7.8CVSS
7.2AI Score
EPSS
Security Update for Microsoft .NET Core SDK (May 2024)
The version of .NET Core SDK installed on the remote host is 7.x prior to 7.0.19 or 8.x prior to 8.0.5. It is, therefore, affected by remote code execution vulnerability as referenced in the May 2024 advisory: A remote code execution vulnerability. An attacker can exploit this to bypass...
6.3CVSS
8.6AI Score
0.0005EPSS
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2024-1609)
The remote host is missing an update for the Huawei...
5.9CVSS
7.1AI Score
0.963EPSS
.NET Core Multiple Vulnerabilities (KB5038351)
This host is missing an important security update according to Microsoft...
6.3CVSS
5.8AI Score
0.0005EPSS
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1642-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1642-1 advisory. In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4...
7.8CVSS
7.8AI Score
0.0004EPSS
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1643-1)
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1643-1 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two...
7.8CVSS
7.2AI Score
EPSS
Grafana directory traversal for .cvs files
Today we are releasing Grafana 8.3.2 and 7.5.12. This patch release includes a moderate severity security fix for directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is....
7.5CVSS
4.5AI Score
0.975EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
8AI Score
EPSS
7.7AI Score
EPSS
A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this issue is some unknown functionality of the file /admin/maintenance/manage_brand.php. The manipulation of the argument id leads to sql injection. The attack may....
6.3CVSS
6.8AI Score
0.0004EPSS
A path traversal issue potentially leading to remote code execution in Genie for all versions prior to...
9.9CVSS
9.8AI Score
0.0004EPSS
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Short Name...
5.6AI Score
EPSS
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Information...
5.8AI Score
EPSS
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Short Name...
5.8AI Score
EPSS
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Information...
5.6AI Score
EPSS
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via goform/formWPS, allows remote authenticated users to trigger a denial of service (DoS) through the parameter...
6.9AI Score
EPSS
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formWlanGuestSetup allows remote authenticated users to trigger a denial of service (DoS) through the parameter...
6.7AI Score
EPSS
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via goform/formWPS, allows remote authenticated users to trigger a denial of service (DoS) through the parameter...
6.7AI Score
EPSS
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formTcpipSetup allows remote authenticated users to trigger a denial of service (DoS) through the parameter...
6.7AI Score
EPSS
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formWlanSetup_Wizard allows remote authenticated users to trigger a denial of service (DoS) through the parameter...
6.7AI Score
EPSS
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formTcpipSetup allows remote authenticated users to trigger a denial of service (DoS) through the parameter...
6.9AI Score
EPSS
An issue in Open-Source Technology Committee SRS real-time video server RS/4.0.268(Leo) and SRS/4.0.195(Leo) allows a remote attacker to execute arbitrary code via a crafted...
7.8AI Score
EPSS
.NET 7.0 Update - May 14, 2024 (KB5038351)
.NET 7.0 Update - May 14, 2024 (KB5038351) NET 7.0 has been refreshed with the latest update as of May 14, 2024. This update contains both security and non-security fixes. See the release notes for details on updated packages..NET 7.0 servicing updates are upgrades. The latest servicing update for....
6.3CVSS
7AI Score
0.0005EPSS
.NET 6.0 Update - May 14, 2024 (KB5038350)
.NET 6.0 Update - May 14, 2024 (KB5038350) .NET 6.0 has been refreshed with the latest update as of May 14, 2024. This update contains only non-security fixes. See the release notes for details on updated packages..NET 6.0 servicing updates are upgrades. The latest servicing update for 6.0 will...
6.9AI Score
Unbreakable Enterprise kernel-container security update
[5.4.17-2136.331.7.el7] - Revert 'tracing/trigger: Fix to return error if failed to alloc snapshot' (Siddh Raman Pant) - Revert 'selftests: mm: fix map_hugetlb failure on 64K page size systems' (Harshit Mogalapalli) [Orabug: 36584568] - Revert 'net/mlx5: Enable SW-defined RoCEv2 UDP source port'...
8.3AI Score
EPSS
Unbreakable Enterprise kernel security update
[4.14.35-2047.536.5] - mmc: core: Fix switch on gp3 partition (Dominique Martinet) - Revert 'Revert 'md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d'' (Song Liu) - mm/memory-failure: fix an incorrect use of tail pages (Liu Shixin) - Revert 'x86/mm/ident_map: Use gbpages only where full GB page...
7.8CVSS
7.6AI Score
0.011EPSS
Unbreakable Enterprise kernel security update
[5.4.17-2136.331.7] - Revert 'tracing/trigger: Fix to return error if failed to alloc snapshot' (Siddh Raman Pant) - Revert 'selftests: mm: fix map_hugetlb failure on 64K page size systems' (Harshit Mogalapalli) [Orabug: 36584568] - Revert 'net/mlx5: Enable SW-defined RoCEv2 UDP source port'...
8.3AI Score
EPSS
CVE-2024-4798 SourceCodester Online Computer and Laptop Store manage_brand.php sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this issue is some unknown functionality of the file /admin/maintenance/manage_brand.php. The manipulation of the argument id leads to sql injection. The attack may....
6.3CVSS
7AI Score
0.0004EPSS
CVE-2024-4798 SourceCodester Online Computer and Laptop Store manage_brand.php sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this issue is some unknown functionality of the file /admin/maintenance/manage_brand.php. The manipulation of the argument id leads to sql injection. The attack may....
6.3CVSS
7.3AI Score
0.0004EPSS
RHEL 6 : libssh (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libssh: authorization bypass in pki_verify_data_signature (CVE-2023-2283) A flaw was found in the libssh...
7.2AI Score
0.002EPSS
RHEL 5 : kernel (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c ...
8.8AI Score
EPSS
RHEL 6 : kernel (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: Buffer overflow due to unbounded strcpy in ISDN I4L driver (CVE-2017-12762) kernel: lack of port...
8.7AI Score
EPSS
RHEL 7 : libssh (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libssh: NULL pointer dereference in sftpserver.c if ssh_buffer_new returns NULL (CVE-2020-16135) libssh:...
7.8AI Score
0.006EPSS