(RHSA-2021:0248) Important: Red Hat JBoss Enterprise Application Platform 7.3.5 security update
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes.....
-0.3AI Score
0.002EPSS
(RHSA-2021:0247) Important: Red Hat JBoss Enterprise Application Platform 7.3.5 security update
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes.....
-0.3AI Score
0.002EPSS
(RHSA-2021:0246) Important: Red Hat JBoss Enterprise Application Platform 7.3.5 security update
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.4, and includes bug fixes.....
-0.3AI Score
0.002EPSS
RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.3.5 (RHSA-2021:0246)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0246 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...
7.5CVSS
6.8AI Score
0.002EPSS
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.3.5 (RHSA-2021:0248)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0248 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...
7.5CVSS
6.7AI Score
0.002EPSS
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.5 (RHSA-2021:0247)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0247 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...
7.5CVSS
6.7AI Score
0.002EPSS
Exploit for Incorrect Authorization in Kubernetes
Create Kubernetes cluster ```bash kind create cluster ...
5CVSS
6.2AI Score
0.002EPSS
Critical WordPress-Plugin Bug Found in 'Orbit Fox' Allows Site Takeover
Two vulnerabilities (one critical) in a WordPress plugin called Orbit Fox could allow attackers to inject malicious code into vulnerable websites and/or take control of a website. Orbit Fox is a multi-featured WordPress plugin that works with the Elementor, Beaver Builder and Gutenberg...
0.2AI Score
Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri before version 1.11.0.rc4 there is an XXE vulnerability. XML Schemas parsed by Nokogiri::XML::Schema are trusted by default, allowing external resources to be accessed over the...
4.3CVSS
4.6AI Score
0.002EPSS
Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri before version 1.11.0.rc4 there is an XXE vulnerability. XML Schemas parsed by Nokogiri::XML::Schema are trusted by default, allowing external resources to be accessed over the...
4.3CVSS
4.2AI Score
0.002EPSS
Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri before version 1.11.0.rc4 there is an XXE vulnerability. XML Schemas parsed by Nokogiri::XML::Schema are trusted by default, allowing external resources to be accessed over the...
4.3CVSS
6AI Score
0.002EPSS
Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri before version 1.11.0.rc4 there is an XXE vulnerability. XML Schemas parsed by Nokogiri::XML::Schema are trusted by default, allowing external resources to be accessed over the...
4.3CVSS
5.2AI Score
0.002EPSS
Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri before version 1.11.0.rc4 there is an XXE vulnerability. XML Schemas parsed by Nokogiri::XML::Schema are trusted by default, allowing external resources to be accessed over the...
4.3CVSS
7.1AI Score
0.002EPSS
Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri before version 1.11.0.rc4 there is an XXE vulnerability. XML Schemas parsed by Nokogiri::XML::Schema are trusted by default, allowing external resources to be accessed over the...
4.3CVSS
4.5AI Score
0.002EPSS
Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri before version 1.11.0.rc4 there is an XXE vulnerability. XML Schemas parsed by Nokogiri::XML::Schema are trusted by default, allowing external resources to be accessed over the...
4.3CVSS
5.3AI Score
0.002EPSS
CVE-2020-26247 XXE in Nokogiri
Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri before version 1.11.0.rc4 there is an XXE vulnerability. XML Schemas parsed by Nokogiri::XML::Schema are trusted by default, allowing external resources to be accessed over the...
2.6CVSS
5.8AI Score
0.002EPSS
Introduction & Context This is a complex XSS that requires multiple steps in order to setup. It also requires you to have a good understanding of both New Relic Insights, New Relic Synthetics monitors, and the NerdGraph API explorer. Background Context: New Relic Synthetics and the history of...
-0.6AI Score
Reflected XSS on apidocs.ucs.ru via GET parameter...
4.3AI Score
Description of Visual Studio 2010 Service Pack 1
Describes information about Visual Studio 2010 Service Pack 1 (SP1). Additionally, this article lists the fixed issues and added technology enhancements in Visual Studio 2010 SP1.NoticeSome of the downloads that are mentioned in this article are currently available on My.VisualStudio.com. This...
-0.4AI Score
(RHSA-2020:5361) Important: Red Hat build of Thorntail 2.7.2 security and bug fix update
This release of Red Hat build of Thorntail 2.7.2 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section. Security Fix(es): picketbox: JBoss EAP reload to admin-only mode allows authentication bypass (CVE-2020-14299) ...
0.4AI Score
0.004EPSS
Stegseek - Worlds Fastest Steghide Cracker, Chewing Through Millions Of Passwords Per Second
Stegseek is a lightning fast steghide cracker that can be used to extract hidden data from files. It is built as a fork of the original steghide project and, as a result, it is thousands of times faster than other crackers and can run through the entirety of rockyou.txt* in under 2 seconds....
7.4AI Score
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.4 (RHSA-2020:5341)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5341 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...
7.5CVSS
8.4AI Score
0.004EPSS
RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.3.4 (RHSA-2020:5340)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5340 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...
7.5CVSS
8.4AI Score
0.004EPSS
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.3.4 (RHSA-2020:5342)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5342 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...
7.5CVSS
8.4AI Score
0.004EPSS
(RHSA-2020:5342) Important: Red Hat JBoss Enterprise Application Platform 7.3.4 security update
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes.....
-0.2AI Score
0.004EPSS
(RHSA-2020:5341) Important: Red Hat JBoss Enterprise Application Platform 7.3.4 security update
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes.....
-0.2AI Score
0.004EPSS
(RHSA-2020:5340) Important: Red Hat JBoss Enterprise Application Platform 7.3.4 security update
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes.....
-0.2AI Score
0.004EPSS
6.1CVSS
6.4AI Score
0.002EPSS
6.1CVSS
-0.1AI Score
0.001EPSS
6.1CVSS
-0.4AI Score
0.035EPSS
6.1CVSS
-0.2AI Score
0.001EPSS
Written by Brandon Azad, when working at Project Zero This is a quick anecdotal post describing one of the more frustrating aspects of vulnerability research: realizing that you missed a bug that was staring you in the face only once you see the patched version! Some suspicious code After writing.....
-0.6AI Score
FAMA - Forensic Analysis For Mobile Apps
LabCIF - Forensic Analysis for Mobile Apps Getting Started Android extraction and analysis framework with an integrated Autopsy Module. Dump easily user data from a device and generate powerful reports for Autopsy or external applications. Functionalities Extract user application data from...
6.9AI Score
Schneider Electric PLC Simulator for EcoStruxure Control Expert
EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: PLC Simulator for EcoStruxure Control Expert Vulnerability: Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this...
7.5CVSS
7.7AI Score
0.001EPSS
GNOME security, bug fix, and enhancement update
dleyna-renderer [0.6.0-3] - Add a manual Resolves: #1612579 frei0r-plugins [1.6.1-7] - Rebuild with newer annobin to fix rpmdiff problems - Fix the build with a newer opencv - Resolves: rhbz#1703994 gdm [3.28.3-34] - Fix file descriptor leak Resolves: #1877853 [3.28.3-33] - Fix problem with Xorg...
9.8CVSS
-0.4AI Score
0.806EPSS
WOW64!Hooks: WOW64 Subsystem Internals and Hooking Techniques
Microsoft is known for their backwards compatibility. When they rolled out the 64-bit variant of Windows years ago they needed to provide compatibility with existing 32-bit applications. In order to provide seamless execution regardless of application bitness, the WoW (Windows on Windows) system...
1AI Score
(RHSA-2020:4931) Moderate: Red Hat Single Sign-On 7.4.3 security update
Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.3 serves as a replacement for Red Hat Single Sign-On 7.4.2, and....
0.7AI Score
0.002EPSS
6.1CVSS
7.1AI Score
0.061EPSS
Exploit for Path Traversal in Iobroker Iobroker.Admin
ioBroker.admin ===================...
9.8CVSS
-0.4AI Score
0.005EPSS
Fedora 33 : phpMyAdmin (2020-43d8624421)
Version 5.0.3 (2020-10-09) issue #15983 Require twig ^2.9 issue Fix option to import files locally appearing as not available issue #16048 Fix to allow NULL as a default bit value issue #16062 Fix 'htmlspecialchars() expects parameter 1 to be string, null given' on Export xml ...
9.8CVSS
8.4AI Score
0.008EPSS
Fedora 32 : phpMyAdmin (2020-4e78c86902)
Version 5.0.3 (2020-10-09) issue #15983 Require twig ^2.9 issue Fix option to import files locally appearing as not available issue #16048 Fix to allow NULL as a default bit value issue #16062 Fix 'htmlspecialchars() expects parameter 1 to be string, null given' on Export xml ...
9.8CVSS
8.4AI Score
0.008EPSS
Fedora 31 : phpMyAdmin (2020-eadda524a8)
Version 5.0.3 (2020-10-09) issue #15983 Require twig ^2.9 issue Fix option to import files locally appearing as not available issue #16048 Fix to allow NULL as a default bit value issue #16062 Fix 'htmlspecialchars() expects parameter 1 to be string, null given' on Export xml ...
9.8CVSS
8.4AI Score
0.008EPSS
xnio is vulnerable to denial of service. A file descriptor leak caused by growing amounts of NIO Selector file handles may lead to an application...
5.9CVSS
1.5AI Score
0.001EPSS
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4245 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...
6.5CVSS
6.7AI Score
0.001EPSS
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4244 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...
6.5CVSS
6.7AI Score
0.001EPSS
(RHSA-2020:4247) Moderate: Red Hat JBoss Enterprise Application Platform 7.3.3 security update
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.2 and includes bug fixes...
0.7AI Score
0.001EPSS
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.2 and includes bug fixes...
0.6AI Score
0.001EPSS
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.2 and includes bug fixes...
0.6AI Score
0.001EPSS
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.2 and includes bug fixes...
0.6AI Score
0.001EPSS
XSS vulnerability when listing users on add & modify server pages.
Impact An XSS vulnerability exists in versions of Pterodactyl Panel before 0.7.19. Affected versions do not properly sanitize account names before rendering them to the dropdown selector in the admin area when creating or modifying a server. Patches This XSS has been addressed in 0.7.19 and will...
0.7AI Score