Microsoft Windows 10 21H2 Home SEoL
Microsoft Windows 10 21H2 Home is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
Microsoft Windows 10 2004 SEoL
Microsoft Windows 10 2004 is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Fix out-of-bounds memory access Fix a bug that pdata->cpu_map[] is set before out-of-bounds check. The problem might be triggered on systems with more than 128 cores per...
7.5AI Score
0.0004EPSS
Microsoft Windows 10 20H2 Business SEoL
Microsoft Windows 10 20H2 Business is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
In the Linux kernel, the following vulnerability has been resolved: inet: read sk->sk_family once in inet_recv_error() inet_recv_error() is called without holding the socket lock. IPv6 socket could mutate to IPv4 with IPV6_ADDRFORM socket option and trigger a KCSAN...
7.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() syzbot reported the following general protection fault [1]: general protection fault, probably for non-canonical address 0xdffffc0000000010: 0000 [#1] PREEMPT SMP....
7.4AI Score
0.0004EPSS
Microsoft Windows 10 1607 Pro SEoL
Microsoft Windows 10 1607 Pro is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations - Disallow families other than NFPROTO_{IPV4,IPV6,INET}. - Disallow layer 4 protocol with no ports, since destination port is a mandatory attribute...
7.6AI Score
0.0004EPSS
Microsoft Windows 10 22H2 SEoL
Microsoft Windows 10 22H2 is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
Microsoft Windows 10 1809 Home SEoL
Microsoft Windows 10 1809 Home is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
Microsoft Windows 10 1703 Pro SEoL
Microsoft Windows 10 1703 Pro is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
Microsoft Windows 10 1903 SEoL
Microsoft Windows 10 1903 is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
Microsoft Windows 10 1607 Home SEoL
Microsoft Windows 10 1607 Home is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
9.8CVSS
7.1AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: xgmac: fix handling of DPP safety error for DMA channels Commit 56e58d6c8a56 ("net: stmmac: Implement Safety Features in XGMAC core") checks and reports safety errors, but leaves the Data Path Parity Errors for each...
7.7AI Score
0.0004EPSS
Microsoft Windows 10 1709 Home SEoL
Microsoft Windows 10 1709 Home is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
In the Linux kernel, the following vulnerability has been resolved: ppp_async: limit MRU to 64K syzbot triggered a warning [1] in __alloc_pages(): WARN_ON_ONCE_GFP(order > MAX_PAGE_ORDER, gfp) Willem fixed a similar issue in commit c0a2a1b0d631 ("ppp: limit MRU to 64K") Adopt the same sanity che...
7.5AI Score
0.0004EPSS
Microsoft Windows 10 1709 Pro SEoL
Microsoft Windows 10 1709 Pro is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
Microsoft Windows 10 21H2 Pro SEoL
Microsoft Windows 10 21H2 Pro is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
9.8CVSS
7.1AI Score
0.001EPSS
Microsoft Windows 10 21H1 SEoL
Microsoft Windows 10 21H1 is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
Microsoft Windows 10 21H2 Business SEoL
Microsoft Windows 10 21H2 Business is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
Microsoft Windows 10 1809 Pro SEoL
Microsoft Windows 10 1809 Pro is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race In blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered with the following blk_mq_get_driver_tag() in case of getting driver tag failure. Then in __sbitmap_queue_wake_up(),...
7.5AI Score
0.0004EPSS
Microsoft Windows 10 1703 Home SEoL
Microsoft Windows 10 1703 Home is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
Microsoft Windows 10 20H2 Pro SEoL
Microsoft Windows 10 20H2 Pro is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
Microsoft Windows 10 20H2 Home SEoL
Microsoft Windows 10 20H2 Home is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
Microsoft Windows 10 1909 Home SEoL
Microsoft Windows 10 1909 Home is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
7.4AI Score
Voltronic Power ViewPower Pro getMacAddressByIp Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The.....
9.8CVSS
10AI Score
0.001EPSS
Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous Function Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...
9.8CVSS
9.5AI Score
0.001EPSS
Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous Function Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...
9.8CVSS
9.7AI Score
0.001EPSS
Voltronic Power ViewPower Pro getMacAddressByIp Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The.....
9.8CVSS
9.9AI Score
0.001EPSS
Voltronic Power ViewPower Pro SocketService Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...
7.5CVSS
7.6AI Score
0.001EPSS
Voltronic Power ViewPower Pro SocketService Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...
7.5CVSS
7.8AI Score
0.001EPSS
Voltronic Power ViewPower Pro Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The...
9.8CVSS
9.9AI Score
0.001EPSS
Voltronic Power ViewPower Pro Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The...
9.8CVSS
9.8AI Score
0.001EPSS
Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous Function Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...
9.8CVSS
9.8AI Score
0.001EPSS
Voltronic Power ViewPower Pro getMacAddressByIp Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The.....
9.8CVSS
10AI Score
0.001EPSS
Voltronic Power ViewPower Pro SocketService Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...
7.5CVSS
7.8AI Score
0.001EPSS
Voltronic Power ViewPower Pro Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The...
9.8CVSS
10AI Score
0.001EPSS
Hive Pro Announces Launch of Alliance Partner Program in North America for MSPs and VARs
Herndon, VA – 01 April 2024 – Hive Pro, a pioneer vendor in Threat Exposure Management, announced the formal launch of its North America Alliance Partner Program for Managed Service Providers (MSP) and Value-Added Resellers (VARs). This initiative aims to empower Managed Service Providers (MSPs)...
7.3AI Score
‘Operation FlightNight’ Targeting India with Deceptive Air Force Invitations
Summary: In a campaign dubbed Operation FlightNight, unidentified threat actors have focused on Indian government agencies and energy companies, aiming to deploy a modified variant of an open-source information stealer malware known as HackBrowserData. The threat actors have been observed...
6.9AI Score
Google Patches Critical Zero-Day Exploits Found at Pwn2Own
Summary: Google patched two zero-day vulnerabilities in Chrome (CVE-2024-2886, CVE-2024-2887) from Pwn2Own Vancouver 2024, allowing arbitrary code execution. Updating Chrome is essential to ensure you're protected. Threat Level - Red | Vulnerability Report For a detailed threat advisory, download.....
7.9AI Score
0.0004EPSS
pro-realestate.be Cross Site Scripting vulnerability OBB-3891148
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Insertion of Sensitive Information into Log File vulnerability in Paid Memberships Pro Paid Memberships Pro – Mailchimp Add On pmpro-mailchimp.This issue affects Paid Memberships Pro – Mailchimp Add On: from n/a through...
5.3CVSS
5.3AI Score
0.0004EPSS
Insertion of Sensitive Information into Log File vulnerability in Paid Memberships Pro Paid Memberships Pro – Mailchimp Add On pmpro-mailchimp.This issue affects Paid Memberships Pro – Mailchimp Add On: from n/a through...
5.3CVSS
9.3AI Score
0.0004EPSS
Insertion of Sensitive Information into Log File vulnerability in Paid Memberships Pro Paid Memberships Pro – Mailchimp Add On pmpro-mailchimp.This issue affects Paid Memberships Pro – Mailchimp Add On: from n/a through...
5.3CVSS
5.6AI Score
0.0004EPSS
Metasploit Weekly Wrap-Up 03/29/2024
PHP code execution and Overshare[point] Here in the Northern Hemisphere, Spring is in the air: flowers, bees, pollen… a new Metasploit 6.4 release, and now, fresh on the heels of this new release is a bountiful crop of exploits, features, and bug-fixes. Leading the pack is a pair of 2024 PHP code.....
9.8CVSS
8.4AI Score
0.89EPSS
Insertion of Sensitive Information into Log File vulnerability in Paid Memberships Pro Paid Memberships Pro – Payfast Gateway Add On.This issue affects Paid Memberships Pro – Payfast Gateway Add On: from n/a through...
5.3CVSS
9.3AI Score
0.0004EPSS
Insertion of Sensitive Information into Log File vulnerability in Paid Memberships Pro Paid Memberships Pro – Payfast Gateway Add On.This issue affects Paid Memberships Pro – Payfast Gateway Add On: from n/a through...
5.3CVSS
5.3AI Score
0.0004EPSS