openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1641-1)
The remote host is missing an update for...
7.8CVSS
7.3AI Score
EPSS
Stark Industries Solutions: An Iron Hammer in the Cloud
The homepage of Stark Industries Solutions. Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government.....
6.8AI Score
D-Link DAR-8000-10 - Command Injection
D-Link DAR-8000-10 version has an operating system command injection vulnerability. The vulnerability originates from the parameter id of the file /app/sys1.php which can lead to operating system command...
9.8CVSS
8.4AI Score
0.924EPSS
kernel security, bug fix, and enhancement update
[4.18.0-553.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with...
9.8CVSS
8AI Score
EPSS
Ghost allows CSV Injection during member CSV export
Ghost before 5.82.0 allows CSV Injection during a member CSV...
7.5AI Score
EPSS
Ghost allows CSV Injection during member CSV export
Ghost before 5.82.0 allows CSV Injection during a member CSV...
7.2AI Score
EPSS
xmedcon 0.23.0 and fixed in v.0.24.0 is vulnerable to Buffer Overflow via libs/dicom/basic.c which allows an attacker to execute arbitrary...
7.5AI Score
EPSS
xmedcon 0.23.0 and fixed in v.0.24.0 is vulnerable to Buffer Overflow via libs/dicom/basic.c which allows an attacker to execute arbitrary...
7.2AI Score
EPSS
7.1AI Score
EPSS
6.9AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.8AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.8AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.8AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dm_io_dec_pending() calls end_io_acct() first and will then dec md in-flight pending count. But if a task is swapping DM table at same time this can result in a crash due to...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dm_io_dec_pending() calls end_io_acct() first and will then dec md in-flight pending count. But if a task is swapping DM table at same time this can result in a crash due to...
6.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dm_io_dec_pending() calls end_io_acct() first and will then dec md in-flight pending count. But if a task is swapping DM table at same time this can result in a crash due to...
6.4AI Score
0.0004EPSS
CVE-2021-47435 dm: fix mempool NULL pointer race when completing IO
In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dm_io_dec_pending() calls end_io_acct() first and will then dec md in-flight pending count. But if a task is swapping DM table at same time this can result in a crash due to...
6.6AI Score
0.0004EPSS
CVE-2021-47435 dm: fix mempool NULL pointer race when completing IO
In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dm_io_dec_pending() calls end_io_acct() first and will then dec md in-flight pending count. But if a task is swapping DM table at same time this can result in a crash due to...
6.2AI Score
0.0004EPSS
xmedcon 0.23.0 and fixed in v.0.24.0 is vulnerable to Buffer Overflow via libs/dicom/basic.c which allows an attacker to execute arbitrary...
7.9AI Score
EPSS
CentOS 8 : libssh (CESA-2024:3233)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3233 advisory. A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This...
5.3CVSS
6.8AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dm_io_dec_pending() calls end_io_acct() first and will then dec md in-flight pending count. But if a task is swapping DM table at same time this can result in a crash due to...
6.5AI Score
0.0004EPSS
Stack-based Buffer Overflow vulnerability in ZkTeco-based OEM devices allows, in some cases, the execution of arbitrary code. Due to the lack of protection mechanisms such as stack canaries and PIE, it is possible to successfully execute code even under restrictive conditions. This issue affects .....
10CVSS
7.8AI Score
0.0004EPSS
Stack-based Buffer Overflow vulnerability in ZkTeco-based OEM devices allows, in some cases, the execution of arbitrary code. Due to the lack of protection mechanisms such as stack canaries and PIE, it is possible to successfully execute code even under restrictive conditions. This issue affects .....
10CVSS
9.9AI Score
0.0004EPSS
CVE-2023-3943 Multiple buffer overflow in ZkTeco-based OEM devices
Stack-based Buffer Overflow vulnerability in ZkTeco-based OEM devices allows, in some cases, the execution of arbitrary code. Due to the lack of protection mechanisms such as stack canaries and PIE, it is possible to successfully execute code even under restrictive conditions. This issue affects .....
10CVSS
9.9AI Score
0.0004EPSS
CVE-2023-3943 Multiple buffer overflow in ZkTeco-based OEM devices
Stack-based Buffer Overflow vulnerability in ZkTeco-based OEM devices allows, in some cases, the execution of arbitrary code. Due to the lack of protection mechanisms such as stack canaries and PIE, it is possible to successfully execute code even under restrictive conditions. This issue affects .....
10CVSS
7.8AI Score
0.0004EPSS
An 'SQL Injection' vulnerability, due to improper neutralization of special elements used in SQL commands, exists in ZKTeco-based OEM devices. This vulnerability allows an attacker to, in some cases, impersonate another user or perform unauthorized actions. In other instances, it enables the...
7.5CVSS
7.7AI Score
0.0004EPSS
An 'SQL Injection' vulnerability, due to improper neutralization of special elements used in SQL commands, exists in ZKTeco-based OEM devices. This vulnerability allows an attacker to, in some cases, impersonate another user or perform unauthorized actions. In other instances, it enables the...
7.5CVSS
7.5AI Score
0.0004EPSS
CVE-2023-3942 Multiple SQLi in ZkTeco-based OEM devices
An 'SQL Injection' vulnerability, due to improper neutralization of special elements used in SQL commands, exists in ZKTeco-based OEM devices. This vulnerability allows an attacker to, in some cases, impersonate another user or perform unauthorized actions. In other instances, it enables the...
7.5CVSS
7.6AI Score
0.0004EPSS
CVE-2023-3942 Multiple SQLi in ZkTeco-based OEM devices
An 'SQL Injection' vulnerability, due to improper neutralization of special elements used in SQL commands, exists in ZKTeco-based OEM devices. This vulnerability allows an attacker to, in some cases, impersonate another user or perform unauthorized actions. In other instances, it enables the...
7.5CVSS
7.7AI Score
0.0004EPSS