In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio events for notifying user space when ADC...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio events for notifying user space when ADC readings.....
7.4AI Score
0.0004EPSS
CVE-2023-52627 iio: adc: ad7091r: Allow users to configure device events
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio events for notifying user space when ADC readings.....
6.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio events for notifying user space when ADC readings.....
7.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug was introduced as...
7.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug was introduced as...
7.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug was introduced as...
7.7AI Score
0.0004EPSS
CVE-2021-47172 iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug was introduced as...
7.2AI Score
0.0004EPSS
Fedora: Security Advisory for libreswan (FEDORA-2024-92f0c71a01)
The remote host is missing an update for...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug was introduced as...
7AI Score
0.0004EPSS
Fedora: Security Advisory for libreswan (FEDORA-2024-1439ec2069)
The remote host is missing an update for...
6.7AI Score
0.0004EPSS
Fedora: Security Advisory for libreswan (FEDORA-2024-312a5ed3d5)
The remote host is missing an update for...
6.7AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: libreswan-4.14-1.fc40
Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...
7.2AI Score
0.0004EPSS
openSUSE 15 Security Update : jsch-agent-proxy (SUSE-SU-2024:0974-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:0974-1 advisory. The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity...
7.2AI Score
openSUSE 15 Security Update : jbcrypt, trilead-ssh2 (SUSE-SU-2024:0972-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:0972-1 advisory. The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity...
7.2AI Score
Implementing Zero Trust Controls for Compliance
The ThreatLocker® Zero Trust Endpoint Protection Platform implements a strict deny-by-default, allow-by-exception security posture to give organizations the ability to set policy-based controls within their environment and mitigate countless cyber threats, including zero-days, unseen network...
7.1AI Score
7.3AI Score
WooCommerce Clover Payment Gateway < 1.3.2 - Missing Authorization via callback_handler
Description The WooCommerce Clover Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the callback_handler function in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to mark...
6.4AI Score
0.0004EPSS
SQL Injection vulnerability in Netcome NS-ASG Application Security Gateway v.6.3.1 allows a local attacker to execute arbitrary code and obtain sensitive information via a crafted script to the loginid parameter of the /singlelogin.php...
8.5AI Score
0.0004EPSS
Missing Authorization vulnerability in Peach Payments Peach Payments Gateway.This issue affects Peach Payments Gateway: from n/a through...
6.6AI Score
0.0004EPSS
New details on TinyTurla’s post-compromise activity reveal full kill chain
Cisco Talos is providing an update on its two recent reports on a new and ongoing campaign where Turla, a Russian espionage group, deployed their TinyTurla-NG (TTNG) implant. We now have new information on the entire kill chain this actor uses, including the tactics, techniques and procedures...
7.6AI Score
Why Browser Security Matters More Than You Think
By Uzair Amir Your web browser serves as the gateway to the internet, but it also acts as a potential entry point for cybercriminals to access your computer and smartphone. This is a post from HackRead.com Read the original post: Why Browser Security Matters More Than You...
7.3AI Score
The Kerlink firewall in ChirpStack chirpstack-mqtt-forwarder before 4.2.1 and chirpstack-gateway-bridge before 4.0.11 wrongly accepts certain TCP packets when a connection is not in the ESTABLISHED...
7.4AI Score
0.0004EPSS
The Kerlink firewall in ChirpStack chirpstack-mqtt-forwarder before 4.2.1 and chirpstack-gateway-bridge before 4.0.11 wrongly accepts certain TCP packets when a connection is not in the ESTABLISHED...
6.9AI Score
0.0004EPSS
[SECURITY] Fedora 38 Update: libreswan-4.14-1.fc38
Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...
7.5AI Score
0.0004EPSS
[SECURITY] Fedora 39 Update: libreswan-4.14-1.fc39
Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the...
7.5AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1475)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
EulerOS Virtualization 2.9.0 : libssh2 (EulerOS-SA-2024-1470)
According to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
7.4AI Score
EulerOS Virtualization 2.9.1 : openssh (EulerOS-SA-2024-1460)
According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
8AI Score
The Kerlink firewall in ChirpStack chirpstack-mqtt-forwarder before 4.2.1 and chirpstack-gateway-bridge before 4.0.11 wrongly accepts certain TCP packets when a connection is not in the ESTABLISHED...
6.5AI Score
0.0004EPSS
EulerOS Virtualization 2.9.1 : libssh2 (EulerOS-SA-2024-1455)
According to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
7.8AI Score
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2024-1469)
The remote host is missing an update for the Huawei...
6.6AI Score
0.962EPSS
EulerOS Virtualization 2.9.0 : libssh (EulerOS-SA-2024-1469)
According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
7.4AI Score
EulerOS Virtualization 2.9.1 : libssh (EulerOS-SA-2024-1454)
According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
7.4AI Score
SQL Injection vulnerability in Netcome NS-ASG Application Security Gateway v.6.3.1 allows a local attacker to execute arbitrary code and obtain sensitive information via a crafted script to the loginid parameter of the /singlelogin.php...
8.1AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2024-1455)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2024-1470)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1460)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2024-1454)
The remote host is missing an update for the Huawei...
6.6AI Score
0.962EPSS
EulerOS Virtualization 2.9.0 : openssh (EulerOS-SA-2024-1475)
According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
8AI Score
Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP address range and gateway, to be defined. This feature is....
7AI Score
0.0004EPSS
Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP address range and gateway, to be defined. This feature is....
5.9CVSS
6.9AI Score
0.0004EPSS
Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP address range and gateway, to be defined. This feature is....
6.6AI Score
0.0004EPSS
CVE-2024-29018 External DNS requests from 'internal' networks could lead to data exfiltration
Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP address range and gateway, to be defined. This feature is....
6AI Score
0.0004EPSS
Moby's external DNS requests from 'internal' networks could lead to data exfiltration
Moby is an open source container framework originally developed by Docker Inc. as Docker. It is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. As a batteries-included container runtime, Moby comes with a built-in networking...
6.6AI Score
0.0004EPSS
Moby's external DNS requests from 'internal' networks could lead to data exfiltration
Moby is an open source container framework originally developed by Docker Inc. as Docker. It is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. As a batteries-included container runtime, Moby comes with a built-in networking...
7AI Score
0.0004EPSS
Dissecting a complex vulnerability and achieving arbitrary code execution in Ichitaro Word
Cisco Talos disclosed several vulnerabilities in JustSystems' Ichitaro Word Processor last year. These vulnerabilities were complex and were discovered through extensive reverse engineering. CVE-2023-35126 and its peers (CVE-2023-34366, CVE-2023-38127, and CVE-2023-38128) were each assessed as...
7.8CVSS
6.9AI Score
0.004EPSS
A vulnerability has been found in Netentsec NS-ASG Application Security Gateway 6.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /protocol/iscdevicestatus/deleteonlineuser.php. The manipulation of the argument messagecontent leads to sql...
6.3CVSS
7.7AI Score
0.0004EPSS
CVE-2024-2649 Netentsec NS-ASG Application Security Gateway deleteonlineuser.php sql injection
A vulnerability has been found in Netentsec NS-ASG Application Security Gateway 6.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /protocol/iscdevicestatus/deleteonlineuser.php. The manipulation of the argument messagecontent leads to sql...
6.8AI Score
0.0004EPSS
A vulnerability, which was classified as critical, has been found in Netentsec NS-ASG Application Security Gateway 6.3. This issue affects some unknown processing of the file /admin/singlelogin.php. The manipulation of the argument loginId leads to sql injection. The attack may be initiated...
7.3CVSS
7.7AI Score
0.0004EPSS