CVE-2010-4226 affecting package cpio 2.13-3
CVE-2010-4226 affecting package cpio 2.13-3. This CVE either no longer is or was never...
7.5AI Score
0.003EPSS
CVE-2023-23914 affecting package cmake 3.21.4-3
CVE-2023-23914 affecting package cmake 3.21.4-3. This CVE either no longer is or was never...
9.1CVSS
9.9AI Score
0.001EPSS
CVE-2023-25193 affecting package mozjs60 60.9.0-13
CVE-2023-25193 affecting package mozjs60 60.9.0-13. This CVE either no longer is or was never...
7.5CVSS
8.2AI Score
0.002EPSS
CVE-2022-4304 affecting package cloud-hypervisor 22.0-2
CVE-2022-4304 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...
5.9CVSS
8.4AI Score
0.002EPSS
CVE-2022-4415 affecting package systemd 239-43
CVE-2022-4415 affecting package systemd 239-43. This CVE either no longer is or was never...
5.5CVSS
7.9AI Score
0.0004EPSS
CVE-2022-3715 affecting package bash 4.4.23-1
CVE-2022-3715 affecting package bash 4.4.23-1. This CVE either no longer is or was never...
7.8CVSS
9.8AI Score
0.0004EPSS
CVE-2022-38128 affecting package binutils 2.36.1-2
CVE-2022-38128 affecting package binutils 2.36.1-2. This CVE either no longer is or was never...
7.5AI Score
EPSS
CVE-2021-3996 affecting package util-linux 2.32.1-7
CVE-2021-3996 affecting package util-linux 2.32.1-7. This CVE either no longer is or was never...
5.5CVSS
5.9AI Score
0.0004EPSS
CVE-2021-33463 affecting package yasm 1.3.0-14
CVE-2021-33463 affecting package yasm 1.3.0-14. This CVE either no longer is or was never...
5.5CVSS
7.5AI Score
0.001EPSS
CVE-2022-1050 affecting package qemu-kvm 4.2.0-38
CVE-2022-1050 affecting package qemu-kvm 4.2.0-38. This CVE either no longer is or was never...
8.8CVSS
9.1AI Score
0.0004EPSS
CVE-2021-34141 affecting package numpy 1.16.6-2
CVE-2021-34141 affecting package numpy 1.16.6-2. This CVE either no longer is or was never...
5.3CVSS
9.8AI Score
0.001EPSS
CVE-2018-25032 affecting package python2 for versions less than 2.7.18-13
CVE-2018-25032 affecting package python2 for versions less than 2.7.18-13. This CVE either no longer is or was never...
7.5CVSS
7.5AI Score
0.003EPSS
CVE-2022-41724 affecting package gcc 9.1.0-7
CVE-2022-41724 affecting package gcc 9.1.0-7. This CVE either no longer is or was never...
7.5CVSS
9AI Score
0.001EPSS
CVE-2023-0215 affecting package rust 1.59.0-1
CVE-2023-0215 affecting package rust 1.59.0-1. This CVE either no longer is or was never...
7.5CVSS
8.4AI Score
0.004EPSS
CVE-2022-4450 affecting package rust 1.59.0-1
CVE-2022-4450 affecting package rust 1.59.0-1. This CVE either no longer is or was never...
7.5CVSS
9AI Score
0.001EPSS
CVE-2022-4450 affecting package cloud-hypervisor 22.0-2
CVE-2022-4450 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...
7.5CVSS
9AI Score
0.001EPSS
CVE-2020-2801 affecting package openjdk8 1.8.0.332-1
CVE-2020-2801 affecting package openjdk8 1.8.0.332-1. This CVE either no longer is or was never...
9.8CVSS
9.8AI Score
0.046EPSS
CVE-2022-38127 affecting package binutils 2.36.1-2
CVE-2022-38127 affecting package binutils 2.36.1-2. This CVE either no longer is or was never...
7.5AI Score
EPSS
CVE-2021-35938 affecting package rpm 4.14.2-15
CVE-2021-35938 affecting package rpm 4.14.2-15. This CVE either no longer is or was never...
6.7CVSS
7.5AI Score
0.001EPSS
CVE-2021-3997 affecting package systemd 239-42
CVE-2021-3997 affecting package systemd 239-42. This CVE either no longer is or was never...
5.5CVSS
7.5AI Score
0.001EPSS
CVE-2021-33458 affecting package yasm 1.3.0-14
CVE-2021-33458 affecting package yasm 1.3.0-14. This CVE either no longer is or was never...
5.5CVSS
7.5AI Score
0.001EPSS
CVE-2020-15945 affecting package lua 5.3.5-9
CVE-2020-15945 affecting package lua 5.3.5-9. This CVE either no longer is or was never...
5.5CVSS
9.7AI Score
0.0004EPSS
CVE-2023-25193 affecting package qt5-qtbase 5.12.11-7
CVE-2023-25193 affecting package qt5-qtbase 5.12.11-7. This CVE either no longer is or was never...
7.5CVSS
8.2AI Score
0.002EPSS
CVE-2023-25136 affecting package openssh 8.9p1-3
CVE-2023-25136 affecting package openssh 8.9p1-3. This CVE either no longer is or was never...
6.5CVSS
8.4AI Score
0.009EPSS
CVE-2018-25078 affecting package man-db 2.8.4-5
CVE-2018-25078 affecting package man-db 2.8.4-5. This CVE either no longer is or was never...
7.8CVSS
7.5AI Score
0.0004EPSS
CVE-2022-3515 affecting package gnupg2 2.2.20-4
CVE-2022-3515 affecting package gnupg2 2.2.20-4. This CVE either no longer is or was never...
9.8CVSS
9.9AI Score
0.005EPSS
CVE-2020-0569 affecting package qt5-qtsvg 5.12.11-4
CVE-2020-0569 affecting package qt5-qtsvg 5.12.11-4. This CVE either no longer is or was never...
5.7CVSS
7.5AI Score
0.0004EPSS
CVE-2021-3672 affecting package pgbouncer 1.16.1-1
CVE-2021-3672 affecting package pgbouncer 1.16.1-1. This CVE either no longer is or was never...
5.6CVSS
9.8AI Score
0.002EPSS
CVE-2021-3995 affecting package util-linux 2.32.1-7
CVE-2021-3995 affecting package util-linux 2.32.1-7. This CVE either no longer is or was never...
5.5CVSS
5.9AI Score
0.0004EPSS
CVE-2010-4756 affecting package glibc 2.28-24
CVE-2010-4756 affecting package glibc 2.28-24. This CVE either no longer is or was never...
7.5AI Score
0.008EPSS
CVE-2023-44487 affecting package containerized-data-importer for versions less than 1.55.0-15
CVE-2023-44487 affecting package containerized-data-importer for versions less than 1.55.0-15. A patched version of the package is...
7.5CVSS
8.5AI Score
0.732EPSS
CVE-2023-44487 affecting package csi-driver-lvm for versions less than 0.4.1-13
CVE-2023-44487 affecting package csi-driver-lvm for versions less than 0.4.1-13. This CVE either no longer is or was never...
7.5CVSS
8AI Score
0.732EPSS
CVE-2023-44487 affecting package nmi for versions less than 1.8.7-14
CVE-2023-44487 affecting package nmi for versions less than 1.8.7-14. This CVE either no longer is or was never...
7.5CVSS
8AI Score
0.732EPSS
CVE-2023-39325 affecting package vitess for versions less than 16.0.2-5
CVE-2023-39325 affecting package vitess for versions less than 16.0.2-5. This CVE either no longer is or was never...
7.5CVSS
7.9AI Score
0.002EPSS
CVE-2023-44487 affecting package vitess for versions less than 16.0.2-5
CVE-2023-44487 affecting package vitess for versions less than 16.0.2-5. This CVE either no longer is or was never...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2018-14040 affecting package reaper for versions less than 3.1.1-1
CVE-2018-14040 affecting package reaper for versions less than 3.1.1-1. This CVE either no longer is or was never...
6.1CVSS
6.7AI Score
0.008EPSS
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
CVE-2024-38272 Auth Bypass in Quickshare
There exists a vulnerability in Quickshare/Nearby where an attacker can bypass the accept file dialog on QuickShare Windows. Normally in QuickShare Windows app we can't send a file without the user accept from the receiving device if the visibility is set to everyone mode or contacts mode. We...
EPSS
CVE-2024-38271 Denial of Service in Quickshare
There exists a vulnerability in Quickshare/Nearby where an attacker can force the a victim to stay connected to a temporary hotspot created for the share. As part of the sequence of packets in a QuickShare connection over Bluetooth, the attacker forces the victim to connect to the attacker’s WiFi.....
EPSS
EPSS
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Magarsus Consultancy SSO (Single Sign On) allows Manipulating Hidden Fields.This issue affects SSO (Single Sign On): from 1.0 before...
6.1CVSS
EPSS
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 200 - Exposure of Sensitive Information to an Unauthorized Actor, CWE - 522 - Insufficiently Protected Credentials vulnerability in Magarsus Consultancy SSO (Single Sign On) allows SQL Injection.This issue.....
9.8CVSS
EPSS
CVE-2024-4604 Open Redirect in Magarsus Consultancy's SSO
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Magarsus Consultancy SSO (Single Sign On) allows Manipulating Hidden Fields.This issue affects SSO (Single Sign On): from 1.0 before...
6.1CVSS
EPSS
New MOVEit Transfer Vulnerability Under Active Exploitation - Patch ASAP!
A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed. The vulnerability, tracked as CVE-2024-5806 (CVSS score: 9.1), concerns an authentication bypass that...
9.8CVSS
0.969EPSS
CVE-2024-4228 SQLi in Magarsus Consultancy's SSO
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 200 - Exposure of Sensitive Information to an Unauthorized Actor, CWE - 522 - Insufficiently Protected Credentials vulnerability in Magarsus Consultancy SSO (Single Sign On) allows SQL Injection.This issue.....
9.8CVSS
EPSS
CVE-2024-4228 SQLi in Magarsus Consultancy's SSO
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 200 - Exposure of Sensitive Information to an Unauthorized Actor, CWE - 522 - Insufficiently Protected Credentials vulnerability in Magarsus Consultancy SSO (Single Sign On) allows SQL Injection.This issue.....
9.8CVSS
7.6AI Score
EPSS
About a year ago I wrote that "I want to use XAES-256-GCM/11, which has a number of nice properties and only the annoying defect of not existing." Well, there is now an XAES-256-GCM specification. (Had to give up on the /11 part, but that was just a performance optimization.) XAES-256-GCM is an...
Federal Reserve “breached” data may actually belong to Evolve Bank
A shockwave went through the financial world when ransomware group LockBit claimed to have breached the US Federal Reserve, the central banking system of the United States. On LockBit's dark web leak site, the group threatened to release over 30 TB of banking information containing Americans'...
October System module has a Reflected XSS via X-October-Request-Handler Header
Impact The X-October-Request-Handler Header does not sanitize the AJAX handler name and allows unescaped HTML to be reflected back. There is no impact since this vulnerability cannot be exploited through normal browser interactions. This unescaped value is only detectable when using a proxy...
EPSS
en.radreisen.at Cross Site Scripting vulnerability OBB-3939116
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score