9CVSS
7AI Score
0.009EPSS
8.3CVSS
7AI Score
0.009EPSS
8.3AI Score
0.882EPSS
5.9CVSS
6.1AI Score
0.001EPSS
June 8, 2021—KB5003635 (OS Build 18363.1621)
June 8, 2021—KB5003635 (OS Build 18363.1621) EXPIRATION NOTICEAs of 9/12/2023, KB5003635 is only available from Windows Update. This update is no longer available from the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality.....
9.4CVSS
7.5AI Score
0.972EPSS
On NXP MIFARE Ultralight and NTAG cards, an attacker can interrupt a write operation (aka conduct a "tear off" attack) over RFID to bypass a Monotonic Counter protection mechanism. The impact depends on how the anti tear-off feature is used in specific applications such as public transportation,...
4.2CVSS
4.4AI Score
0.001EPSS
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This....
8.8CVSS
7.9AI Score
0.019EPSS
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This....
8.8CVSS
7.7AI Score
0.019EPSS
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This....
8.8CVSS
0.019EPSS
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This....
8.8CVSS
8.9AI Score
0.019EPSS
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This....
8.8CVSS
8.2AI Score
0.019EPSS
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This....
8.8CVSS
8.9AI Score
0.019EPSS
CVE-2021-32625 Redis vulnerability in STRALGO LCS on 32-bit systems
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This....
7.5CVSS
9.3AI Score
0.019EPSS
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This....
8.8CVSS
1.4AI Score
0.019EPSS
[ASA-202106-12] redis: arbitrary code execution
Arch Linux Security Advisory ASA-202106-12 Severity: High Date : 2021-06-01 CVE-ID : CVE-2021-32625 Package : redis Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-2022 Summary The package redis before version 6.2.4-1 is vulnerable to arbitrary...
8.8CVSS
2AI Score
0.019EPSS
Unbreakable Enterprise kernel-container security update
[5.4.17-2102.201.3.el8] - locking/qrwlock: Fix ordering in queued_write_lock_slowpath() (Ali Saidi) [Orabug: 32805544] [5.4.17-2102.201.2.el8] - md/bitmap: wait for external bitmap writes to complete during tear down (Sudhakar Panneerselvam) [Orabug: 32764237] - ocfs2: fix deadlock between...
7.8CVSS
-0.3AI Score
0.0005EPSS
Bucky - An Automatic S3 Bucket Discovery Tool
Bucky is an automatic tool designed to discover S3 bucket misconfiguration, Bucky consists up of two modules Bucky firefox addon and Bucky backend engine. Bucky addon reads the source code of the webpages and uses Regular Expression(Regex) to match the S3 bucket used as Content Delivery...
7.3AI Score
python-cryptography security, bug fix, and enhancement update
[3.2.1-4] - CVE-2020-36242: Fixed a bug where certain sequences of update() calls when symmetrically encrypting very large payloads (>2GB) could result in an integer overflow, leading to buffer overflows. - Resolves: rhbz#1926528 [3.2.1-3] - Conflict with non-matching vector package [3.2.1-2]...
9.1CVSS
2.2AI Score
0.008EPSS
Exploit for Vulnerability in Microsoft
ProxyLogon-Mass-RCE Description Python for mass deploying...
9.8CVSS
8.9AI Score
0.975EPSS
Local directory executable lookup in sops (Windows-only)
Impact Windows users using the sops direct editor option (sops file.yaml) can have a local executable named either vi, vim, or nano executed if running sops from cmd.exe This attack is only viable if an attacker is able to place a malicious binary within the directory you are running sops from. As....
0.4AI Score
Local directory executable lookup in sops (Windows-only)
Impact Windows users using the sops direct editor option (sops file.yaml) can have a local executable named either vi, vim, or nano executed if running sops from cmd.exe This attack is only viable if an attacker is able to place a malicious binary within the directory you are running sops from. As....
0.4AI Score
Local directory executable lookup in sops (Windows-only)
Impact Windows users using the sops direct editor option (sops file.yaml) can have a local executable named either vi, vim, or nano executed if running sops from cmd.exe This attack is only viable if an attacker is able to place a malicious binary within the directory you are running sops from. As....
0.4AI Score
openSUSE Security Update : redis (openSUSE-2021-682)
This update for redis fixes the following issues : redis 6.0.13 CVE-2021-29477: Integer overflow in STRALGO LCS command (boo#1185729) CVE-2021-29478: Integer overflow in COPY command for large intsets (boo#1185730) Cluster: Skip unnecessary check which may prevent failure...
8.8CVSS
9AI Score
0.019EPSS
May 11, 2021—KB5003169 (OS Build 18363.1556)
May 11, 2021—KB5003169 (OS Build 18363.1556) UPDATED 5/11/21 REMINDER Windows 10, version 1909 is at end of service on May 11, 2021 for devices running the Home, Pro, Pro for Workstation, Nano Container, and Server SAC editions. After May 11, 2021, these devices will no longer receive monthly...
9.9CVSS
7.1AI Score
0.937EPSS
Unbreakable Enterprise kernel security update
[5.4.17-2102.201.3uek] - locking/qrwlock: Fix ordering in queued_write_lock_slowpath() (Ali Saidi) [Orabug: 32805544] [5.4.17-2102.201.2uek] - md/bitmap: wait for external bitmap writes to complete during tear down (Sudhakar Panneerselvam) [Orabug: 32764237] - ocfs2: fix deadlock between...
7.8CVSS
-0.3AI Score
0.0005EPSS
Unbreakable Enterprise kernel security update
[4.14.35-2047.503.1] - bpf, x86: Validate computation of branch displacements for x86-64 (Piotr Krysiuk) [Orabug: 32759961] {CVE-2021-29154} - uek-rpm: Add Amazon Elastic Network Adapter module to nano rpm. (Somasundaram Krishnasamy) [Orabug: 32781585] - ext4: handle error of...
7.8CVSS
AI Score
0.0005EPSS
Unbreakable Enterprise kernel-container security update
[4.14.35-2047.503.1.el7] - bpf, x86: Validate computation of branch displacements for x86-64 (Piotr Krysiuk) [Orabug: 32759961] {CVE-2021-29154} - uek-rpm: Add Amazon Elastic Network Adapter module to nano rpm. (Somasundaram Krishnasamy) [Orabug: 32781585] - ext4: handle error of...
7.8CVSS
AI Score
0.0005EPSS
Security update for redis (important)
An update that solves three vulnerabilities, contains 8 features and has one errata is now available. Description: This update for redis fixes the following issues: redis 6.0.13 CVE-2021-29477: Integer overflow in STRALGO LCS command (boo#1185729) CVE-2021-29478: Integer overflow in COPY...
8.8CVSS
-0.1AI Score
0.019EPSS
What is minification and why is it needed❓ The Advantages Of Minification
This concept might look simple to understand but it requires deep-understanding for one to interact with the concept properly and know what it entails and what it doesn’t. A bunch of developers use minification in website development, in order to have fast and active web. Minification can be...
-1AI Score
7.8CVSS
8.9AI Score
0.014EPSS
7.8CVSS
8.9AI Score
0.014EPSS
8.3CVSS
6.7AI Score
0.009EPSS
9CVSS
6.7AI Score
0.009EPSS
A privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthorized access to the driver's device...
7.8CVSS
5.7AI Score
0.0004EPSS
A null pointer dereference vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could cause systems to experience a blue screen...
4.4CVSS
4.6AI Score
0.0004EPSS
Lenovo Power Management Driver Vulnerabilities - Lenovo Support NL
Lenovo Security Advisory: LEN-59174 Potential Impact: Privilege escalation, denial of service Severity: Medium Scope of Impact: Lenovo-specific CVE Identifier: CVE-2021-3462, CVE-2021-3463 Summary Description: The following vulnerabilities were reported in Lenovo Power Management Driver for...
4.4CVSS
0.3AI Score
0.0004EPSS
April 13, 2021—KB5001337 (OS Build 18363.1500)
April 13, 2021—KB5001337 (OS Build 18363.1500) NEW 4/13/21 IMPORTANT Windows 10, version 1909 will reach end of service on May 11, 2021 for devices running the Home, Pro, Pro for Workstation, Nano Container, and Server SAC editions. After May 11, 2021, these devices will no longer receive monthly.....
9CVSS
8.7AI Score
0.154EPSS
Unbreakable Enterprise kernel security update
[4.14.35-2047.502.4] - Revert 'rds: ib: Remove two ib_modify_qp() calls' (Sharath Srinivasan) [Orabug: 32715567] - uek-rpm: Update SecureBoot Digicert 2021 certificates (Somasundaram Krishnasamy) [Orabug: 32532514] [4.14.35-2047.502.3] - video: hyperv_fb: Fix the mmap() regression for v5.4.y...
7.8CVSS
-0.2AI Score
0.001EPSS
Exploit for Improper Input Validation in Docker Engine
CVE-2020-13401 Study _Study on CVE-2020-13401 vulnerability...
6CVSS
6.4AI Score
0.002EPSS
Unbreakable Enterprise kernel security update
[5.4.17-2102.200.13] - bpf, selftests: Fix up some test_verifier cases for unprivileged (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - bpf: Add sanity check for upper ptr_limit (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - bpf: Simplify...
8.8CVSS
0.1AI Score
0.004EPSS
AnonX - An Encrypted File Transfer Via AES-256-CBC
An Encrypted File transfer via AES-256-CBC AnonX is an encrypted file uploader and downloader. The uploaded archive lasts for one week and shall remove from the server. AnonX encrypts the directory before uploading it to the server. The download function requires the download id and AES password...
7.5AI Score
NewStart CGSL MAIN 6.02 : qt5-qtwebsockets Vulnerability (NS-SA-2021-0085)
The remote NewStart CGSL host, running version MAIN 6.02, has qt5-qtwebsockets packages installed that are affected by a vulnerability: In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it...
7.5CVSS
7.4AI Score
0.001EPSS
A flaw was found in newlib in versions prior to 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nano_memalign, nano_valloc, nano_pvalloc could case an integer overflow, leading to an allocation of a small buffer and then to a heap-based buffer...
9.8CVSS
9AI Score
0.006EPSS
An issue was discovered in the nano_arena crate before 0.5.2 for Rust. There is an aliasing violation in split_at because two mutable references can exist for the same element, if Borrow behaves in certain ways. This can have a resultant out-of-bounds write or...
9.8CVSS
9.4AI Score
0.004EPSS
A flaw was found in newlib in versions prior to 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nano_memalign, nano_valloc, nano_pvalloc could case an integer overflow, leading to an allocation of a small buffer and then to a heap-based buffer overflow....
9.8CVSS
8.8AI Score
0.006EPSS
OWASP ASST (Automated Software Security Toolkit) - A Novel Open Source Web Security Scanner
OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner. Note: AWSS is the older name of ASST Introduction Web applications have become an integral part of everyday life, but many of these applications are deployed with critical vulnerabilities that can be...
7.4AI Score
On Netshield NANO 25 10.2.18 devices, /usr/local/webmin/System/manual_ping.cgi allows OS command injection (after authentication by the attacker) because the system C library function is used...
7.2CVSS
7.4AI Score
0.004EPSS
On Netshield NANO 25 10.2.18 devices, /usr/local/webmin/System/manual_ping.cgi allows OS command injection (after authentication by the attacker) because the system C library function is used...
7.2CVSS
0.004EPSS
On Netshield NANO 25 10.2.18 devices, /usr/local/webmin/System/manual_ping.cgi allows OS command injection (after authentication by the attacker) because the system C library function is used...
7.2CVSS
7.4AI Score
0.004EPSS
On Netshield NANO 25 10.2.18 devices, /usr/local/webmin/System/manual_ping.cgi allows OS command injection (after authentication by the attacker) because the system C library function is used...
7.7AI Score
0.004EPSS