Lucene search

K

Event Calendar – Calendar (WordPress Plugin) Security Vulnerabilities

nessus
nessus

RHEL 8 : ghostscript (RHSA-2024:4000)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4000 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap...

7.2AI Score

EPSS

2024-06-20 12:00 AM
1
nessus
nessus

AnythingLLM Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible AnythingLLM instance on the target application. AnythingLLM let you choose beetween differents LLM or vector database to use and allow to convert any document or content into references that the.....

7.2AI Score

2024-06-20 12:00 AM
1
nessus
nessus

RHEL 9 : thunderbird (RHSA-2024:4004)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4004 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.12.1. Security Fix(es): *...

7.7AI Score

0.0004EPSS

2024-06-20 12:00 AM
nessus
nessus

SUSE SLES15 Security Update : podman (SUSE-SU-2024:2090-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2090-1 advisory. - Update to version 4.9.5 - CVE-2024-3727: Fixed a flaw that allowed attackers to trigger unexpected authenticated registry...

8.3CVSS

8.7AI Score

0.0004EPSS

2024-06-20 12:00 AM
nessus
nessus

RHEL 9 : thunderbird (RHSA-2024:4015)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4015 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.12.1. Security Fix(es): *...

7.7AI Score

0.0004EPSS

2024-06-20 12:00 AM
nessus
nessus

Flowise Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible Flowise instance on the target application. Flowise is a builder for LLM...

7.2AI Score

2024-06-20 12:00 AM
1
nessus
nessus

NextChat Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible NextChat (formerly ChatGPT-Next-Web) instance on the target application. NextChat is a collection of tools to help developers build their own AI service around most popular...

7.2AI Score

2024-06-20 12:00 AM
1
nessus
nessus

RHEL 8 : thunderbird (RHSA-2024:4001)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4001 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.12.1. Security Fix(es): *...

7.7AI Score

0.0004EPSS

2024-06-20 12:00 AM
nessus
nessus

RHEL 8 : thunderbird (RHSA-2024:4018)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4018 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.12.1. Security Fix(es): *...

7.7AI Score

0.0004EPSS

2024-06-20 12:00 AM
nessus
nessus

AlmaLinux 9 : thunderbird (ALSA-2024:4002)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:4002 advisory. * thunderbird: Use-after-free in networking (CVE-2024-5702) * thunderbird: Use-after-free in JavaScript object transplant (CVE-2024-5688) * thunderbird:...

7.7AI Score

0.0004EPSS

2024-06-20 12:00 AM
1
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : opencc (SUSE-SU-2024:2102-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2102-1 advisory. - CVE-2018-16982: Check offset bounds in BinaryDict::NewFromFile method. (bsc#1108310) Tenable has...

5.5CVSS

7AI Score

0.001EPSS

2024-06-20 12:00 AM
nessus
nessus

SUSE SLES12 Security Update : libzypp, zypper (SUSE-SU-2024:2080-1)

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2080-1 advisory. - CVE-2017-9271: Fixed proxy credentials written to log files (bsc#1050625). The following non-security bugs were fixed: - clean: Do not...

3.3CVSS

7.1AI Score

0.0004EPSS

2024-06-20 12:00 AM
nessus
nessus

SUSE SLES15 Security Update : libarchive (SUSE-SU-2024:2082-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2082-1 advisory. - CVE-2024-20696: Fixed heap based out-of-bounds write (bsc#1225971). Tenable has extracted the preceding description block directly from...

7.3CVSS

7.2AI Score

0.003EPSS

2024-06-20 12:00 AM
nessus
nessus

SUSE SLES15 Security Update : kernel RT (Live Patch 13 for SLE 15 SP5) (SUSE-SU-2024:2101-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2101-1 advisory. This update for the Linux Kernel 5.14.21-150500_13_47 fixes several issues. The following security issues were fixed: - CVE-2024-26852: Fixed...

7.1AI Score

0.0004EPSS

2024-06-20 12:00 AM
nessus
nessus

Oracle Linux 7 : thunderbird (ELSA-2024-4016)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-4016 advisory. [115.12.1-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build [115.12.1-1] - Update...

6.9AI Score

0.0004EPSS

2024-06-20 12:00 AM
1
nessus
nessus

Oracle Linux 9 : thunderbird (ELSA-2024-4002)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-4002 advisory. [115.12.1-1.0.1] - Add Oracle prefs [115.12.1] - Add OpenELA debranding [115.12.1-1] - Update to 115.12.1 build1 [115.12.0-2] - Update to 115.12.0...

6.9AI Score

0.0004EPSS

2024-06-20 12:00 AM
1
nessus
nessus

AlmaLinux 9 : ghostscript (ALSA-2024:3999)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3999 advisory. * ghostscript: OPVP device arbitrary code execution via custom Driver library (CVE-2024-33871) Tenable has extracted the preceding description block directly from...

7.3AI Score

EPSS

2024-06-20 12:00 AM
1
nessus
nessus

Yoast SEO Plugin for WordPress < 22.7 Cross-Site Scripting

The WordPress Yoast SEO Plugin installed on the remote host is affected by a stored Cross-Site Scripting (XSS) vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version...

6.2AI Score

2024-06-20 12:00 AM
2
nessus
nessus

MLflow Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible MLflow instance on the target application. MLflow is platform to streamling machine learning development and simplify model...

7.2AI Score

2024-06-20 12:00 AM
1
nessus
nessus

SUSE SLES15 Security Update : kernel RT (Live Patch 10 for SLE 15 SP5) (SUSE-SU-2024:2092-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2092-1 advisory. This update for the Linux Kernel 5.14.21-150500_13_35 fixes several issues. The following security issues were fixed: - CVE-2024-26852: Fixed...

7CVSS

7.3AI Score

EPSS

2024-06-20 12:00 AM
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gdk-pixbuf (SUSE-SU-2024:2077-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2077-1 advisory. gdk-pixbuf was updated to version 2.42.12: - Security issues fixed: * CVE-2022-48622: Fixed heap...

7.8CVSS

8AI Score

0.001EPSS

2024-06-20 12:00 AM
nessus
nessus

SUSE SLES15 Security Update : kernel RT (Live Patch 6 for SLE 15 SP5) (SUSE-SU-2024:2096-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:2096-1 advisory. This update for the Linux Kernel 5.14.21-150500_13_21 fixes one issue. The following security issue was fixed: - CVE-2024-26852: Fixed use-after-free...

6.9AI Score

0.0004EPSS

2024-06-20 12:00 AM
nessus
nessus

Arecont Vision AV1355DN MegaDome camera Denial of Service (CVE-2013-0139)

The Arecont Vision AV1355DN MegaDome camera allows remote attackers to cause a denial of service (video-capture outage) via a packet to UDP port 69. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

7.1AI Score

0.002EPSS

2024-06-20 12:00 AM
nessus
nessus

Yoast SEO Plugin for WordPress < 22.6 Cross-Site Scripting

The WordPress Yoast SEO Plugin installed on the remote host is affected by a reflected Cross-Site Scripting (XSS) vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version...

6.4AI Score

2024-06-20 12:00 AM
3
nessus
nessus

RHEL 9 : ghostscript (RHSA-2024:4014)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4014 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap...

7.2AI Score

EPSS

2024-06-20 12:00 AM
1
cve
cve

CVE-2024-36116

Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite provides support for JavaDocs files, which are archives that contain documentation for artifacts. Specifically, JavadocEndpoints.kt controller allows to expand the...

7.5CVSS

7.8AI Score

0.0004EPSS

2024-06-19 06:15 PM
22
osv
osv

CVE-2024-36116

Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite provides support for JavaDocs files, which are archives that contain documentation for artifacts. Specifically, JavadocEndpoints.kt controller allows to expand the...

7.5CVSS

7.2AI Score

0.0004EPSS

2024-06-19 06:15 PM
nvd
nvd

CVE-2024-36116

Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite provides support for JavaDocs files, which are archives that contain documentation for artifacts. Specifically, JavadocEndpoints.kt controller allows to expand the...

7.5CVSS

0.0004EPSS

2024-06-19 06:15 PM
5
githubexploit
githubexploit

Exploit for CVE-2023-47504

CVE-2023-47504 POC Exploit for CVE-2023-47504. According to...

7.5CVSS

7.1AI Score

0.0004EPSS

2024-06-19 06:07 PM
108
cvelist
cvelist

CVE-2024-36116 Path traversal in Reposilite javadoc file expansion

Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite provides support for JavaDocs files, which are archives that contain documentation for artifacts. Specifically, JavadocEndpoints.kt controller allows to expand the...

7.5CVSS

0.0004EPSS

2024-06-19 05:37 PM
8
cve
cve

CVE-2024-34444

Missing Authorization vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a before...

7.1CVSS

7AI Score

0.0004EPSS

2024-06-19 03:15 PM
25
nvd
nvd

CVE-2024-34443

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemePunch OHG Slider Revolution allows Stored XSS.This issue affects Slider Revolution: from n/a before...

5.9CVSS

0.0004EPSS

2024-06-19 03:15 PM
2
cve
cve

CVE-2024-34443

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemePunch OHG Slider Revolution allows Stored XSS.This issue affects Slider Revolution: from n/a before...

5.9CVSS

5.8AI Score

0.0004EPSS

2024-06-19 03:15 PM
31
nvd
nvd

CVE-2024-34444

Missing Authorization vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a before...

7.1CVSS

0.0004EPSS

2024-06-19 03:15 PM
6
nvd
nvd

CVE-2023-39312

Missing Authorization vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through...

9.1CVSS

0.0004EPSS

2024-06-19 03:15 PM
1
cve
cve

CVE-2023-39312

Missing Authorization vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through...

9.1CVSS

9.3AI Score

0.0004EPSS

2024-06-19 03:15 PM
30
cve
cve

CVE-2023-38394

Missing Authorization vulnerability in Artbees JupiterX Core.This issue affects JupiterX Core: from 3.0.0 through...

5.4CVSS

5.6AI Score

0.0004EPSS

2024-06-19 03:15 PM
20
nvd
nvd

CVE-2023-38394

Missing Authorization vulnerability in Artbees JupiterX Core.This issue affects JupiterX Core: from 3.0.0 through...

5.4CVSS

0.0004EPSS

2024-06-19 03:15 PM
cve
cve

CVE-2023-36516

Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through...

7.6CVSS

7.5AI Score

0.0004EPSS

2024-06-19 03:15 PM
19
cve
cve

CVE-2023-38393

Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through...

7.6CVSS

7.5AI Score

0.0004EPSS

2024-06-19 03:15 PM
40
nvd
nvd

CVE-2023-36516

Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through...

7.6CVSS

0.0004EPSS

2024-06-19 03:15 PM
nvd
nvd

CVE-2023-38393

Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through...

7.6CVSS

0.0004EPSS

2024-06-19 03:15 PM
cve
cve

CVE-2023-25697

Cross-Site Request Forgery (CSRF) vulnerability in GamiPress.This issue affects GamiPress: from n/a through...

5.4CVSS

5.5AI Score

0.0004EPSS

2024-06-19 03:15 PM
20
cve
cve

CVE-2022-45832

Missing Authorization vulnerability in Hennessey Digital Attorney.This issue affects Attorney: from n/a through...

6.5CVSS

6.6AI Score

0.0004EPSS

2024-06-19 03:15 PM
19
nvd
nvd

CVE-2022-45832

Missing Authorization vulnerability in Hennessey Digital Attorney.This issue affects Attorney: from n/a through...

6.5CVSS

0.0004EPSS

2024-06-19 03:15 PM
nvd
nvd

CVE-2023-25697

Cross-Site Request Forgery (CSRF) vulnerability in GamiPress.This issue affects GamiPress: from n/a through...

5.4CVSS

0.0004EPSS

2024-06-19 03:15 PM
nvd
nvd

CVE-2023-36515

Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through...

7.3CVSS

0.0004EPSS

2024-06-19 03:15 PM
cve
cve

CVE-2023-36515

Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through...

7.3CVSS

7.2AI Score

0.0004EPSS

2024-06-19 03:15 PM
21
cvelist
cvelist

CVE-2024-34444 WordPress Slider Revolution plugin < 6.7.0 - Unauthenticated Broken Access Control vulnerability

Missing Authorization vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a before...

7.1CVSS

0.0004EPSS

2024-06-19 02:57 PM
4
vulnrichment
vulnrichment

CVE-2024-34443 WordPress Slider Revolution plugin < 6.7.11 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemePunch OHG Slider Revolution allows Stored XSS.This issue affects Slider Revolution: from n/a before...

5.9CVSS

7AI Score

0.0004EPSS

2024-06-19 02:53 PM
2
Total number of security vulnerabilities271182