Lucene search

K

BIG-IP AFM & PEM Security Vulnerabilities

nvd
nvd

CVE-2024-27415

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skbs referencing the same nf_conn entry, which will happen for multicast (broadcast) frames on bridges......

7.7AI Score

0.0004EPSS

2024-05-17 12:15 PM
githubexploit
githubexploit

Exploit for OS Command Injection in Fortinet Fortisiem

CVE-2023-34992: Fortinet FortiSIEM Unauthenticated Command...

9.8CVSS

8AI Score

0.001EPSS

2024-05-17 12:07 PM
49
cvelist
cvelist

CVE-2024-27415 netfilter: bridge: confirm multicast packets before passing them up the stack

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skbs referencing the same nf_conn entry, which will happen for multicast (broadcast) frames on bridges......

6.5AI Score

0.0004EPSS

2024-05-17 11:51 AM
schneier
schneier

FBI Seizes BreachForums Website

The FBI has seized the BreachForums website, used by ransomware criminals to leak stolen corporate data. If law enforcement has gained access to the hacking forum's backend data, as they claim, they would have email addresses, IP addresses, and private messages that could expose members and be...

6.9AI Score

2024-05-17 11:09 AM
7
cve
cve

CVE-2024-32827

Authentication Bypass by Spoofing vulnerability in RafflePress Giveaways and Contests allows Functionality Bypass.This issue affects Giveaways and Contests: from n/a through...

5.3CVSS

6.8AI Score

0.0004EPSS

2024-05-17 10:15 AM
39
nvd
nvd

CVE-2024-32827

Authentication Bypass by Spoofing vulnerability in RafflePress Giveaways and Contests allows Functionality Bypass.This issue affects Giveaways and Contests: from n/a through...

5.3CVSS

5.4AI Score

0.0004EPSS

2024-05-17 10:15 AM
nvd
nvd

CVE-2024-32786

Authentication Bypass by Spoofing vulnerability in WP Royal Royal Elementor Addons allows Functionality Bypass.This issue affects Royal Elementor Addons: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-05-17 10:15 AM
cve
cve

CVE-2024-32786

Authentication Bypass by Spoofing vulnerability in WP Royal Royal Elementor Addons allows Functionality Bypass.This issue affects Royal Elementor Addons: from n/a through...

5.3CVSS

6.8AI Score

0.0004EPSS

2024-05-17 10:15 AM
36
nvd
nvd

CVE-2024-32708

Authentication Bypass by Spoofing vulnerability in helderk Maintenance Mode allows Functionality Bypass.This issue affects Maintenance Mode: from n/a through...

3.7CVSS

4.3AI Score

0.0004EPSS

2024-05-17 10:15 AM
cve
cve

CVE-2024-32708

Authentication Bypass by Spoofing vulnerability in helderk Maintenance Mode allows Functionality Bypass.This issue affects Maintenance Mode: from n/a through...

3.7CVSS

6.8AI Score

0.0004EPSS

2024-05-17 10:15 AM
37
cvelist
cvelist

CVE-2024-32827 WordPress Giveaways and Contests by RafflePress plugin <= 1.12.7 - IP Restriction Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in RafflePress Giveaways and Contests allows Functionality Bypass.This issue affects Giveaways and Contests: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-05-17 09:39 AM
vulnrichment
vulnrichment

CVE-2024-32827 WordPress Giveaways and Contests by RafflePress plugin <= 1.12.7 - IP Restriction Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in RafflePress Giveaways and Contests allows Functionality Bypass.This issue affects Giveaways and Contests: from n/a through...

5.3CVSS

7AI Score

0.0004EPSS

2024-05-17 09:39 AM
cvelist
cvelist

CVE-2024-32786 WordPress Royal Elementor Addons and Templates plugin <= 1.3.93 - IP Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in WP Royal Royal Elementor Addons allows Functionality Bypass.This issue affects Royal Elementor Addons: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-05-17 09:38 AM
vulnrichment
vulnrichment

CVE-2024-32786 WordPress Royal Elementor Addons and Templates plugin <= 1.3.93 - IP Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in WP Royal Royal Elementor Addons allows Functionality Bypass.This issue affects Royal Elementor Addons: from n/a through...

5.3CVSS

6.9AI Score

0.0004EPSS

2024-05-17 09:38 AM
vulnrichment
vulnrichment

CVE-2024-32708 WordPress Maintenance Mode plugin <= 3.0.1 - IP Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in helderk Maintenance Mode allows Functionality Bypass.This issue affects Maintenance Mode: from n/a through...

3.7CVSS

7AI Score

0.0004EPSS

2024-05-17 09:37 AM
cvelist
cvelist

CVE-2024-32708 WordPress Maintenance Mode plugin <= 3.0.1 - IP Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in helderk Maintenance Mode allows Functionality Bypass.This issue affects Maintenance Mode: from n/a through...

3.7CVSS

4.3AI Score

0.0004EPSS

2024-05-17 09:37 AM
cve
cve

CVE-2024-33917

Authentication Bypass by Spoofing vulnerability in webtechideas WTI Like Post allows Functionality Bypass.This issue affects WTI Like Post: from n/a through...

5.3CVSS

6.8AI Score

0.0004EPSS

2024-05-17 09:15 AM
26
nvd
nvd

CVE-2024-33917

Authentication Bypass by Spoofing vulnerability in webtechideas WTI Like Post allows Functionality Bypass.This issue affects WTI Like Post: from n/a through...

5.3CVSS

5.8AI Score

0.0004EPSS

2024-05-17 09:15 AM
cve
cve

CVE-2024-30522

Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through...

5.3CVSS

6.8AI Score

0.0004EPSS

2024-05-17 09:15 AM
30
nvd
nvd

CVE-2024-30522

Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-05-17 09:15 AM
1
nvd
nvd

CVE-2024-30479

Authentication Bypass by Spoofing vulnerability in LionScripts IP Blocker Lite allows Functionality Bypass.This issue affects IP Blocker Lite: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-05-17 09:15 AM
cve
cve

CVE-2024-30480

Authentication Bypass by Spoofing vulnerability in Pippin Williamson CGC Maintenance Mode allows Functionality Bypass.This issue affects CGC Maintenance Mode: from n/a through...

3.7CVSS

6.8AI Score

0.0004EPSS

2024-05-17 09:15 AM
36
nvd
nvd

CVE-2024-30480

Authentication Bypass by Spoofing vulnerability in Pippin Williamson CGC Maintenance Mode allows Functionality Bypass.This issue affects CGC Maintenance Mode: from n/a through...

3.7CVSS

4.3AI Score

0.0004EPSS

2024-05-17 09:15 AM
cve
cve

CVE-2024-30479

Authentication Bypass by Spoofing vulnerability in LionScripts IP Blocker Lite allows Functionality Bypass.This issue affects IP Blocker Lite: from n/a through...

5.3CVSS

6.8AI Score

0.0004EPSS

2024-05-17 09:15 AM
31
nvd
nvd

CVE-2024-25906

Authentication Bypass by Spoofing vulnerability in WP Happy Coders Comments Like Dislike allows Functionality Bypass.This issue affects Comments Like Dislike: from n/a through...

4.3CVSS

4.7AI Score

0.0004EPSS

2024-05-17 09:15 AM
cve
cve

CVE-2024-25906

Authentication Bypass by Spoofing vulnerability in WP Happy Coders Comments Like Dislike allows Functionality Bypass.This issue affects Comments Like Dislike: from n/a through...

4.3CVSS

6.8AI Score

0.0004EPSS

2024-05-17 09:15 AM
24
nvd
nvd

CVE-2024-25595

Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows Functionality Bypass.This issue affects Defender Security: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-05-17 09:15 AM
cve
cve

CVE-2024-25595

Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows Functionality Bypass.This issue affects Defender Security: from n/a through...

5.3CVSS

5.4AI Score

0.0004EPSS

2024-05-17 09:15 AM
28
nvd
nvd

CVE-2024-21746

Authentication Bypass by Spoofing vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-05-17 09:15 AM
cve
cve

CVE-2024-21746

Authentication Bypass by Spoofing vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through...

5.3CVSS

6.8AI Score

0.0004EPSS

2024-05-17 09:15 AM
31
cvelist
cvelist

CVE-2024-21746 WordPress Wp Ultimate Review plugin <= 2.3.2 - IP limit Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-05-17 08:46 AM
vulnrichment
vulnrichment

CVE-2024-21746 WordPress Wp Ultimate Review plugin <= 2.3.2 - IP limit Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through...

5.3CVSS

7AI Score

0.0004EPSS

2024-05-17 08:46 AM
cvelist
cvelist

CVE-2024-25595 WordPress Defender Security plugin <= 4.4.1 - IP Restriction Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows Functionality Bypass.This issue affects Defender Security: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-05-17 08:23 AM
cvelist
cvelist

CVE-2024-25906 WordPress Comments Like Dislike plugin <= 1.2.2 - IP Restriction Bypass Vulnerability vulnerability

Authentication Bypass by Spoofing vulnerability in WP Happy Coders Comments Like Dislike allows Functionality Bypass.This issue affects Comments Like Dislike: from n/a through...

4.3CVSS

4.7AI Score

0.0004EPSS

2024-05-17 08:22 AM
cvelist
cvelist

CVE-2024-30479 WordPress LionScripts: IP Blocker Lite plugin <= 11.1.1 - Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in LionScripts IP Blocker Lite allows Functionality Bypass.This issue affects IP Blocker Lite: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-05-17 08:22 AM
vulnrichment
vulnrichment

CVE-2024-30479 WordPress LionScripts: IP Blocker Lite plugin <= 11.1.1 - Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in LionScripts IP Blocker Lite allows Functionality Bypass.This issue affects IP Blocker Lite: from n/a through...

5.3CVSS

7AI Score

0.0004EPSS

2024-05-17 08:22 AM
vulnrichment
vulnrichment

CVE-2024-30480 WordPress CGC Maintenance Mode plugin <= 1.2 - IP Filtering Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Pippin Williamson CGC Maintenance Mode allows Functionality Bypass.This issue affects CGC Maintenance Mode: from n/a through...

3.7CVSS

7AI Score

0.0004EPSS

2024-05-17 08:21 AM
cvelist
cvelist

CVE-2024-30480 WordPress CGC Maintenance Mode plugin <= 1.2 - IP Filtering Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Pippin Williamson CGC Maintenance Mode allows Functionality Bypass.This issue affects CGC Maintenance Mode: from n/a through...

3.7CVSS

4.3AI Score

0.0004EPSS

2024-05-17 08:21 AM
cvelist
cvelist

CVE-2024-30522 WordPress Newsletter plugin <= 8.2.0 - IP Blacklist Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-05-17 08:21 AM
vulnrichment
vulnrichment

CVE-2024-30522 WordPress Newsletter plugin <= 8.2.0 - IP Blacklist Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter allows Functionality Bypass.This issue affects Newsletter: from n/a through...

5.3CVSS

7AI Score

0.0004EPSS

2024-05-17 08:21 AM
cvelist
cvelist

CVE-2024-33917 WordPress WTI Like Post plugin <= 1.4.6 - IP Restriction Bypass Vulnerability vulnerability

Authentication Bypass by Spoofing vulnerability in webtechideas WTI Like Post allows Functionality Bypass.This issue affects WTI Like Post: from n/a through...

5.3CVSS

5.8AI Score

0.0004EPSS

2024-05-17 08:13 AM
vulnrichment
vulnrichment

CVE-2024-33917 WordPress WTI Like Post plugin <= 1.4.6 - IP Restriction Bypass Vulnerability vulnerability

Authentication Bypass by Spoofing vulnerability in webtechideas WTI Like Post allows Functionality Bypass.This issue affects WTI Like Post: from n/a through...

5.3CVSS

7AI Score

0.0004EPSS

2024-05-17 08:13 AM
1
ubuntucve
ubuntucve

CVE-2024-27415

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nf_confirm logic cannot handle cloned skbs referencing the same nf_conn entry, which will happen for multicast (broadcast) frames on bridges......

6.5AI Score

0.0004EPSS

2024-05-17 12:00 AM
5
f5
f5

K000139668: MySQL Server vulnerabilities CVE-2024-21000 and CVE-2024-21008

Security Advisory Description CVE-2024-21000 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with...

4.5AI Score

0.0004EPSS

2024-05-17 12:00 AM
9
f5
f5

K000139667: MySQL vulnerability CVE-2024-21056

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...

4.7AI Score

0.0004EPSS

2024-05-17 12:00 AM
6
nessus
nessus

GitLab 13.4 < 13.5.6 / 13.6.0 < 13.6.4 / 13.7.0 < 13.7.2 (CVE-2021-22169)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: An issue was identified in GitLab EE 13.4 or later which leaked internal IP address via error messages. (CVE-2021-22169) Note that Nessus has not tested for this issue but has instead relied only...

4.3CVSS

7.1AI Score

0.001EPSS

2024-05-17 12:00 AM
1
nessus
nessus

F5 Networks BIG-IP : libxml2 vulnerability (K000139641)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000139641 advisory. In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and...

6.5CVSS

6.6AI Score

0.001EPSS

2024-05-17 12:00 AM
3
f5
f5

K000139641: libxml2 vulnerability CVE-2023-28484

Security Advisory Description In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. (CVE-2023-28484) Impact This vulnerability allows a remote, authenticated...

6.3AI Score

0.001EPSS

2024-05-17 12:00 AM
11
wordfence
wordfence

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 6, 2024 to May 12, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 184 vulnerabilities disclosed in 146...

10CVSS

9.5AI Score

EPSS

2024-05-16 01:04 PM
21
ics
ics

Siemens RUGGEDCOM APE1808

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

7.5CVSS

8AI Score

0.0004EPSS

2024-05-16 12:00 PM
7
Total number of security vulnerabilities70354