Rockwell Automation Arena Simulation Software Free After Use Vulnerability
Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. A free after-use vulnerability exists in Rockwell Automation Arena Simulation Software, which can be exploited by an attacker to insert...
7.8CVSS
6.9AI Score
0.0004EPSS
(RHSA-2024:1514) Important: libreoffice security fix update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
8.9AI Score
0.001EPSS
(RHSA-2024:1513) Important: libreoffice security fix update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
8.9AI Score
0.001EPSS
(RHSA-2024:1512) Important: libreoffice security fix update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
8.9AI Score
0.001EPSS
Important: libreoffice security fix update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
8.8CVSS
6.9AI Score
0.001EPSS
K000139043 : Apache Struts vulnerabilities CVE-2016-4430, CVE-2016-4431, and CVE-2016-4433
Security Advisory Description CVE-2016-4430 Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors. CVE-2016-4431 Apache Struts 2 2.3.20 through 2.3.28.1 allows remote...
8.8CVSS
7.4AI Score
0.009EPSS
Important: libreoffice security fix update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
8.8CVSS
7.5AI Score
0.001EPSS
RHEL 8 : libreoffice (RHSA-2024:1514)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1514 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word...
8.8CVSS
9.1AI Score
0.001EPSS
DzzOffice Cross-Site Scripting Vulnerability (CNVD-2024-15545)
DzzOffice is a platform that provides online collaborative office suite functionality from the American company Big Desk (DzzOffice). The platform can be used to provide online documents, forms, webstores, presentations and other features. A cross-site scripting vulnerability exists in dzzoffice...
6.3AI Score
0.0004EPSS
7.4AI Score
RHEL 8 : libreoffice (RHSA-2024:1513)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1513 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word...
8.8CVSS
9.2AI Score
0.001EPSS
RHEL 8 : libreoffice (RHSA-2024:1512)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1512 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word...
8.8CVSS
9.1AI Score
0.001EPSS
Security Advisory Description CVE-2011-1176 The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which...
8.6AI Score
0.018EPSS
(RHSA-2024:1480) Important: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
7.1AI Score
0.001EPSS
Summary A Security Vulnerability in IBM GSKit that ships with IBM Security Directory Server Container Products has been addressed in an update. Vulnerability Details ** CVEID: CVE-2023-32342 DESCRIPTION: **IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a...
7.5CVSS
9.1AI Score
0.001EPSS
K000139026 : NTP vulnerability CVE-2009-3563
Security Advisory Description ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE.....
6.9AI Score
0.965EPSS
Fedora: Security Advisory for libreoffice (FEDORA-2024-5f94556a31)
The remote host is missing an update for...
7.5AI Score
RHEL 8 : libreoffice (RHSA-2024:1480)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1480 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word...
8.8CVSS
9.2AI Score
0.001EPSS
7.4AI Score
[SECURITY] Fedora 40 Update: libreoffice-24.2.1.2-5.fc40
LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. ...
7.2AI Score
K000138990 : BIND vulnerability CVE-2023-4408
Security Advisory Description The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this....
7.5CVSS
7.2AI Score
0.001EPSS
K000138989 : BIND vulnerability CVE-2023-5517
Security Advisory Description A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response....
7.5CVSS
7.3AI Score
0.001EPSS
K000138991 : BIND vulnerability CVE-2023-6516
Security Advisory Description To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is...
7.5CVSS
7AI Score
0.001EPSS
(RHSA-2024:1473) Important: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
7.3AI Score
0.001EPSS
Summary Vulnerability in IBM® SDK, Java™ Technology affect Cloud Pak System. Vulnerability Details ** CVEID: CVE-2022-3676 DESCRIPTION: **Eclipse Openj9 could allow a remote attacker to bypass security restrictions, caused by improper runtime type check by the interface calls. By sending a...
6.5CVSS
6.4AI Score
0.001EPSS
A SQL Injection has been found on SCAN_VISIO eDocument Suite Web Viewer of Abast. This vulnerability allows an unauthenticated user to retrieve, update and delete all the information of database. This vulnerability was found on login page via "user"...
9.8CVSS
7.8AI Score
0.0004EPSS
A SQL Injection has been found on SCAN_VISIO eDocument Suite Web Viewer of Abast. This vulnerability allows an unauthenticated user to retrieve, update and delete all the information of database. This vulnerability was found on login page via "user"...
9.8CVSS
9.9AI Score
0.0004EPSS
CVE-2024-29732 SQL Injection vulnerability on SCAN_VISIO eDocument Suite Web Viewer from Abast
A SQL Injection has been found on SCAN_VISIO eDocument Suite Web Viewer of Abast. This vulnerability allows an unauthenticated user to retrieve, update and delete all the information of database. This vulnerability was found on login page via "user"...
9.8CVSS
10AI Score
0.0004EPSS
Code execution vulnerability in multiple Mozilla products (CNVD-2024-14978)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox (the web browser).Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in several Mozilla products that.....
7.6AI Score
0.0004EPSS
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a8448963-e6f5-11ee-a784-dca632daf43b advisory. Under certain configurations of --tlsCAFile and tls.CAFile, MongoDB Server may skip peer...
8.8CVSS
7.5AI Score
0.0004EPSS
Code execution vulnerability in multiple Mozilla products (CNVD-2024-14979)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox (the web browser).Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products that....
7.7AI Score
0.0004EPSS
K000138977 : ncurses vulnerability CVE-2022-29458
Security Advisory Description ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. (CVE-2022-29458) Impact There is no impact; F5 products are not affected by this...
7.1CVSS
9.7AI Score
0.001EPSS
K000138966 : Intel Xeon CPU vulnerability CVE-2023-23908
Security Advisory Description Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access. (CVE-2023-23908) Impact This vulnerability may allow a privileged user to enable information.....
4.4CVSS
6AI Score
0.0004EPSS
Code execution vulnerability in multiple Mozilla products (CNVD-2024-14977)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox (the web browser).Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in several Mozilla products,...
7.9AI Score
0.0004EPSS
RHEL 8 : libreoffice (RHSA-2024:1473)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1473 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word...
8.8CVSS
9.2AI Score
0.001EPSS
Mozilla Firefox ESR and Thunderbird Denial of Service Vulnerabilities
Mozilla Firefox ESR is an extended support version of Firefox (the Web browser).Mozilla Thunderbird is a suite of e-mail client software separate from the Mozilla Application Suite. A denial of service vulnerability exists in Mozilla Firefox ESR and Thunderbird, which is caused by an ICU...
6.3AI Score
0.0004EPSS
8CVSS
7.4AI Score
0.0004EPSS
Code execution vulnerability in multiple Mozilla products (CNVD-2024-14974)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox (the web browser).Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products that....
7.8AI Score
0.0004EPSS
Code execution vulnerability in multiple Mozilla products (CNVD-2024-14975)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox (the web browser).Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in several Mozilla products and...
7.7AI Score
0.0004EPSS
Multiple Mozilla product security bypass vulnerabilities (CNVD-2024-14980)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox (the web browser).Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A security bypass vulnerability exists in several Mozilla products,...
6.4AI Score
0.0004EPSS
Dissecting a complex vulnerability and achieving arbitrary code execution in Ichitaro Word
Cisco Talos disclosed several vulnerabilities in JustSystems' Ichitaro Word Processor last year. These vulnerabilities were complex and were discovered through extensive reverse engineering. CVE-2023-35126 and its peers (CVE-2023-34366, CVE-2023-38127, and CVE-2023-38128) were each assessed as...
7.8CVSS
6.9AI Score
0.004EPSS
Summary BM Maximo Application Suite uses urllib3-2.0.3-py3-none-any.whl which is vulnerable to CVE-2023-45803. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2023-45803 DESCRIPTION: **urllib3 could allow a remote authenticated...
4.2CVSS
6.3AI Score
0.0004EPSS
[SECURITY] [DLA 3767-1] imagemagick security update
Debian LTS Advisory DLA-3767-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucaries March 20, 2024 https://wiki.debian.org/LTS Package : imagemagick Version : 8:6.9.10.23+dfsg-2.1+deb10u7...
7.1CVSS
6.7AI Score
0.001EPSS
K000138953 : Python vulnerability CVE-2023-41105
Security Advisory Description An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\0' byte. There are plausible cases in which an application would have rejected a filename for....
7.5CVSS
6.5AI Score
0.001EPSS
7.8CVSS
7.2AI Score
EPSS
7.8CVSS
7.4AI Score
0.001EPSS
K000138957 : Libxml2 vulnerability CVE-2023-39615
Security Advisory Description Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor's position is...
6.5CVSS
7.2AI Score
0.0005EPSS
7.4AI Score
0.0004EPSS
A vulnerability, which was classified as problematic, was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected is an unknown function of the file /nac/naccheck.php. The manipulation of the argument username leads to improper neutralization of data within xpath expressions. It is...
4.3CVSS
4.7AI Score
0.0004EPSS
A vulnerability, which was classified as problematic, was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected is an unknown function of the file /nac/naccheck.php. The manipulation of the argument username leads to improper neutralization of data within xpath expressions. It is...
4.3CVSS
6.7AI Score
0.0004EPSS