The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the chatbot_chatgpt_upload_file_to_assistant function in all versions up to, and including, 1.9.9. This makes it possible for unauthenticated attackers, with to...
9.8CVSS
10AI Score
0.001EPSS
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the chatbot_chatgpt_upload_file_to_assistant function in all versions up to, and including, 1.9.9. This makes it possible for unauthenticated attackers, with to...
9.8CVSS
7.9AI Score
0.001EPSS
RHEL 5 : librsvg (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. librsvg: SIGFPE is raised in box_blur_line function of rsvg-filter.c (CVE-2017-11464) In xml.rs in GNOME...
7.1AI Score
0.004EPSS
RHEL 7 : perl-image-info (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. perl-Image-Info: XXE in SVG files (CVE-2016-9181) Note that Nessus has not tested for this issue but has instead...
7.3AI Score
0.001EPSS
RHEL 6 : cairo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. cairo: libreoffice slideshow aborts with stack smashing in cairo's composite_boxes (CVE-2020-35492) ...
7.5AI Score
0.006EPSS
RHEL 5 : cairo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. cairo: libreoffice slideshow aborts with stack smashing in cairo's composite_boxes (CVE-2020-35492) ...
7.4AI Score
0.006EPSS
RHEL 7 : gdk-pixbuf (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gdk-pixbuf: Integer underflow in io-icns.c (CVE-2017-6313) The OneLine32 function in io-ico.c in...
7.6AI Score
0.01EPSS
RHEL 6 : icedtea-web (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. icedtea-web: unsigned code injection in a signed JAR file (CVE-2019-10181) icedtea-web: directory...
8.3AI Score
0.027EPSS
RHEL 5 : wget (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. wget: Lack of filename checking allows arbitrary file upload via FTP redirect (CVE-2016-4971) wget:...
7.5AI Score
0.955EPSS
RHEL 6 : python-lxml (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through (CVE-2021-43818) An...
7.6AI Score
0.013EPSS
RHEL 7 : python-lxml (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through (CVE-2021-43818) An...
6.8AI Score
0.013EPSS
RHEL 6 : batik (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. batik: XML external entity processing vulnerability (CVE-2017-5662) batik: information disclosure when...
8.2AI Score
0.007EPSS
RHEL 5 : mozilla (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Mozilla: Sandbox escape with improperly separated process types (CVE-2020-12389) Mozilla: Memory safety...
10AI Score
0.924EPSS
RHEL 6 : php (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: buffer overflow in handling of long link names in tar phar archives (CVE-2016-2554) php:...
10AI Score
EPSS
RHEL 6 : libwebp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libwebp: Heap buffer overflow in WebP Codec (CVE-2023-4863) Rejected reason: This CVE ID has been...
8.1AI Score
0.609EPSS
RHEL 7 : exempi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. exempi: denial of service via opening of crafted webp file (CVE-2020-18652) Buffer Overflow...
7AI Score
0.001EPSS
RHEL 6 : librsvg2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. librsvg2: DoS parsing SVGs with circular definitions _rsvg_css_normalize_font_size() function ...
7.6AI Score
0.009EPSS
RHEL 7 : cairo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. cairo: libreoffice slideshow aborts with stack smashing in cairo's composite_boxes (CVE-2020-35492) ...
7.5AI Score
0.006EPSS
RHEL 7 : python-werkzeug (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python-werkzeug: cookie prefixed with = can shadow unprefixed cookie (CVE-2023-23934) Werkzeug is a...
7.4AI Score
0.001EPSS
RHEL 7 : python-pillow (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python-pillow: Buffer overflow in image convert function (CVE-2021-34552) Buffer overflow in the...
9AI Score
0.073EPSS
RHEL 7 : qt-qtsvg (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. qt-qtsvg: Out of bounds read in function QRadialFetchSimd<QSimdSse2>::fetch when input craft svg file ...
7.3AI Score
0.0004EPSS
RHEL 5 : tomcat (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938) Apache Tomcat 6.x before...
8.9AI Score
0.975EPSS
RHEL 6 : wget (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. wget: Lack of filename checking allows arbitrary file upload via FTP redirect (CVE-2016-4971) wget:...
7.8AI Score
0.955EPSS
RHEL 6 : qt (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. qt: QPluginLoader loads plugins relative to CWD which could result in arbitrary code execution ...
7.3AI Score
0.004EPSS
RHEL 6 : librsvg (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. librsvg: SIGFPE is raised in box_blur_line function of rsvg-filter.c (CVE-2017-11464) In xml.rs in GNOME...
6.5AI Score
0.004EPSS
RHEL 6 : netpbm (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. netpbm: Out-of-bounds write in writeRasterPbm() function (CVE-2017-2581) An out-of-bounds read...
6.9AI Score
0.006EPSS
RHEL 7 : netpbm (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. netpbm: heap-buffer-overflow in pm_mallocarray2 function in lib/util/mallocvar.c (CVE-2018-8975) A null...
6.2AI Score
0.006EPSS
RHEL 5 : netpbm (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. netpbm: Out-of-bounds write in writeRasterPbm() function (CVE-2017-2581) A null pointer dereference...
6.2AI Score
0.001EPSS
RHEL 5 : php (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: buffer overflow in handling of long link names in tar phar archives (CVE-2016-2554) php:...
10AI Score
0.969EPSS
RHEL 6 : mozilla (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Mozilla: Stack overflow due to incorrect parsing of SMTP server response codes (CVE-2020-26970) Mozilla:...
9.7AI Score
0.38EPSS
RHEL 7 : exiv2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. exiv2: Heap-based buffer overflow in basicio.cpp (CVE-2017-12955) exiv2: Heap-based buffer overflow in...
7.8AI Score
EPSS
RHEL 6 : imagemagick (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ImageMagick: use-after-free in MngInfoDiscardObject in coders/png.c (CVE-2019-19952) Heap-based buffer...
9.6AI Score
0.242EPSS
RHEL 6 : kernel (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: Buffer overflow due to unbounded strcpy in ISDN I4L driver (CVE-2017-12762) kernel: lack of port...
8.7AI Score
EPSS
RHEL 6 : exempi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. exempi: Use after free via a PDF file containing JPEG data (CVE-2017-18234) An issue was discovered in...
8.2AI Score
0.004EPSS
RHEL 7 : librsvg2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. librsvg2: DoS parsing SVGs with circular definitions _rsvg_css_normalize_font_size() function ...
6.6AI Score
0.009EPSS
RHEL 7 : batik (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. batik: XML external entity processing vulnerability (CVE-2017-5662) batik: information disclosure when...
8.2AI Score
0.007EPSS
RHEL 6 : exiv2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. exiv2: integer overflow in the LoaderExifJpeg class in preview.cpp (CVE-2018-12265) exiv2: Heap-based...
8.6AI Score
EPSS
RHEL 9 : kernel (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileges ...
7.8AI Score
0.013EPSS
Migration Backup Restore < 3.5.0 - Admin+ SSRF
Description The plugin does not prevent users with the administrator role from pinging conducting SSRF attacks, which may be a problem in multisite...
9.4AI Score
0.0004EPSS