Lucene search

K

BIG-IP AFM & PEM Security Vulnerabilities

f5
f5

K000139794: Mozilla NSS vulnerability CVE-2023-5388

Security Advisory Description NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. (CVE-2023-5...

6.7AI Score

0.0004EPSS

2024-05-28 12:00 AM
4
talos
talos

AutomationDirect P3-550E Programming Software Connection FileSystem API out-of-bounds write vulnerabilities

Talos Vulnerability Report TALOS-2024-1938 AutomationDirect P3-550E Programming Software Connection FileSystem API out-of-bounds write vulnerabilities May 28, 2024 CVE Number CVE-2024-24956,CVE-2024-24957,CVE-2024-24959,CVE-2024-24958,CVE-2024-24955,CVE-2024-24954 SUMMARY Several out-of-bounds...

8.2CVSS

7.2AI Score

0.0005EPSS

2024-05-28 12:00 AM
3
talos
talos

AutomationDirect P3-550E Programming Software Connection CurrDir heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-1937 AutomationDirect P3-550E Programming Software Connection CurrDir heap-based buffer overflow vulnerability May 28, 2024 CVE Number CVE-2024-24947,CVE-2024-24946 SUMMARY A heap-based buffer overflow vulnerability exists in the Programming Software...

8.2CVSS

8AI Score

0.0005EPSS

2024-05-28 12:00 AM
3
debiancve
debiancve

CVE-2024-29415

The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for...

9.8CVSS

7.1AI Score

EPSS

2024-05-27 08:15 PM
5
nvd
nvd

CVE-2024-29415

The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for...

9.6AI Score

EPSS

2024-05-27 08:15 PM
1
osv
osv

CVE-2024-29415

The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for...

9.8CVSS

6.9AI Score

EPSS

2024-05-27 08:15 PM
7
cve
cve

CVE-2024-29415

The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for...

6.6AI Score

EPSS

2024-05-27 08:15 PM
58
cvelist
cvelist

CVE-2024-36105 dbt allows Binding to an Unrestricted IP Address via socketsocket

dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. Prior to versions 1.6.15, 1.7.15, and 1.8.1, Binding to INADDR_ANY (0.0.0.0) or IN6ADDR_ANY (::) exposes an application on all network interfaces, increasing.....

5.3CVSS

5.2AI Score

0.0004EPSS

2024-05-27 05:17 PM
1
securelist
securelist

Message board scams

Marketplace fraud is nothing new. Cybercriminals swindle money out of buyers and sellers alike. Lately, we've seen a proliferation of cybergangs operating under the Fraud-as-a-Service model and specializing in tricking users of online marketplaces, in particular, message boards. Criminals are...

6.4AI Score

2024-05-27 01:00 PM
9
redhatcve
redhatcve

CVE-2021-47572

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled (!CONFIG_IPV6) we'll hit a NULL pointer dereference[1] in the error path of nh_create_ipv6() due to...

5.5CVSS

6.2AI Score

0.0004EPSS

2024-05-27 11:31 AM
6
redhatcve
redhatcve

CVE-2021-47564

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix double free issue on err path fix error path handling in prestera_bridge_port_join() that cases prestera driver to crash (see below). Trace: Internal error: Oops: 96000044 [#1] SMP Modules linked in:...

6.5AI Score

0.0004EPSS

2024-05-27 11:30 AM
4
redhatcve
redhatcve

CVE-2021-47546

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6_rule_suppress The kernel leaks memory when a fib rule is present in IPv6 nftables firewall rules and a suppress_prefix rule is present in the IPv6 routing rules (used by certain tools such as...

5.5CVSS

6.7AI Score

0.0004EPSS

2024-05-27 10:33 AM
5
redhatcve
redhatcve

CVE-2021-47558

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Disable Tx queues when reconfiguring the interface The Tx queues were not disabled in situations where the driver needed to stop the interface to apply a new configuration. This could result in a kernel panic when...

6.3AI Score

0.0004EPSS

2024-05-27 09:57 AM
2
redhatcve
redhatcve

CVE-2021-47555

In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the real_dev refcnt Inject error before dev_hold(real_dev) in register_vlan_dev(), and execute the following testcase: ip link add dev dummy1 type dummy ip link add name dummy1.100 link dummy1 type...

6.7AI Score

0.0004EPSS

2024-05-27 09:57 AM
1
veracode
veracode

HTTP Header Spoofing

silverstripe/framework is vulnerable to HTTP header spoofing. The vulnerability is due to trusting all originating IPs to include HTTP headers for Hostname, IP, and Protocol, which results in reverse proxies forwarding requests while retaining the original request...

7AI Score

2024-05-27 05:17 AM
3
f5
f5

K000139793: MacOS vulnerability CVE-2023-41993

Security Advisory Description The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7....

7.1AI Score

0.003EPSS

2024-05-27 12:00 AM
7
openvas
openvas

Fedora: Security Advisory for suricata (FEDORA-2024-aa2fdd75f7)

The remote host is missing an update for...

7.5AI Score

2024-05-27 12:00 AM
openvas
openvas

Fedora: Security Advisory for rust-local_ipaddress (FEDORA-2024-ce2936b568)

The remote host is missing an update for...

7.5AI Score

2024-05-27 12:00 AM
ubuntucve
ubuntucve

CVE-2024-29415

The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2023-42282....

9.8CVSS

6.5AI Score

EPSS

2024-05-27 12:00 AM
9
openvas
openvas

Fedora: Security Advisory for suricata (FEDORA-2024-9cce1f4b49)

The remote host is missing an update for...

7.5AI Score

2024-05-27 12:00 AM
githubexploit

8.8CVSS

7.3AI Score

0.008EPSS

2024-05-26 03:43 PM
139
kitploit
kitploit

Domainim - A Fast And Comprehensive Tool For Organizational Network Scanning

Domainim is a fast domain reconnaissance tool for organizational network scanning. The tool aims to provide a brief overview of an organization's structure using techniques like OSINT, bruteforcing, DNS resolving etc. Features Current features (v1.0.1)- - Subdomain enumeration (2 engines +...

7.8AI Score

2024-05-26 12:30 PM
15
fedora
fedora

[SECURITY] Fedora 40 Update: rust-local_ipaddress-0.1.3-8.fc40

Get your local IP address without...

7.1AI Score

2024-05-26 01:29 AM
1
kitploit
kitploit

JA4+ - Suite Of Network Fingerprinting Standards

JA4+ is a suite of network Fingerprinting methods that are easy to use and easy to share. These methods are both human and machine readable to facilitate more effective threat-hunting and analysis. The use-cases for these fingerprints include scanning for threat actors, malware detection, session.....

7AI Score

2024-05-25 12:30 PM
10
f5
f5

K000139525: Libexpat vulnerability CVE-2022-43680

Security Advisory Description In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. (CVE-2022-43680) Impact System performance degradation can occur until the process is forced to restart.....

6.7AI Score

0.004EPSS

2024-05-25 12:00 AM
19
osv
osv

BIT-hubble-relay-2023-27594

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which.....

7.3CVSS

6.7AI Score

0.001EPSS

2024-05-24 07:23 PM
2
cve
cve

CVE-2024-35340

Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the cmdinput parameter at...

7.9AI Score

EPSS

2024-05-24 03:15 PM
26
nvd
nvd

CVE-2024-35340

Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the cmdinput parameter at...

7.6AI Score

EPSS

2024-05-24 03:15 PM
nvd
nvd

CVE-2024-35339

Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the mac parameter at...

7.6AI Score

EPSS

2024-05-24 03:15 PM
cve
cve

CVE-2024-35339

Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the mac parameter at...

7.9AI Score

EPSS

2024-05-24 03:15 PM
23
cve
cve

CVE-2021-47572

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled (!CONFIG_IPV6) we'll hit a NULL pointer dereference[1] in the error path of nh_create_ipv6() due to...

5.5CVSS

6.3AI Score

0.0004EPSS

2024-05-24 03:15 PM
25
nvd
nvd

CVE-2021-47572

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled (!CONFIG_IPV6) we'll hit a NULL pointer dereference[1] in the error path of nh_create_ipv6() due to...

5.5CVSS

6.1AI Score

0.0004EPSS

2024-05-24 03:15 PM
debiancve
debiancve

CVE-2021-47572

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled (!CONFIG_IPV6) we'll hit a NULL pointer dereference[1] in the error path of nh_create_ipv6() due to...

5.5CVSS

6.3AI Score

0.0004EPSS

2024-05-24 03:15 PM
8
cve
cve

CVE-2021-47564

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix double free issue on err path fix error path handling in prestera_bridge_port_join() that cases prestera driver to crash (see below). Trace: Internal error: Oops: 96000044 [#1] SMP Modules linked...

6.7AI Score

0.0004EPSS

2024-05-24 03:15 PM
25
debiancve
debiancve

CVE-2021-47564

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix double free issue on err path fix error path handling in prestera_bridge_port_join() that cases prestera driver to crash (see below). Trace: Internal error: Oops: 96000044 [#1] SMP Modules...

6.7AI Score

0.0004EPSS

2024-05-24 03:15 PM
2
nvd
nvd

CVE-2021-47564

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix double free issue on err path fix error path handling in prestera_bridge_port_join() that cases prestera driver to crash (see below). Trace: Internal error: Oops: 96000044 [#1] SMP Modules linked...

6.5AI Score

0.0004EPSS

2024-05-24 03:15 PM
nvd
nvd

CVE-2021-47555

In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the real_dev refcnt Inject error before dev_hold(real_dev) in register_vlan_dev(), and execute the following testcase: ip link add dev dummy1 type dummy ip link add name dummy1.100 link dummy1 type...

6.6AI Score

0.0004EPSS

2024-05-24 03:15 PM
debiancve
debiancve

CVE-2021-47558

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Disable Tx queues when reconfiguring the interface The Tx queues were not disabled in situations where the driver needed to stop the interface to apply a new configuration. This could result in a kernel panic when...

6.4AI Score

0.0004EPSS

2024-05-24 03:15 PM
1
cve
cve

CVE-2021-47555

In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the real_dev refcnt Inject error before dev_hold(real_dev) in register_vlan_dev(), and execute the following testcase: ip link add dev dummy1 type dummy ip link add name dummy1.100 link dummy1 type...

6.8AI Score

0.0004EPSS

2024-05-24 03:15 PM
24
debiancve
debiancve

CVE-2021-47555

In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the real_dev refcnt Inject error before dev_hold(real_dev) in register_vlan_dev(), and execute the following testcase: ip link add dev dummy1 type dummy ip link add name dummy1.100 link dummy1 type...

6.8AI Score

0.0004EPSS

2024-05-24 03:15 PM
2
nvd
nvd

CVE-2021-47558

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Disable Tx queues when reconfiguring the interface The Tx queues were not disabled in situations where the driver needed to stop the interface to apply a new configuration. This could result in a kernel panic when...

6.3AI Score

0.0004EPSS

2024-05-24 03:15 PM
cve
cve

CVE-2021-47558

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Disable Tx queues when reconfiguring the interface The Tx queues were not disabled in situations where the driver needed to stop the interface to apply a new configuration. This could result in a kernel panic when...

6.5AI Score

0.0004EPSS

2024-05-24 03:15 PM
24
cve
cve

CVE-2021-47546

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6_rule_suppress The kernel leaks memory when a fib rule is present in IPv6 nftables firewall rules and a suppress_prefix rule is present in the IPv6 routing rules (used by certain tools such as...

5.5CVSS

6.8AI Score

0.0004EPSS

2024-05-24 03:15 PM
25
nvd
nvd

CVE-2021-47546

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6_rule_suppress The kernel leaks memory when a fib rule is present in IPv6 nftables firewall rules and a suppress_prefix rule is present in the IPv6 routing rules (used by certain tools such as...

5.5CVSS

6.6AI Score

0.0004EPSS

2024-05-24 03:15 PM
debiancve
debiancve

CVE-2021-47546

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6_rule_suppress The kernel leaks memory when a fib rule is present in IPv6 nftables firewall rules and a suppress_prefix rule is present in the IPv6 routing rules (used by certain tools such as...

5.5CVSS

6.8AI Score

0.0004EPSS

2024-05-24 03:15 PM
3
cvelist
cvelist

CVE-2021-47572 net: nexthop: fix null pointer dereference when IPv6 is not enabled

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled (!CONFIG_IPV6) we'll hit a NULL pointer dereference[1] in the error path of nh_create_ipv6() due to...

6.1AI Score

0.0004EPSS

2024-05-24 03:12 PM
cvelist
cvelist

CVE-2021-47564 net: marvell: prestera: fix double free issue on err path

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix double free issue on err path fix error path handling in prestera_bridge_port_join() that cases prestera driver to crash (see below). Trace: Internal error: Oops: 96000044 [#1] SMP Modules linked...

6.4AI Score

0.0004EPSS

2024-05-24 03:12 PM
vulnrichment
vulnrichment

CVE-2021-47564 net: marvell: prestera: fix double free issue on err path

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix double free issue on err path fix error path handling in prestera_bridge_port_join() that cases prestera driver to crash (see below). Trace: Internal error: Oops: 96000044 [#1] SMP Modules linked...

6.8AI Score

0.0004EPSS

2024-05-24 03:12 PM
vulnrichment
vulnrichment

CVE-2021-47558 net: stmmac: Disable Tx queues when reconfiguring the interface

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Disable Tx queues when reconfiguring the interface The Tx queues were not disabled in situations where the driver needed to stop the interface to apply a new configuration. This could result in a kernel panic when...

6.7AI Score

0.0004EPSS

2024-05-24 03:09 PM
cvelist
cvelist

CVE-2021-47558 net: stmmac: Disable Tx queues when reconfiguring the interface

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Disable Tx queues when reconfiguring the interface The Tx queues were not disabled in situations where the driver needed to stop the interface to apply a new configuration. This could result in a kernel panic when...

6.2AI Score

0.0004EPSS

2024-05-24 03:09 PM
Total number of security vulnerabilities70355