badmonkey, a Security Researcher has found a flaw that allows for a unauthenticated DoS attack on the camera. An attacker runs a crafted URL, nobody can access the web management page of the camera. and must manually restart the device or re-power it. The manufacturer has released patch firmware...
EPSS
badmonkey, a Security Researcher has found a flaw that allows for a unauthenticated DoS attack on the camera. An attacker runs a crafted URL, nobody can access the web management page of the camera. and must manually restart the device or re-power it. The manufacturer has released patch firmware...
6.9AI Score
EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: prometheus-mongodb-exporter, prometheus-operator, terraform-provider-aws, cloudflared, ollama, kubeflow-katib, zarf, prometheus-postgres-exporter, docker-compose, protoc-gen-go-grpc, kubevela, nri-prometheus, falco, prometheus-elasticsearch-exporter, jaeger-agent,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: prometheus-mongodb-exporter, prometheus-operator, kubeflow-katib, prometheus-postgres-exporter, yam, s5cmd, protoc-gen-go-grpc, kubevela, nri-prometheus, nri-nagios, falco, prometheus-elasticsearch-exporter, newrelic-infrastructure-agent, aws-ebs-csi-driver,...
7.8AI Score
0.0004EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: yam, s5cmd, addon-resizer, confluent-common-docker, nats, fuse-overlayfs-snapshotter, boring-registry, litestream, wait-for-port, mods, tailscale, local-path-provisioner, frp, velero-plugin-for-aws, aws-efs-csi-driver, crane, govulncheck, bom, trust-manager,...
6.8AI Score
0.0004EPSS
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: terraform-provider-aws, yam, s5cmd, addon-resizer, buildah, confluent-common-docker, nats, fuse-overlayfs-snapshotter, boring-registry, litestream, wait-for-port, mods, tailscale, gops, frp, local-path-provisioner, traefik, velero-plugin-for-aws, libnvidia-container,.....
5.5CVSS
6.1AI Score
0.0004EPSS
CVE-2023-48795 vulnerabilities
Vulnerabilities for packages: prometheus-mongodb-exporter, terraform-provider-aws, cloudflared, ollama, kubeflow-katib, ko, prometheus-postgres-exporter, step, coredns, falco, dynamic-localpv-provisioner, grype, kyverno, nats, boring-registry, loki, vexctl, istio-pilot-agent, apko, dex, kubescape,....
5.9CVSS
7.1AI Score
0.963EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: prometheus-mongodb-exporter, prometheus-operator, terraform-provider-aws, cloudflared, ollama, kubeflow-katib, zarf, prometheus-postgres-exporter, docker-compose, protoc-gen-go-grpc, kubevela, nri-prometheus, falco, prometheus-elasticsearch-exporter, jaeger-agent,...
6.7AI Score
0.0004EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: prometheus-mongodb-exporter, prometheus-operator, kubeflow-katib, prometheus-postgres-exporter, yam, s5cmd, protoc-gen-go-grpc, kubevela, nri-prometheus, nri-nagios, falco, prometheus-elasticsearch-exporter, newrelic-infrastructure-agent, aws-ebs-csi-driver,...
7.8AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: prometheus-mongodb-exporter, prometheus-operator, kubeflow-katib, prometheus-postgres-exporter, yam, s5cmd, protoc-gen-go-grpc, kubevela, nri-prometheus, nri-nagios, falco, prometheus-elasticsearch-exporter, newrelic-infrastructure-agent, aws-ebs-csi-driver,...
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: yam, s5cmd, addon-resizer, confluent-common-docker, nats, fuse-overlayfs-snapshotter, boring-registry, litestream, wait-for-port, mods, tailscale, local-path-provisioner, frp, velero-plugin-for-aws, aws-efs-csi-driver, crane, govulncheck, bom, trust-manager,...
7.5AI Score
CVE-2024-24790 vulnerabilities
Vulnerabilities for packages: terraform-provider-aws, yam, s5cmd, addon-resizer, buildah, confluent-common-docker, nats, fuse-overlayfs-snapshotter, boring-registry, litestream, wait-for-port, mods, tailscale, gops, frp, local-path-provisioner, traefik, velero-plugin-for-aws, libnvidia-container,.....
9.8CVSS
9.7AI Score
0.001EPSS
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: prometheus-mongodb-exporter, prometheus-operator, kubeflow-katib, prometheus-postgres-exporter, yam, s5cmd, protoc-gen-go-grpc, kubevela, nri-prometheus, nri-nagios, falco, prometheus-elasticsearch-exporter, newrelic-infrastructure-agent, aws-ebs-csi-driver,...
7.5AI Score
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: prometheus-mongodb-exporter, prometheus-operator, kubeflow-katib, prometheus-postgres-exporter, yam, s5cmd, protoc-gen-go-grpc, kubevela, nri-prometheus, nri-nagios, falco, prometheus-elasticsearch-exporter, newrelic-infrastructure-agent, aws-ebs-csi-driver,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: prometheus-mongodb-exporter, prometheus-operator, kubeflow-katib, prometheus-postgres-exporter, yam, s5cmd, protoc-gen-go-grpc, kubevela, nri-prometheus, nri-nagios, falco, prometheus-elasticsearch-exporter, newrelic-infrastructure-agent, aws-ebs-csi-driver,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: prometheus-mongodb-exporter, prometheus-operator, kubeflow-katib, prometheus-postgres-exporter, yam, s5cmd, protoc-gen-go-grpc, kubevela, nri-prometheus, nri-nagios, falco, prometheus-elasticsearch-exporter, newrelic-infrastructure-agent, aws-ebs-csi-driver,...
7.8AI Score
0.0004EPSS
CVE-2024-29025 vulnerabilities
Vulnerabilities for packages: opensearch, neo4j, spark, selenium, wavefront-proxy, cloudwatch-exporter, keycloak,...
5.3CVSS
5.9AI Score
0.0004EPSS
GHSA-49GW-VXVF-FC2G vulnerabilities
Vulnerabilities for packages: terraform-provider-aws, yam, s5cmd, addon-resizer, buildah, confluent-common-docker, nats, fuse-overlayfs-snapshotter, boring-registry, litestream, wait-for-port, mods, tailscale, gops, frp, local-path-provisioner, traefik, velero-plugin-for-aws, libnvidia-container,.....
7.5AI Score
GHSA-45X7-PX36-X8W8 vulnerabilities
Vulnerabilities for packages: prometheus-mongodb-exporter, terraform-provider-aws, cloudflared, ollama, kubeflow-katib, ko, prometheus-postgres-exporter, step, coredns, falco, dynamic-localpv-provisioner, grype, kyverno, nats, boring-registry, loki, vexctl, istio-pilot-agent, apko, dex, kubescape,....
7.5AI Score
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: prometheus-mongodb-exporter, prometheus-operator, kubeflow-katib, prometheus-postgres-exporter, yam, s5cmd, protoc-gen-go-grpc, kubevela, nri-prometheus, nri-nagios, falco, prometheus-elasticsearch-exporter, newrelic-infrastructure-agent, aws-ebs-csi-driver,...
7.8AI Score
0.0004EPSS
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: prometheus-mongodb-exporter, prometheus-operator, kubeflow-katib, prometheus-postgres-exporter, yam, s5cmd, protoc-gen-go-grpc, kubevela, nri-prometheus, nri-nagios, falco, prometheus-elasticsearch-exporter, newrelic-infrastructure-agent, aws-ebs-csi-driver,...
7.5AI Score
GHSA-5JPM-X58V-624V vulnerabilities
Vulnerabilities for packages: opensearch, neo4j, spark, selenium, wavefront-proxy, cloudwatch-exporter, keycloak,...
7.5AI Score
GHSA-236W-P7WF-5PH8 vulnerabilities
Vulnerabilities for packages: terraform-provider-aws, yam, s5cmd, addon-resizer, buildah, confluent-common-docker, nats, fuse-overlayfs-snapshotter, boring-registry, litestream, wait-for-port, mods, tailscale, gops, frp, local-path-provisioner, traefik, velero-plugin-for-aws, libnvidia-container,.....
7.5AI Score
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: prometheus-mongodb-exporter, prometheus-operator, kubeflow-katib, prometheus-postgres-exporter, yam, s5cmd, protoc-gen-go-grpc, kubevela, nri-prometheus, nri-nagios, falco, prometheus-elasticsearch-exporter, newrelic-infrastructure-agent, aws-ebs-csi-driver,...
6AI Score
0.0004EPSS
CVE-2023-5038 Unauthenticated DoS
badmonkey, a Security Researcher has found a flaw that allows for a unauthenticated DoS attack on the camera. An attacker runs a crafted URL, nobody can access the web management page of the camera. and must manually restart the device or re-power it. The manufacturer has released patch firmware...
EPSS
SQL Injection vulnerability in the module "Help Desk - Customer Support Management System" (helpdesk) up to version 2.4.0 from FME Modules for PrestaShop allows attackers to obtain sensitive information and cause other impacts via...
7.2AI Score
EPSS
SQL Injection vulnerability in the module "Help Desk - Customer Support Management System" (helpdesk) up to version 2.4.0 from FME Modules for PrestaShop allows attackers to obtain sensitive information and cause other impacts via...
EPSS
Cloud Software Group Security Advisory for CVE-2024-3661
Cloud Software Group has evaluated the impact of vulnerability CVE-2024-3661 on our products. This vulnerability may allow an attacker on the same local network as the victim to read, disrupt, or modify network traffic expected to be protected by the VPN. Please find below the impact status: ...
7.6CVSS
6.7AI Score
0.0005EPSS
An issue the background management system of Shanxi Internet Chuangxiang Technology Co., Ltd v1.0.1 allows a remote attacker to cause a denial of service via the index.html...
EPSS
An issue the background management system of Shanxi Internet Chuangxiang Technology Co., Ltd v1.0.1 allows a remote attacker to cause a denial of service via the index.html...
7AI Score
EPSS
An issue in Shenzhen Weitillage Industrial Co., Ltd the access management specialist V6.62.51215 allows a remote attacker to obtain sensitive...
EPSS
An issue in Shenzhen Weitillage Industrial Co., Ltd the access management specialist V6.62.51215 allows a remote attacker to obtain sensitive...
6.4AI Score
EPSS
AIX is affected by a denial of service due to Python (CVE-2024-0450)
IBM SECURITY ADVISORY First Issued: Mon Jun 24 15:07:51 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/python_advisory10.asc Security Bulletin: AIX is affected by a denial of service due to Python (CVE-2024-0450)...
6.2CVSS
6.8AI Score
0.0005EPSS
In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_dpsub: Always register bridge We must always register the DRM bridge, since zynqmp_dp_hpd_work_func calls drm_bridge_hpd_notify, which in turn expects hpd_mutex to be initialized. We do this before...
6.4AI Score
EPSS
In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_dpsub: Always register bridge We must always register the DRM bridge, since zynqmp_dp_hpd_work_func calls drm_bridge_hpd_notify, which in turn expects hpd_mutex to be initialized. We do this before...
EPSS
CVE-2024-38664 drm: zynqmp_dpsub: Always register bridge
In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_dpsub: Always register bridge We must always register the DRM bridge, since zynqmp_dp_hpd_work_func calls drm_bridge_hpd_notify, which in turn expects hpd_mutex to be initialized. We do this before...
EPSS
CVE-2024-38664 drm: zynqmp_dpsub: Always register bridge
In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_dpsub: Always register bridge We must always register the DRM bridge, since zynqmp_dp_hpd_work_func calls drm_bridge_hpd_notify, which in turn expects hpd_mutex to be initialized. We do this before...
6.8AI Score
EPSS
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salon Booking System Salon booking system allows File Manipulation.This issue affects Salon booking system: from n/a through...
8.6CVSS
8.6AI Score
EPSS
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salon Booking System Salon booking system allows File Manipulation.This issue affects Salon booking system: from n/a through...
8.6CVSS
EPSS
Improper Privilege Management vulnerability in Membership Software WishList Member X allows Privilege Escalation.This issue affects WishList Member X: from n/a through...
8.8CVSS
8.8AI Score
EPSS
Improper Privilege Management vulnerability in Membership Software WishList Member X allows Privilege Escalation.This issue affects WishList Member X: from n/a through...
8.8CVSS
EPSS
CVE-2024-37231 WordPress Salon booking system plugin <= 9.9 - Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salon Booking System Salon booking system allows File Manipulation.This issue affects Salon booking system: from n/a through...
8.6CVSS
EPSS
CVE-2024-37231 WordPress Salon booking system plugin <= 9.9 - Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salon Booking System Salon booking system allows File Manipulation.This issue affects Salon booking system: from n/a through...
8.6CVSS
6.8AI Score
EPSS
Improper Privilege Management vulnerability in Membership Software WishList Member X allows Privilege Escalation.This issue affects WishList Member X: from n/a through...
8.8CVSS
EPSS
Insecure Direct Object Reference (IDOR)
jweiland/events2 is vulnerable to Insecure Direct Object Reference (IDOR). The vulnerability is due to missing access checks in the management plugin, which allows an attacker to activate or delete events without...
5.4CVSS
6.6AI Score
0.0004EPSS
A vulnerability, which was classified as critical, was found in lahirudanushka School Management System 1.0.0/1.0.1. Affected is an unknown function of the file student.php of the component Student Page. The manipulation of the argument update leads to sql injection. It is possible to launch the...
4.7CVSS
5.3AI Score
0.0004EPSS
A vulnerability has been found in lahirudanushka School Management System 1.0.0/1.0.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file subject.php of the component Subject Page. The manipulation of the argument update leads to sql injection. The...
4.7CVSS
0.0004EPSS
A vulnerability has been found in lahirudanushka School Management System 1.0.0/1.0.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file subject.php of the component Subject Page. The manipulation of the argument update leads to sql injection. The...
4.7CVSS
5.3AI Score
0.0004EPSS
A vulnerability, which was classified as critical, was found in lahirudanushka School Management System 1.0.0/1.0.1. Affected is an unknown function of the file student.php of the component Student Page. The manipulation of the argument update leads to sql injection. It is possible to launch the...
4.7CVSS
0.0004EPSS
A vulnerability was found in lahirudanushka School Management System 1.0.0/1.0.1 and classified as critical. Affected by this issue is some unknown functionality of the file examresults-par.php of the component Exam Results Page. The manipulation of the argument sid leads to sql injection. The...
6.3CVSS
0.0004EPSS