVSS

7.2AI Score

0.0004EPSS

2024-06-04 11:15 AM
57
nvd
nvd

CVE-2023-48753

Authentication Bypass by Spoofing vulnerability in 10up Restricted Site Access allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Restricted Site Access: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-06-04 11:15 AM
nvd
nvd

CVE-2023-49741

Authentication Bypass by Spoofing vulnerability in wpdevart Coming soon and Maintenance mode allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coming soon and Maintenance mode: from n/a through...

3.7CVSS

4.3AI Score

0.0004EPSS

2024-06-04 11:15 AM
2
cve
cve

CVE-2023-48753

Authentication Bypass by Spoofing vulnerability in 10up Restricted Site Access allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Restricted Site Access: from n/a through...

5.3CVSS

7.2AI Score

0.0004EPSS

2024-06-04 11:15 AM
45
cve
cve

CVE-2023-48271

Authentication Bypass by Spoofing vulnerability in yonifre Maspik – Spam blacklist allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Maspik – Spam blacklist: from n/a through...

5.3CVSS

7.2AI Score

0.0004EPSS

2024-06-04 11:15 AM
3
nvd
nvd

CVE-2023-48271

Authentication Bypass by Spoofing vulnerability in yonifre Maspik – Spam blacklist allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Maspik – Spam blacklist: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-06-04 11:15 AM
2
vulnrichment
vulnrichment

CVE-2023-49741 WordPress Coming soon and Maintenance mode plugin <= 3.7.3 - IP Filtering Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in wpdevart Coming soon and Maintenance mode allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coming soon and Maintenance mode: from n/a through...

3.7CVSS

7AI Score

0.0004EPSS

2024-06-04 11:05 AM
1
cvelist
cvelist

CVE-2023-49741 WordPress Coming soon and Maintenance mode plugin <= 3.7.3 - IP Filtering Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in wpdevart Coming soon and Maintenance mode allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coming soon and Maintenance mode: from n/a through...

3.7CVSS

4.3AI Score

0.0004EPSS

2024-06-04 11:05 AM
1
vulnrichment
vulnrichment

CVE-2023-48753 WordPress Restricted Site Access plugin <= 7.4.1 - IP Restriction Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in 10up Restricted Site Access allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Restricted Site Access: from n/a through...

5.3CVSS

7AI Score

0.0004EPSS

2024-06-04 11:02 AM
cvelist
cvelist

CVE-2023-48753 WordPress Restricted Site Access plugin <= 7.4.1 - IP Restriction Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in 10up Restricted Site Access allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Restricted Site Access: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-06-04 11:02 AM
2
vulnrichment
vulnrichment

CVE-2023-48271 WordPress Maspik – Spam Blacklist plugin <= 0.10.3 - IP Filtering Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in yonifre Maspik – Spam blacklist allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Maspik – Spam blacklist: from n/a through...

5.3CVSS

7AI Score

0.0004EPSS

2024-06-04 10:19 AM
cvelist
cvelist

CVE-2023-48271 WordPress Maspik – Spam Blacklist plugin <= 0.10.3 - IP Filtering Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in yonifre Maspik – Spam blacklist allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Maspik – Spam blacklist: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-06-04 10:19 AM
nvd
nvd

CVE-2023-47769

Authentication Bypass by Spoofing vulnerability in WP Maintenance allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Maintenance: from n/a through...

3.7CVSS

4.3AI Score

0.0004EPSS

2024-06-04 10:15 AM
cve
cve

CVE-2023-47769

Authentication Bypass by Spoofing vulnerability in WP Maintenance allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Maintenance: from n/a through...

3.7CVSS

7.2AI Score

0.0004EPSS

2024-06-04 10:15 AM
2
cvelist
cvelist

CVE-2023-47769 WordPress WP Maintenance plugin <= 6.1.3 - IP Filtering Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in WP Maintenance allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Maintenance: from n/a through...

3.7CVSS

4.3AI Score

0.0004EPSS

2024-06-04 10:06 AM
1
vulnrichment
vulnrichment

CVE-2023-47769 WordPress WP Maintenance plugin <= 6.1.3 - IP Filtering Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in WP Maintenance allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Maintenance: from n/a through...

3.7CVSS

7AI Score

0.0004EPSS

2024-06-04 10:06 AM
githubexploit
githubexploit

Exploit for Injection in Vm2 Project Vm2

CVE-2023-30547 vm2 is a sandbox that can run untrusted code...

10CVSS

6.8AI Score

0.002EPSS

2024-06-04 10:01 AM
140
osv
osv

BIT-hubble-2023-27594

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which.....

7.3CVSS

6.2AI Score

0.001EPSS

2024-06-04 09:45 AM
1
nvd
nvd

CVE-2023-41134

Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-06-04 08:15 AM
cve
cve

CVE-2023-41134

Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through...

5.3CVSS

7.2AI Score

0.0004EPSS

2024-06-04 08:15 AM
18
cvelist
cvelist

CVE-2023-41134 WordPress Antispam Bee plugin <= 2.11.3 - Country IP Restriction Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-06-04 07:23 AM
vulnrichment
vulnrichment

CVE-2023-41134 WordPress Antispam Bee plugin <= 2.11.3 - Country IP Restriction Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through...

5.3CVSS

7AI Score

0.0004EPSS

2024-06-04 07:23 AM
nvd
nvd

CVE-2023-37865

Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country Blocker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Download IP2Location Country Blocker: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-06-04 07:15 AM
1
cve
cve

CVE-2023-37865

Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country Blocker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Download IP2Location Country Blocker: from n/a through...

5.3CVSS

7.2AI Score

0.0004EPSS

2024-06-04 07:15 AM
16
cvelist
cvelist

CVE-2023-37865 WordPress IP2Location Country Blocker plugin <= 2.29.1 - IP Bypass Vulnerability vulnerability

Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country Blocker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Download IP2Location Country Blocker: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-06-04 07:11 AM
2
vulnrichment
vulnrichment

CVE-2023-37865 WordPress IP2Location Country Blocker plugin <= 2.29.1 - IP Bypass Vulnerability vulnerability

Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country Blocker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Download IP2Location Country Blocker: from n/a through...

5.3CVSS

7AI Score

0.0004EPSS

2024-06-04 07:11 AM
githubexploit

8.6CVSS

6.2AI Score

0.945EPSS

2024-06-04 04:29 AM
96
f5
f5

K000139897: Linux kernel vulnerability CVE-2023-42753

Security Advisory Description An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h-&gt;nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer...

7.8CVSS

6.4AI Score

0.0004EPSS

2024-06-04 12:00 AM
5
githubexploit

8.6CVSS

6.2AI Score

0.945EPSS

2024-06-03 06:17 PM
65
redhatcve
redhatcve

CVE-2024-29415

A flaw was found in node-ip. The fix for CVE-2023-42282 in the ip package for Node.js was incomplete, and the issue may still be triggered using some IP addresses. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product...

9.8CVSS

5.8AI Score

EPSS

2024-06-03 01:32 PM
51
githubexploit

8.6CVSS

8.8AI Score

0.945EPSS

2024-06-03 01:30 PM
76
redhatcve
redhatcve

CVE-2024-36928

In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try to execute a napi...

6.5AI Score

0.0004EPSS

2024-06-03 12:33 PM
2
githubexploit

8.6CVSS

6.1AI Score

0.945EPSS

2024-06-03 12:18 PM
69
redhat
redhat

(RHSA-2024:3550) Important: HawtIO 4.0.0 for Red Hat build of Apache Camel 4 Release and security update.

HawtIO 4.0.0 for Red Hat build of Apache Camel 4 GA Release is now available. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. spring-security: Broken Access Control in...

7.5AI Score

0.001EPSS

2024-06-03 11:50 AM
1
securelist
securelist

IT threat evolution Q1 2024

IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics Targeted attacks Operation Triangulation: the final mystery Last June, we published a series of reports on Operation Triangulation, a previously unknown iOS malware...

7.8CVSS

6AI Score

0.003EPSS

2024-06-03 10:00 AM
6
securelist
securelist

IT threat evolution in Q1 2024. Non-mobile statistics

IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics The statistics presented here are based on detection verdicts by Kaspersky products and services received from users who consented to providing statistical data. Quarterly.....

6.9AI Score

2024-06-03 10:00 AM
5
f5
f5

K000139877: Linux kernel vulnerabilities CVE-2021-47076 and CVE-2021-47080

Security Advisory Description CVE-2021-47076 In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Return CQE error if invalid lkey was supplied RXE is missing update of WQE status in LOCAL_WRITE failures. This caused the following kernel panic if someone sent an atomic...

5.6AI Score

0.0004EPSS

2024-06-03 12:00 AM
5
f5
f5

K000139880: Intel CPU/BIOS vulnerabilities CVE-2023-28402, CVE-2023-27504, and CVE-2023-28383

Security Advisory Description CVE-2023-28402 Improper input validation in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2023-27504 Improper conditions check in some Intel(R) BIOS Guard firmware may allow a...

7.2CVSS

6.5AI Score

0.0004EPSS

2024-06-03 12:00 AM
5
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:1874-1)

The remote host is missing an update for...

7.5CVSS

7.6AI Score

0.005EPSS

2024-06-03 12:00 AM
3
nessus
nessus

RHEL 6 : nasm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. nasm: use-after-free in paste_tokens in asm/preproc.c (CVE-2019-8343) In Netwide Assembler (NASM)...

7.8CVSS

8.3AI Score

0.005EPSS

2024-06-03 12:00 AM
1
nessus
nessus

RHEL 6 : php (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: buffer overflow in handling of long link names in tar phar archives (CVE-2016-2554) php:...

9.8CVSS

6.5AI Score

0.969EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 7 : nasm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. nasm: use-after-free in paste_tokens in asm/preproc.c (CVE-2019-8343) In Netwide Assembler (NASM)...

7.1CVSS

9.1AI Score

0.02EPSS

2024-06-03 12:00 AM
Total number of security vulnerabilities72053