Lucene search

K

DP300,RP200,RSE6500,TE30,TE40,TE50,TE60,TX50,VP9660,ViewPoint 8660,ViewPoint 9030,Viewpoint 8660, Security Vulnerabilities

redhatcve
redhatcve

CVE-2023-52700

In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ... [ 13.396352] RIP: 0010:_copy_from_iter+0xb4/0x550 ... [ 13.398494] Call Trace: [ 13.398630] [ 13.398630] ?...

6.5AI Score

0.0004EPSS

2024-05-23 11:08 AM
1
debiancve
debiancve

CVE-2023-52700

In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ... [ 13.396352] RIP: 0010:_copy_from_iter+0xb4/0x550 ... [ 13.398494] Call Trace: [ 13.398630] [ ...

7AI Score

0.0004EPSS

2024-05-21 04:15 PM
2
cve
cve

CVE-2023-52700

In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ... [ 13.396352] RIP: 0010:_copy_from_iter+0xb4/0x550 ... [ 13.398494] Call Trace: [ 13.398630] [ ...

6.6AI Score

0.0004EPSS

2024-05-21 04:15 PM
24
nvd
nvd

CVE-2023-52700

In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ... [ 13.396352] RIP: 0010:_copy_from_iter+0xb4/0x550 ... [ 13.398494] Call Trace: [ 13.398630] [ ...

6.4AI Score

0.0004EPSS

2024-05-21 04:15 PM
cvelist
cvelist

CVE-2023-52700 tipc: fix kernel warning when sending SYN message

In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ... [ 13.396352] RIP: 0010:_copy_from_iter+0xb4/0x550 ... [ 13.398494] Call Trace: [ 13.398630] [ ...

6.4AI Score

0.0004EPSS

2024-05-21 03:22 PM
ubuntucve
ubuntucve

CVE-2023-52700

In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ... [ 13.396352] RIP: 0010:_copy_from_iter+0xb4/0x550 ... [ 13.398494] Call Trace: [ 13.398630] [ 13.398630] ?...

6.5AI Score

0.0004EPSS

2024-05-21 12:00 AM
2
githubexploit
githubexploit

Exploit for CVE-2024-32709

CVE-2024-32709-Poc WP-Recall – Registration, Profile,...

9.3CVSS

8.7AI Score

0.0004EPSS

2024-05-05 05:21 PM
113
nvd
nvd

CVE-2024-22435

A potential security vulnerability has been identified in Web ViewPoint Enterprise software. This vulnerability could be exploited to allow unauthorized users to access some resources on a NonStop...

8.3CVSS

8.1AI Score

0.0004EPSS

2024-04-15 09:15 AM
cve
cve

CVE-2024-22435

A potential security vulnerability has been identified in Web ViewPoint Enterprise software. This vulnerability could be exploited to allow unauthorized users to access some resources on a NonStop...

8.3CVSS

6.7AI Score

0.0004EPSS

2024-04-15 09:15 AM
29
cvelist
cvelist

CVE-2024-22435 HPE NonStop Web ViewPoint Enterprise software, Unauthorized access

A potential security vulnerability has been identified in Web ViewPoint Enterprise software. This vulnerability could be exploited to allow unauthorized users to access some resources on a NonStop...

8.3CVSS

8.3AI Score

0.0004EPSS

2024-04-15 09:06 AM
2
securelist
securelist

The State of Stalkerware in 2023–2024

The State of Stalkerware in 2023 (PDF) The annual Kaspersky State of Stalkerware report aims to contribute to awareness and a better understanding of how people around the world are impacted by digital stalking. Stalkerware is commercially available software that can be discreetly installed on...

6.8AI Score

2024-03-13 08:00 AM
10
osv
osv

BIT-envoy-2020-8660

CNCF Envoy through 1.13.0 TLS inspector bypass. TLS inspector could have been bypassed (not recognized as a TLS client) by a client using only TLS 1.3. Because TLS extensions (SNI, ALPN) were not inspected, those connections might have been matched to a wrong filter chain, possibly bypassing some.....

5.3CVSS

6.9AI Score

0.001EPSS

2024-03-06 10:59 AM
2
osv
osv

BIT-gitea-2020-14144

The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLE_GIT_HOOKS line....

7.2CVSS

6.2AI Score

0.973EPSS

2024-03-06 10:55 AM
10
openvas
openvas

openSUSE: Security Advisory for syncthing (openSUSE-SU-2023:0126-1)

The remote host is missing an update for...

5.4CVSS

5.5AI Score

0.001EPSS

2024-03-04 12:00 AM
4
wallarmlab
wallarmlab

avro vs protobuf

A Kickoff Discussion on Core Aspects of Avro & Protobuf When deliberating on the subject of data structure encoding, a tandem of tools frequently emerges in technical discussions: Avro and Protobuf. Originating from a vision of precise data compression, the distinguishable features and...

6.9AI Score

2024-02-08 11:19 AM
12
wallarmlab
wallarmlab

Directory Traversal: Examples, Testing, and Prevention

Unveiling the Enigma of Path Navigation: An Exhaustive Exploration and Insight Path Navigation, often referred to as Folder Navigation, symbolizes a kind of security extraction point allowing unauthorized individuals to gain unauthorized access to specific files held within a server's database...

7.8AI Score

2024-02-06 01:47 PM
9
wallarmlab
wallarmlab

Kafka vs RabbitMQ

An Intro to Kafka and RabbitMQ: The Masters of Messaging In the realm of messaging systems, two names stand out: Kafka and RabbitMQ. These two powerhouses have become the go-to solutions for developers and organizations looking to handle high-volume, real-time data processing and messaging. But...

7.2AI Score

2024-01-30 01:58 PM
7
osv
osv

Malicious code in pdf2htmlex3 (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (8653c58975b64b6ccc0d8444ccd52bf0340ee3bba1ff946b68db2acd14dc98ce) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI Score

2023-12-04 04:22 AM
1
wallarmlab
wallarmlab

VULNERABILITY MANAGEMENT

In any strategy aimed at combating cyber threats, the essential peace is the adequate regulation of possible frailties or susceptibility points. This concept embodies a broad spectrum of actions covering the spotting, categorizing, ranking, and rectification of possible risk areas within a digital....

7.8AI Score

2023-11-29 12:13 PM
12
wordfence
wordfence

Wordfence Intelligence Weekly WordPress Vulnerability Report (November 13, 2023 to November 19, 2023)

Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Last week, there were 126 vulnerabilities disclosed in 102 WordPress Plugins and 2 WordPress themes that have been added to the Wordfence...

9.8CVSS

9AI Score

EPSS

2023-11-23 08:29 PM
61
wpvulndb
wpvulndb

Very Simple Google Maps < 2.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Very Simple Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'vsgmap' shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for....

5.4CVSS

5.9AI Score

0.001EPSS

2023-11-23 12:00 AM
5
wpvulndb
wpvulndb

Namaste! LMS < 2.6.1.2 - Reflected Cross-Site Scripting

Description The Namaste! LMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'course_id' parameter in versions up to, and including, 2.6.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS

6.5AI Score

0.001EPSS

2023-11-23 12:00 AM
6
wallarmlab
wallarmlab

What is Quality of Service?

Dominating an imperative role in boosting the so-called 'efficiency quotient' within a networking system is the Quality of Service or QoS. Let's dive in and explore the crucial components that make QoS pivotal. In essence, QoS is a blend of a multitude of methodologies and hi-tech devices,...

7.9AI Score

2023-11-20 11:44 AM
17
nvd
nvd

CVE-2023-4602

The Namaste! LMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'course_id' parameter in versions up to, and including, 2.6.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS

0.001EPSS

2023-11-15 01:15 PM
cve
cve

CVE-2023-4602

The Namaste! LMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'course_id' parameter in versions up to, and including, 2.6.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS

6.2AI Score

0.001EPSS

2023-11-15 01:15 PM
48
prion
prion

Cross site scripting

The Namaste! LMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'course_id' parameter in versions up to, and including, 2.6.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS

6.6AI Score

0.001EPSS

2023-11-15 01:15 PM
7
cvelist
cvelist

CVE-2023-4602

The Namaste! LMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'course_id' parameter in versions up to, and including, 2.6.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS

6.2AI Score

0.001EPSS

2023-11-15 12:44 PM
1
wallarmlab
wallarmlab

XDR vs. SIEM

Enhanced Discovery and Resolution, or more commonly known as XDR, serves as a revolutionary model in cybersecurity. It works by combining multiple security apparatuses into a solitary system, thus uplifting the ability for threat detections and subsequent responses. Unlike the standard...

7.4AI Score

2023-10-29 03:18 PM
18
wallarmlab
wallarmlab

What is XDR ?

Unpacking XDR: Broadened Acknowledgment and Response In the perpetually advancing domain of digital protection, new lingo and philosophies constantly emerge. Among the more recent additions is XDR, an acronym for Extended Detection and Response. This passage will provide a detailed insight into...

7.4AI Score

2023-10-17 03:58 PM
4
qualysblog
qualysblog

The Qualys Security Conference Mumbai: That’s a Wrap!

In recent years, the world of cybersecurity has experienced a dramatic transformation. The threat landscape has erupted, creating a host of complex challenges, with malicious actors continuously upping their game. In this high-stakes environment, the need for robust cloud security platforms...

7.3AI Score

2023-10-09 05:47 PM
13
thn
thn

Threat Report: High Tech Industry targeted the most with 46% of attack traffic tagged by NLX

How To Use This Report Enhance situational awareness of techniques used by threat actors Identify potential attacks targeting your industry Gain insights to help improve and accelerate your organization's threat response Summary of Findings The Network Effect Threat Report offers insights based...

8.5AI Score

2023-09-26 10:32 AM
36
prion
prion

Design/Logic Flaw

Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-23, before 09-66-17, before 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before...

7.5CVSS

7.5AI Score

0.0005EPSS

2023-08-29 02:15 AM
10
mskb
mskb

Description of the security update for SharePoint Enterprise Server 2016: April 11, 2023 (KB5002385)

Description of the security update for SharePoint Enterprise Server 2016: April 11, 2023 (KB5002385) Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerability, see ​​​​Microsoft Common Vulnerabilities and Exposures...

8.1AI Score

0.004EPSS

2023-04-11 07:00 AM
66
nuclei
nuclei

Gitea 1.1.0 - 1.12.5 - Remote Code Execution

Gitea 1.1.0 through 1.12.5 is susceptible to authenticated remote code execution, via the git hook functionality, in customer environments where the documentation is not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the...

7.2CVSS

7.1AI Score

0.973EPSS

2023-03-18 10:07 PM
53
cve
cve

CVE-2020-36652

Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi....

7.1CVSS

6.7AI Score

0.0004EPSS

2023-02-28 03:15 AM
24
nvd
nvd

CVE-2020-36652

Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi....

7.1CVSS

6.4AI Score

0.0004EPSS

2023-02-28 03:15 AM
prion
prion

Design/Logic Flaw

Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi....

7.1CVSS

6.7AI Score

0.0004EPSS

2023-02-28 03:15 AM
4
cvelist
cvelist

CVE-2020-36652 File and Directory Permissions Vulnerability in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center

Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi....

6.6CVSS

6.8AI Score

0.0004EPSS

2023-02-28 02:06 AM
avleonov
avleonov

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It's especially nice that all the code to support the new API was written and contributed.....

10CVSS

7.6AI Score

EPSS

2022-12-30 06:03 PM
224
cve
cve

CVE-2020-36605

Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write....

6.6CVSS

4.6AI Score

0.0004EPSS

2022-11-01 03:15 AM
31
11
cve
cve

CVE-2022-41552

Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Data Center Analytics, Analytics probe components), Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe components) allows Server Side....

9.8CVSS

9.4AI Score

0.002EPSS

2022-11-01 03:15 AM
32
10
nvd
nvd

CVE-2020-36605

Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write....

4.4CVSS

0.0004EPSS

2022-11-01 03:15 AM
1
prion
prion

Design/Logic Flaw

Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write....

4.4CVSS

4.6AI Score

0.0004EPSS

2022-11-01 03:15 AM
9
cvelist
cvelist

CVE-2020-36605 File Permissions Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer, Hitachi Ops Center Viewpoint

Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write....

6.6CVSS

6.3AI Score

0.0004EPSS

2022-11-01 02:07 AM
nuclei
nuclei

WordPress Titan Framework plugin <= 1.12.1 - Cross-Site Scripting

The iframe-font-preview.php file of the titan-framework does not properly escape the font-weight and font-family GET parameters before outputting them back in an href attribute, leading to Reflected Cross-Site Scripting...

6.1CVSS

6.1AI Score

0.002EPSS

2022-10-08 11:03 AM
5
cve
cve

CVE-2017-9030

The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded...

7.5CVSS

7.4AI Score

0.002EPSS

2022-10-03 04:23 PM
29
cvelist
cvelist

CVE-2017-9030

The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded...

7.5AI Score

0.002EPSS

2022-10-03 04:23 PM
1
cvelist
cvelist

CVE-2013-4629

The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video Conference system do not update the Session ID upon successful establishment of a login session, which allows remote authenticated users to hijack sessions via an unspecified interception...

6.4AI Score

0.002EPSS

2022-10-03 04:14 PM
cve
cve

CVE-2013-4629

The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video Conference system do not update the Session ID upon successful establishment of a login session, which allows remote authenticated users to hijack sessions via an unspecified interception...

6.5AI Score

0.002EPSS

2022-10-03 04:14 PM
23
thn
thn

Integrating Live Patching in SecDevOps Workflows

SecDevOps is, just like DevOps, a transformational change that organizations undergo at some point during their lifetime. Just like many other big changes, SecDevOps is commonly adopted after a reality check of some kind: a big damaging cybersecurity incident, for example. A major security breach.....

-0.3AI Score

2022-09-06 08:57 AM
14
Total number of security vulnerabilities1189