Lucene search

K

F-Secure Endpoint Protection Products On Windows, Mac And Linux Security Security Vulnerabilities

cbl_mariner
cbl_mariner

CVE-2023-29405 affecting package golang for versions less than 1.20.7-1

CVE-2023-29405 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

9.8CVSS

9.7AI Score

0.005EPSS

2024-06-16 03:19 PM
4
cbl_mariner
cbl_mariner

CVE-2022-41724 affecting package golang for versions less than 1.19.6-1

CVE-2022-41724 affecting package golang for versions less than 1.19.6-1. A patched version of the package is...

7.5CVSS

7.8AI Score

0.001EPSS

2024-06-16 03:19 PM
cbl_mariner
cbl_mariner

CVE-2023-39325 affecting package golang for versions less than 1.20.7-2

CVE-2023-39325 affecting package golang for versions less than 1.20.7-2. A patched version of the package is...

7.5CVSS

7.8AI Score

0.002EPSS

2024-06-16 03:19 PM
cbl_mariner
cbl_mariner

CVE-2023-24534 affecting package golang for versions less than 1.20.7-1

CVE-2023-24534 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

7.5CVSS

7.8AI Score

0.002EPSS

2024-06-16 03:19 PM
cbl_mariner
cbl_mariner

CVE-2023-39533 affecting package golang for versions less than 1.19.12-1

CVE-2023-39533 affecting package golang for versions less than 1.19.12-1. A patched version of the package is...

7.5CVSS

7.6AI Score

0.001EPSS

2024-06-16 03:19 PM
2
cbl_mariner
cbl_mariner

CVE-2023-45853 affecting package cloud-hypervisor for versions less than 32.0-2

CVE-2023-45853 affecting package cloud-hypervisor for versions less than 32.0-2. A patched version of the package is...

9.8CVSS

9.7AI Score

0.001EPSS

2024-06-16 03:19 PM
2
cbl_mariner
cbl_mariner

CVE-2023-44487 affecting package application-gateway-kubernetes-ingress for versions less than 1.4.0-15

CVE-2023-44487 affecting package application-gateway-kubernetes-ingress for versions less than 1.4.0-15. A patched version of the package is...

7.5CVSS

8.2AI Score

0.732EPSS

2024-06-16 03:19 PM
cve
cve

CVE-2024-38460

In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated using the Settings Encryption feature are potentially exposed in cleartext as part of the URL parameters in the logs (such as SonarQube Access Logs, Proxy Logs,...

4.9CVSS

7AI Score

EPSS

2024-06-16 03:15 PM
cve
cve

CVE-2024-38457

Xenforo before 2.2.16 allows...

7AI Score

EPSS

2024-06-16 03:15 PM
nvd
nvd

CVE-2024-38460

In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated using the Settings Encryption feature are potentially exposed in cleartext as part of the URL parameters in the logs (such as SonarQube Access Logs, Proxy Logs,...

4.9CVSS

EPSS

2024-06-16 03:15 PM
cve
cve

CVE-2024-38458

Xenforo before 2.2.16 allows code...

7.5AI Score

EPSS

2024-06-16 03:15 PM
nvd
nvd

CVE-2024-38457

Xenforo before 2.2.16 allows...

EPSS

2024-06-16 03:15 PM
nvd
nvd

CVE-2024-38458

Xenforo before 2.2.16 allows code...

EPSS

2024-06-16 03:15 PM
nvd
nvd

CVE-2024-38441

Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[len] to '\0' in FPMapName in afp_mapname in...

EPSS

2024-06-16 01:15 PM
2
cve
cve

CVE-2024-38439

Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[PASSWDLEN] to '\0' in FPLoginExt in login in...

7.6AI Score

EPSS

2024-06-16 01:15 PM
3
nvd
nvd

CVE-2024-38440

Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of incorrectly using FPLoginExt in BN_bin2bn in...

EPSS

2024-06-16 01:15 PM
2
cve
cve

CVE-2024-38441

Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[len] to '\0' in FPMapName in afp_mapname in...

7.6AI Score

EPSS

2024-06-16 01:15 PM
2
nvd
nvd

CVE-2024-38439

Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[PASSWDLEN] to '\0' in FPLoginExt in login in...

EPSS

2024-06-16 01:15 PM
2
cve
cve

CVE-2024-38440

Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of incorrectly using FPLoginExt in BN_bin2bn in...

7.7AI Score

EPSS

2024-06-16 01:15 PM
2
openbugbounty
openbugbounty

alt.hennweb.de Cross Site Scripting vulnerability OBB-3935503

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-16 12:52 PM
4
openbugbounty
openbugbounty

mangafoxfull.com Cross Site Scripting vulnerability OBB-3935501

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-16 12:15 PM
4
openbugbounty
openbugbounty

interculturemap.org Cross Site Scripting vulnerability OBB-3935498

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-16 11:10 AM
3
openbugbounty
openbugbounty

mastersflyingschool.com Cross Site Scripting vulnerability OBB-3935495

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-16 10:51 AM
4
openbugbounty
openbugbounty

sweetzies.co.uk Cross Site Scripting vulnerability OBB-3935494

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-16 10:28 AM
5
openbugbounty
openbugbounty

promomania.com.au Cross Site Scripting vulnerability OBB-3935490

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-16 10:07 AM
5
wired
wired

Let Slip the Robot Dogs of War

The United States and China appear locked in a race to weaponize four-legged robots for military...

7.3AI Score

2024-06-16 09:00 AM
openbugbounty
openbugbounty

ggminc.org Cross Site Scripting vulnerability OBB-3935489

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-16 08:25 AM
4
openbugbounty
openbugbounty

descubre.upao.edu.pe Cross Site Scripting vulnerability OBB-3935480

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-16 06:27 AM
3
openbugbounty
openbugbounty

urp.edu.pe Cross Site Scripting vulnerability OBB-3935477

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-16 06:07 AM
4
openbugbounty
openbugbounty

mangakakalot.com Cross Site Scripting vulnerability OBB-3935476

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-16 05:53 AM
3
openbugbounty
openbugbounty

mtech.am Cross Site Scripting vulnerability OBB-3935475

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-16 05:15 AM
4
githubexploit
githubexploit

Exploit for CVE-2024-26229

CVE-2024-26229 Windows CSC服务特权提升漏洞。 ...

7.8CVSS

7.7AI Score

0.0004EPSS

2024-06-16 05:06 AM
11
thn
thn

U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain

Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider. The individual, a 22-year-old man from the United Kingdom, was arrested this week in the Spanish city of Palma de Mallorca as he attempted to board a flight to Italy. The...

7.3AI Score

2024-06-16 04:31 AM
3
debiancve
debiancve

CVE-2024-38428

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host...

6.9AI Score

0.0004EPSS

2024-06-16 03:15 AM
nvd
nvd

CVE-2024-38428

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host...

0.0004EPSS

2024-06-16 03:15 AM
4
cve
cve

CVE-2024-38428

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host...

6.8AI Score

0.0004EPSS

2024-06-16 03:15 AM
3
openbugbounty
openbugbounty

cleanscoop.net Cross Site Scripting vulnerability OBB-3935474

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-16 02:36 AM
2
mageia
mageia

Updated nano packages fix security vulnerability

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges....

4.7CVSS

7.6AI Score

0.0004EPSS

2024-06-16 02:07 AM
5
mageia
mageia

Updated atril packages fix security vulnerability

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the user....

8.5CVSS

7.5AI Score

0.005EPSS

2024-06-16 02:07 AM
6
mageia
mageia

Updated nss & firefox packages fix security vulnerabilities

Use-after-free in networking. (CVE-2024-5702) Use-after-free in JavaScript object transplant. (CVE-2024-5688) External protocol handlers leaked by timing attack. (CVE-2024-5690) Sandboxed iframes were able to bypass sandbox restrictions to open a new window. (CVE-2024-5691) Cross-Origin Image leak....

7.9AI Score

0.0004EPSS

2024-06-16 02:07 AM
6
cve
cve

CVE-2024-38395

In iTerm2 before 3.5.2, the "Terminal may report window title" setting is not honored, and thus remote code execution might occur but "is not trivially...

7.9AI Score

0.0004EPSS

2024-06-16 01:15 AM
nvd
nvd

CVE-2024-38395

In iTerm2 before 3.5.2, the "Terminal may report window title" setting is not honored, and thus remote code execution might occur but "is not trivially...

0.0004EPSS

2024-06-16 01:15 AM
1
cve
cve

CVE-2024-38394

Mismatches in interpreting USB authorization policy between GNOME Settings Daemon (GSD) through 46.0 and the Linux kernel's underlying device matching logic allow a physically proximate attacker to access some unintended Linux kernel USB functionality, such as USB device-specific kernel modules...

6.8AI Score

0.0004EPSS

2024-06-16 12:15 AM
5
nvd
nvd

CVE-2024-38394

Mismatches in interpreting USB authorization policy between GNOME Settings Daemon (GSD) through 46.0 and the Linux kernel's underlying device matching logic allow a physically proximate attacker to access some unintended Linux kernel USB functionality, such as USB device-specific kernel modules...

0.0004EPSS

2024-06-16 12:15 AM
cvelist
cvelist

CVE-2024-38462

iRODS before 4.3.2 provides an msiSendMail function with a problematic dependency on the mail binary, such as in the mailMS.cpp#L94-L106...

EPSS

2024-06-16 12:00 AM
nessus
nessus

FreeBSD : go -- multiple vulnerabilities (a5c64f6f-2af3-11ef-a77e-901b0e9408dc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a5c64f6f-2af3-11ef-a77e-901b0e9408dc advisory. The Go project reports: archive/zip: mishandling of corrupt central directory record The...

7.5AI Score

2024-06-16 12:00 AM
cvelist
cvelist

CVE-2024-38440

Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of incorrectly using FPLoginExt in BN_bin2bn in...

EPSS

2024-06-16 12:00 AM
cvelist
cvelist

CVE-2024-38458

Xenforo before 2.2.16 allows code...

EPSS

2024-06-16 12:00 AM
cvelist
cvelist

CVE-2024-38428

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host...

0.0004EPSS

2024-06-16 12:00 AM
cvelist
cvelist

CVE-2024-38395

In iTerm2 before 3.5.2, the "Terminal may report window title" setting is not honored, and thus remote code execution might occur but "is not trivially...

0.0004EPSS

2024-06-16 12:00 AM
Total number of security vulnerabilities3261409