6.7AI Score
0.0004EPSS
8.6CVSS
8.7AI Score
0.0004EPSS
7.1AI Score
0.0005EPSS
3.7CVSS
4.4AI Score
0.001EPSS
6.2CVSS
6.5AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.0005EPSS
7.5AI Score
0.0004EPSS
6.5CVSS
7.5AI Score
0.001EPSS
7.8CVSS
7.4AI Score
0.002EPSS
RHEL 9 : git-lfs (RHSA-2024:2724)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2724 advisory. Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git,...
7.4AI Score
0.0004EPSS
libvirt security and bug fix update
[10.0.0-6.2.0.1] - Set SOURCE_DATE_EPOCH from changelog [Orabug: 32019554] [10.0.0-6.2.el9_4] - qemu: Fix migration with custom XML (RHEL-32654) [10.0.0-6.1.el9_4] - Fix off-by-one error in udevListInterfacesByStatus (CVE-2024-1441, RHEL-25081) - remote: check for negative array lengths before...
6.2CVSS
8.3AI Score
0.001EPSS
6.6AI Score
0.0004EPSS
7.5CVSS
7.1AI Score
0.008EPSS
8.2CVSS
7.3AI Score
0.0004EPSS
9.8CVSS
7.5AI Score
0.005EPSS
7.8CVSS
7AI Score
0.001EPSS
Important: git-lfs security update
Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS...
7.3AI Score
0.0004EPSS
8.8CVSS
6.7AI Score
0.002EPSS
7.1AI Score
0.0004EPSS
7.5AI Score
0.0004EPSS
5.5CVSS
8AI Score
0.001EPSS
8.2CVSS
7.3AI Score
0.0004EPSS
7.5AI Score
0.0004EPSS
5.5CVSS
7.5AI Score
0.002EPSS
7.2AI Score
0.0004EPSS
Insecure storage of the ICT MIFARE and DESFire encryption keys in the firmware binary allows malicious actors to create credentials for any site code and card number that is using the default ICT...
6.7AI Score
0.0004EPSS
Insecure storage of the ICT MIFARE and DESFire encryption keys in the firmware binary allows malicious actors to create credentials for any site code and card number that is using the default ICT...
6.9AI Score
0.0004EPSS
CVE-2024-29941 Credential Cloning
Insecure storage of the ICT MIFARE and DESFire encryption keys in the firmware binary allows malicious actors to create credentials for any site code and card number that is using the default ICT...
6.9AI Score
0.0004EPSS
Summary IBM Virtualization Engine TS7700 is susceptible to the vulnerabilities listed below due to the embedded use of IBM Db2. IBM Db2 is used in TS7700 to store metadata about the data it manages. CVE-2023-30431, CVE-2023-29257, CVE-2023-26021, CVE-2023-25930, CVE-2023-27559, CVE-2023-40692....
8.4CVSS
10AI Score
0.003EPSS
[SECURITY] [DSA 5681-1] linux security update
Debian Security Advisory DSA-5681-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 06, 2024 https://www.debian.org/security/faq Package : linux CVE ID : CVE-2023-6270 CVE-2023-7042...
8CVSS
7.3AI Score
0.0005EPSS
[SECURITY] [DSA 5680-1] linux security update
Debian Security Advisory DSA-5680-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 06, 2024 https://www.debian.org/security/faq Package : linux CVE ID : CVE-2024-26605 CVE-2024-26817...
7.8CVSS
7AI Score
0.0004EPSS
5.9CVSS
6AI Score
0.0004EPSS
5.9CVSS
7.1AI Score
0.0004EPSS
CVE-2023-43530 Integer Overflow or Wraparound in HLOS
Memory corruption in HLOS while checking for the storage...
5.9CVSS
6.2AI Score
0.0004EPSS
CVE-2023-43530 Integer Overflow or Wraparound in HLOS
Memory corruption in HLOS while checking for the storage...
5.9CVSS
7.2AI Score
0.0004EPSS
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices
The recently uncovered cyber espionage campaign targeting perimeter network devices from several vendors, including Cisco, may have been the work of China-linked actors, according to new findings from attack surface management firm Censys. Dubbed ArcaneDoor, the activity is said to have commenced.....
8.6CVSS
7.2AI Score
0.002EPSS
(RHSA-2024:2699) Important: git-lfs security update
Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS...
7AI Score
0.0004EPSS
Deserialization Of Untrusted Data
sagemaker is vulnerable to Deserialization of Untrusted Data. The vulnerability is due the deserialization of pickled object arrays within the sagemaker.base_deserializers.NumpyDeserializer module, which could allow an unprivileged third party to cause Remote Code Execution or Denial of Service...
7.8CVSS
7.5AI Score
0.0004EPSS
Oracle Linux 9 : libvirt (ELSA-2024-2236)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2236 advisory. A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface...
5CVSS
6.2AI Score
0.0004EPSS
Debian dsa-5680 : affs-modules-6.1.0-21-4kc-malta-di - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5680 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a...
7.8CVSS
6.5AI Score
0.0004EPSS
Important: git-lfs security update
Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS...
7.2AI Score
0.0004EPSS
7.4AI Score
Important: git-lfs security update
Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fix(es): golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS...
7.3AI Score
0.0004EPSS
RHEL 8 : git-lfs (RHSA-2024:2699)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2699 advisory. Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while...
6.8AI Score
0.0004EPSS
Debian dsa-5681 : affs-modules-5.10.0-29-4kc-malta-di - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5681 advisory. Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an...
8CVSS
8.2AI Score
0.0005EPSS
JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom JavaScript payloads in clients. Changelogs Major changes are documented in the project Announcements:...
5.9AI Score
Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities
Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as APT28, drawing condemnation from the European Union (E.U.), the North Atlantic Treaty Organization (NATO), the U.K., and the U.S. The.....
9.8CVSS
7.6AI Score
0.915EPSS
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1490-1)
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1490-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of...
7.8CVSS
7.6AI Score
EPSS
sagemaker-python-sdk vulnerable to Deserialization of Untrusted Data
Impact sagemaker.base_deserializers.NumpyDeserializer module before v2.218.0 allows potentially unsafe deserialization when untrusted data is passed as pickled object arrays. This consequently may allow an unprivileged third party to cause remote code execution, denial of service, affecting both...
7.8CVSS
7.6AI Score
0.0004EPSS
sagemaker-python-sdk vulnerable to Deserialization of Untrusted Data
Impact sagemaker.base_deserializers.NumpyDeserializer module before v2.218.0 allows potentially unsafe deserialization when untrusted data is passed as pickled object arrays. This consequently may allow an unprivileged third party to cause remote code execution, denial of service, affecting both...
7.8CVSS
7.8AI Score
0.0004EPSS