WP Chat App < 3.6.5 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admins to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed. PoC 1. Navigate to...
5.2AI Score
EPSS
Zyxel NAS Multiple Vulnerabilities (Jun 2024) - Active Check
Multiple Zyxel NAS devices are prone to multiple ...
9.8CVSS
8.2AI Score
0.937EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : libvpx vulnerability (USN-6814-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6814-1 advisory. Xiantong Hou discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx...
8AI Score
0.0004EPSS
Summary The updates indicated below have been released to address CVE-2024-22326 (Deny unauthenticated-bind LDAP connection request). Vulnerability Details ** CVEID: CVE-2024-22326 DESCRIPTION: **IBM System Storage DS8000 could allow a remote user to create an LDAP connection with a valid...
5CVSS
5.6AI Score
0.0004EPSS
[slackware-security] Slackware 15.0 kernel
New kernel packages are available for Slackware 15.0 to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/linux-5.15.160/*: Upgraded. These updates fix various bugs and security issues. Be sure to upgrade your initrd after upgrading the kernel...
8CVSS
7.9AI Score
EPSS
Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC
Summary An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. Details The OpenTelemetry Collector handles compressed HTTP requests by recognizing the Content-Encoding header, rewriting the HTTP request body, and allowing...
8.2CVSS
8.3AI Score
0.001EPSS
Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC
Summary An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. Details The OpenTelemetry Collector handles compressed HTTP requests by recognizing the Content-Encoding header, rewriting the HTTP request body, and allowing...
8.2CVSS
8.3AI Score
0.001EPSS
Cache Flooding in TYPO3 Frontend
Links with a valid cHash argument lead to newly generated page cache entries. Because the cHash is not bound to a specific page, attackers could use valid cHash arguments for multiple pages, leading to additional useless page cache entries. Depending on the number of pages in the system and the...
7AI Score
Cache Flooding in TYPO3 Frontend
Links with a valid cHash argument lead to newly generated page cache entries. Because the cHash is not bound to a specific page, attackers could use valid cHash arguments for multiple pages, leading to additional useless page cache entries. Depending on the number of pages in the system and the...
7AI Score
The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects...
5.5CVSS
5.3AI Score
0.0004EPSS
The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects...
5.5CVSS
6.1AI Score
0.0004EPSS
The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4...
9.8CVSS
6.3AI Score
0.001EPSS
The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects...
5.5CVSS
6.6AI Score
0.0004EPSS
The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4...
9.8CVSS
6.8AI Score
0.001EPSS
The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4...
9.8CVSS
9.5AI Score
0.001EPSS
CVE-2024-24789 Mishandling of corrupt central directory record in archive/zip
The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects...
6.2AI Score
0.0004EPSS
CVE-2024-24789 Mishandling of corrupt central directory record in archive/zip
The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects...
6.2AI Score
0.0004EPSS
CVE-2024-24790 Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip
The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4...
6.4AI Score
0.001EPSS
Sensitive Information leak via Log File in Kubernetes in k8s.io/kubernetes
Sensitive Information leak via Log File in Kubernetes in...
5.5CVSS
5.3AI Score
0.0005EPSS
Financial sextortion scams on the rise
“Hey there!” messaged Savannah, someone 16-year-old Charlie had never met before, but looked cute in her profile picture. She had long blonde hair, blue eyes, and an adorable smile, so he decided to DM with her on Instagram. Soon their flirty exchanges grew heated, and Savannah was sending Charlie....
6.8AI Score
X-Recon - A Utility For Detecting Webpage Inputs And Conducting XSS Scans
A utility for identifying web page inputs and conducting XSS scanning. Features: Subdomain Discovery: Retrieves relevant subdomains for the target website and consolidates them into a whitelist. These subdomains can be utilized during the scraping process. Site-wide Link Discovery: Collects...
6.3AI Score
Unpacking 2024's SaaS Threat Predictions
Early in 2024, Wing Security released its State of SaaS Security report, offering surprising insights into emerging threats and best practices in the SaaS domain. Now, halfway through the year, several SaaS threat predictions from the report have already proven accurate. Fortunately, SaaS Security....
7.5AI Score
Zyxel Releases Patches for Firmware Vulnerabilities in EoL NAS Models
Zyxel has released security updates to address critical flaws impacting two of its network-attached storage (NAS) devices that have currently reached end-of-life (EoL) status. Successful exploitation of three of the five vulnerabilities could permit an unauthenticated attacker to execute operating....
9.8CVSS
10AI Score
0.937EPSS
statamic/cms is vulnerable to Cleartext Password Storage. This vulnerability is due to the insecure handling of password confirmation data, which affects users registered via the user:register_form tag and using file-based user accounts. The vulnerability allows an attacker, who gains access to...
1.8CVSS
3.8AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: qt5-qtwebsockets-5.15.14-1.fc40
The QtWebSockets module implements the WebSocket protocol as specified in R FC 6455. It solely depends on Qt (no external...
6.5AI Score
0.0004EPSS
6.5AI Score
0.0004EPSS
Exploit for Authentication Bypass by Spoofing in Telerik Report Server 2024
CVE-2024-4358_Mass_Exploit Modified tools from @sinsinology...
9.8CVSS
9.7AI Score
0.938EPSS
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : BlueZ vulnerabilities (USN-6809-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6809-1 advisory. It was discovered that BlueZ could be made to dereference invalid memory. An attacker could possibly use this...
5.7CVSS
10AI Score
0.001EPSS
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : Atril vulnerability (USN-6808-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6808-1 advisory. It was discovered that Atril was vulnerable to a path traversal attack. An attacker could possibly use this...
8.5CVSS
7AI Score
0.005EPSS
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) kernel: Information disclosure in vhost/vhost.c:vhost_new_msg() (CVE-2024-0340) kernel:...
7.8CVSS
6.3AI Score
0.001EPSS
RHEL 8 : kernel-rt (RHSA-2024:3627)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3627 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...
7.8CVSS
8.5AI Score
0.001EPSS
Moderate: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) kernel: Information disclosure in...
7.8CVSS
7AI Score
0.001EPSS
The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects...
5.5CVSS
6.5AI Score
0.0004EPSS
RHEL 9 : kernel (RHSA-2024:3619)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3619 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: ipv6: sr: fix possible...
7.9AI Score
0.0004EPSS
The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4...
9.8CVSS
6.7AI Score
0.001EPSS
AlmaLinux 8 : kernel-rt (ALSA-2024:3627)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3627 advisory. * kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) * kernel: Information disclosure in...
7.8CVSS
8.5AI Score
0.001EPSS
AlmaLinux 8 : kernel update (Medium) (ALSA-2024:3618)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3618 advisory. * kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) * kernel: Information disclosure in...
7.8CVSS
8.7AI Score
0.001EPSS
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) kernel: Information disclosure in vhost/vhost.c:vhost_new_msg() (CVE-2024-0340) kernel:...
7.8CVSS
6.9AI Score
0.001EPSS
Moderate: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) kernel: Information disclosure in...
7.8CVSS
6.6AI Score
0.001EPSS
[4.18.0-553.5.1.el8_10.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict...
7.8CVSS
9AI Score
0.001EPSS
RHEL 8 : kernel update (Moderate) (RHSA-2024:3618)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3618 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Marvin vulnerability...
7.8CVSS
8.5AI Score
0.001EPSS
Slackware Linux 15.0 kernel-generic Multiple Vulnerabilities (SSA:2024-157-01)
The version of kernel-generic installed on the remote host is prior to 5.15.160 / 5.15.160_smp. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-157-01 advisory. New kernel packages are available for Slackware 15.0 to fix security issues. Tenable has extracted...
8CVSS
9.8AI Score
EPSS
Ubuntu 20.04 LTS : FRR vulnerabilities (USN-6807-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6807-1 advisory. It was discovered that FRR incorrectly handled certain network traffic. A remote attacker could possibly use this issue to cause FRR to crash,...
9.8CVSS
8.1AI Score
0.029EPSS
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6806-1 advisory. Pedro Ribeiro and Vitor Pedreira discovered that the GDK-PixBuf library did not properly handle certain ...
7.8CVSS
7.7AI Score
0.001EPSS
Ubuntu 24.04 LTS : unixODBC vulnerability (USN-6715-2)
The remote Ubuntu 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6715-2 advisory. USN-6715-1 fixed a vulnerability in unixODBC. This update provides the corresponding fix for Ubuntu 24.04 LTS. Original advisory details: It was discovered...
7.1CVSS
8AI Score
0.0004EPSS
Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip
The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4...
9.8CVSS
6.8AI Score
0.001EPSS
Mishandling of corrupt central directory record in archive/zip
The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects...
5.5CVSS
6.6AI Score
0.0004EPSS
Summary In addition to OS level package updates, multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF033 and 23.0.2-IF005. Vulnerability Details ** CVEID: CVE-2024-21501 DESCRIPTION: **Node.js sanitize-html module could allow a remote attacker to...
8.8CVSS
9.7AI Score
EPSS
In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. Because the permissions are generated when accessed, they default to the root inode's...
6.7AI Score
0.0004EPSS
azure-file-csi-driver leaks service account tokens in the logs in sigs.k8s.io/azurefile-csi-driver
azure-file-csi-driver leaks service account tokens in the logs in...
6.5CVSS
6.4AI Score
0.0004EPSS