MD-404AA, MD-808AA Security Vulnerabilities
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
EulerOS Virtualization 2.11.0 : libssh (EulerOS-SA-2024-1628)
According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
5.9CVSS
7.8AI Score
0.963EPSS
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6766-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6766-2 advisory. In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able...
7.8CVSS
7.5AI Score
EPSS
Unbreakable Enterprise kernel security update
[5.15.0-206.153.7] - mmc: core: Initialize mmc_blk_ioc_data (Mikko Rapeli) - ahci: asm1064: asm1166: don't limit reported ports (Conrad Kostecki) - mmc: core: Fix switch on gp3 partition (Dominique Martinet) - Drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory (Michael....
8.3AI Score
EPSS
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1644-1)
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1644-1 advisory. In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if...
7.8CVSS
6.9AI Score
EPSS
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:1648-1)
The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1648-1 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory ...
7.8CVSS
7.2AI Score
EPSS
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1646-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1646-1 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array...
7.8CVSS
7.2AI Score
EPSS
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2024-1628)
The remote host is missing an update for the Huawei...
5.9CVSS
7.1AI Score
0.963EPSS
EulerOS Virtualization 2.11.1 : libssh (EulerOS-SA-2024-1609)
According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
5.9CVSS
7.8AI Score
0.963EPSS
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1641-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1641-1 advisory. In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single...
7.8CVSS
7.6AI Score
EPSS
.NET Core Multiple Vulnerabilities (KB5038351)
This host is missing an important security update according to Microsoft...
6.3CVSS
5.8AI Score
0.0005EPSS
Security Update for Microsoft .NET Core SDK (May 2024)
The version of .NET Core SDK installed on the remote host is 7.x prior to 7.0.19 or 8.x prior to 8.0.5. It is, therefore, affected by remote code execution vulnerability as referenced in the May 2024 advisory: A remote code execution vulnerability. An attacker can exploit this to bypass...
6.3CVSS
8.6AI Score
0.0005EPSS
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2024-1609)
The remote host is missing an update for the Huawei...
5.9CVSS
7.1AI Score
0.963EPSS
7.8CVSS
7.2AI Score
EPSS
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1642-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1642-1 advisory. In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4...
7.8CVSS
7.8AI Score
0.0004EPSS
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1643-1)
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1643-1 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two...
7.8CVSS
7.2AI Score
EPSS
Grafana directory traversal for .cvs files
Today we are releasing Grafana 8.3.2 and 7.5.12. This patch release includes a moderate severity security fix for directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is....
7.5CVSS
6.4AI Score
0.975EPSS
Grafana directory traversal for .cvs files
Today we are releasing Grafana 8.3.2 and 7.5.12. This patch release includes a moderate severity security fix for directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability is....
7.5CVSS
4.5AI Score
0.975EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
EPSS
8AI Score
EPSS
7.7AI Score
EPSS
A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this issue is some unknown functionality of the file /admin/maintenance/manage_brand.php. The manipulation of the argument id leads to sql injection. The attack may....
6.3CVSS
7.3AI Score
0.0004EPSS
A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this issue is some unknown functionality of the file /admin/maintenance/manage_brand.php. The manipulation of the argument id leads to sql injection. The attack may....
6.3CVSS
6.8AI Score
0.0004EPSS
A path traversal issue potentially leading to remote code execution in Genie for all versions prior to...
9.9CVSS
7.7AI Score
0.0004EPSS
A path traversal issue potentially leading to remote code execution in Genie for all versions prior to...
9.9CVSS
9.8AI Score
0.0004EPSS
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Short Name...
5.6AI Score
EPSS
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Information...
5.8AI Score
EPSS
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Short Name...
5.8AI Score
EPSS
A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the System Information...
5.6AI Score
EPSS
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formWlanGuestSetup allows remote authenticated users to trigger a denial of service (DoS) through the parameter...
6.9AI Score
EPSS
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formWlanSetup_Wizard allows remote authenticated users to trigger a denial of service (DoS) through the parameter...
6.9AI Score
EPSS
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via goform/formWPS, allows remote authenticated users to trigger a denial of service (DoS) through the parameter...
6.9AI Score
EPSS
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formWlanGuestSetup allows remote authenticated users to trigger a denial of service (DoS) through the parameter...
6.7AI Score
EPSS
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via goform/formWPS, allows remote authenticated users to trigger a denial of service (DoS) through the parameter...
6.7AI Score
EPSS
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formTcpipSetup allows remote authenticated users to trigger a denial of service (DoS) through the parameter...
6.7AI Score
EPSS
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formWlanSetup_Wizard allows remote authenticated users to trigger a denial of service (DoS) through the parameter...
6.7AI Score
EPSS
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formTcpipSetup allows remote authenticated users to trigger a denial of service (DoS) through the parameter...
6.9AI Score
EPSS
An issue in Open-Source Technology Committee SRS real-time video server RS/4.0.268(Leo) and SRS/4.0.195(Leo) allows a remote attacker to execute arbitrary code via a crafted...
7.5AI Score
EPSS
An issue in Open-Source Technology Committee SRS real-time video server RS/4.0.268(Leo) and SRS/4.0.195(Leo) allows a remote attacker to execute arbitrary code via a crafted...
7.8AI Score
EPSS
.NET 8.0 Update - May 14, 2024 (KB5038352)
.NET 8.0 Update - May 14, 2024 (KB5038352) NET 8.0 has been refreshed with the latest update as of May 14, 2024. This update contains both security and non-security fixes. See the release notes for details on updated packages..NET 8.0 servicing updates are upgrades. The latest servicing update for....
6.3CVSS
7AI Score
0.0005EPSS
.NET 7.0 Update - May 14, 2024 (KB5038351)
.NET 7.0 Update - May 14, 2024 (KB5038351) NET 7.0 has been refreshed with the latest update as of May 14, 2024. This update contains both security and non-security fixes. See the release notes for details on updated packages..NET 7.0 servicing updates are upgrades. The latest servicing update for....
6.3CVSS
7AI Score
0.0005EPSS
.NET 6.0 Update - May 14, 2024 (KB5038350)
.NET 6.0 Update - May 14, 2024 (KB5038350) .NET 6.0 has been refreshed with the latest update as of May 14, 2024. This update contains only non-security fixes. See the release notes for details on updated packages..NET 6.0 servicing updates are upgrades. The latest servicing update for 6.0 will...
6.9AI Score