Snowflake isn’t an outlier, it’s the canary in the coal mine
By Nick Biasini with contributions from Kendall McKay and Guilherme Venere Headlines continue to roll in about the many implications and follow-on attacks originating from leaked and/or stolen credentials for the Snowflake cloud data platform. Adversaries obtained stolen login credentials for...
7.6AI Score
The Portfolio Gallery – Image Gallery Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'PFG' shortcode in all versions up to, and including, 1.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible....
6.4CVSS
5.7AI Score
EPSS
The Portfolio Gallery – Image Gallery Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'PFG' shortcode in all versions up to, and including, 1.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible....
6.4CVSS
EPSS
The Portfolio Gallery – Image Gallery Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'PFG' shortcode in all versions up to, and including, 1.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible....
6.4CVSS
EPSS
How to Use Python to Build Secure Blockchain Applications
Did you know it's now possible to build blockchain applications, known also as decentralized applications (or "dApps" for short) in native Python? Blockchain development has traditionally required learning specialized languages, creating a barrier for many developers… until now. AlgoKit, an...
6.9AI Score
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘video_color’ parameter in all versions up to, and including, 5.6.0 due to insufficient input sanitization and output...
6.4CVSS
5.8AI Score
EPSS
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘video_color’ parameter in all versions up to, and including, 5.6.0 due to insufficient input sanitization and output...
6.4CVSS
EPSS
CVE-2021-23192 affecting package samba 4.12.5-6
CVE-2021-23192 affecting package samba 4.12.5-6. No patch is available...
7.5CVSS
7.6AI Score
0.001EPSS
CVE-1999-0901 affecting package ypserv 4.1-4
CVE-1999-0901 affecting package ypserv 4.1-4. No patch is available...
6.9AI Score
0.0004EPSS
CVE-2019-17414 affecting package vino 3.22.0-20
CVE-2019-17414 affecting package vino 3.22.0-20. No patch is available...
7.5CVSS
7.7AI Score
0.002EPSS
CVE-2021-28543 affecting package varnish-modules 0.16.0-4
CVE-2021-28543 affecting package varnish-modules 0.16.0-4. This CVE either no longer is or was never...
7.5CVSS
7AI Score
0.002EPSS
CVE-2019-12280 affecting package toolbox 0.0.18-9
CVE-2019-12280 affecting package toolbox 0.0.18-9. This CVE either no longer is or was never...
7.8CVSS
7.2AI Score
0.003EPSS
CVE-2005-0868 affecting package tn5250 0.17.4-26
CVE-2005-0868 affecting package tn5250 0.17.4-26. No patch is available...
7.3AI Score
0.002EPSS
CVE-2012-3381 affecting package sblim-sfcb 1.4.9-20
CVE-2012-3381 affecting package sblim-sfcb 1.4.9-20. No patch is available...
6.8AI Score
0.0004EPSS
CVE-2020-14383 affecting package samba 4.12.5-6
CVE-2020-14383 affecting package samba 4.12.5-6. No patch is available...
6.5CVSS
6.7AI Score
0.004EPSS
CVE-2020-14323 affecting package samba 4.12.5-6
CVE-2020-14323 affecting package samba 4.12.5-6. No patch is available...
5.5CVSS
6AI Score
0.001EPSS
CVE-2020-14318 affecting package samba 4.12.5-6
CVE-2020-14318 affecting package samba 4.12.5-6. No patch is available...
4.3CVSS
5.4AI Score
0.001EPSS
CVE-2021-21704 affecting package php 7.4.14-3
CVE-2021-21704 affecting package php 7.4.14-3. This CVE either no longer is or was never...
5.9CVSS
7AI Score
0.004EPSS
CVE-2007-3205 affecting package php 7.4.14-3
CVE-2007-3205 affecting package php 7.4.14-3. This CVE either no longer is or was never...
6.9AI Score
0.065EPSS
CVE-2011-1429 affecting package mutt 2.2.12-1
CVE-2011-1429 affecting package mutt 2.2.12-1. No patch is available...
6.4AI Score
0.003EPSS
CVE-2021-3571 affecting package linuxptp 2.0-8
CVE-2021-3571 affecting package linuxptp 2.0-8. This CVE either no longer is or was never...
7.1CVSS
7.1AI Score
0.003EPSS
CVE-2004-2779 affecting package libid3tag 0.15.1b-33
CVE-2004-2779 affecting package libid3tag 0.15.1b-33. No patch is available...
7.5CVSS
7.1AI Score
0.001EPSS
CVE-2017-1000231 affecting package ldns 1.7.0-31
CVE-2017-1000231 affecting package ldns 1.7.0-31. This CVE either no longer is or was never...
9.8CVSS
9.6AI Score
0.004EPSS
CVE-2017-6833 affecting package audiofile 0.3.6-27
CVE-2017-6833 affecting package audiofile 0.3.6-27. No patch is available...
5.5CVSS
5.8AI Score
0.007EPSS
CVE-2017-6829 affecting package audiofile 0.3.6-27
CVE-2017-6829 affecting package audiofile 0.3.6-27. No patch is available...
5.5CVSS
6.2AI Score
0.009EPSS
CVE-2017-6828 affecting package audiofile 0.3.6-27
CVE-2017-6828 affecting package audiofile 0.3.6-27. No patch is available...
7.8CVSS
7.7AI Score
0.005EPSS
CVE-2012-2653 affecting package arpwatch 2.1a15-51
CVE-2012-2653 affecting package arpwatch 2.1a15-51. No patch is available...
9.5AI Score
0.011EPSS
CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5
CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...
7.5CVSS
7AI Score
0.001EPSS
CVE-2021-3738 affecting package samba 4.12.5-6
CVE-2021-3738 affecting package samba 4.12.5-6. No patch is available...
8.8CVSS
7.9AI Score
0.002EPSS
CVE-1999-1090 affecting package telnet 0.17-81
CVE-1999-1090 affecting package telnet 0.17-81. This CVE either no longer is or was never...
7.2AI Score
0.004EPSS
CVE-2021-3847 affecting package kernel 5.15.158.2-1
CVE-2021-3847 affecting package kernel 5.15.158.2-1. No patch is available...
7.8CVSS
7.7AI Score
0.0004EPSS
CVE-2021-3618 affecting package sendmail 8.15.2-46
CVE-2021-3618 affecting package sendmail 8.15.2-46. No patch is available...
7.4CVSS
8AI Score
0.001EPSS
CVE-2020-25719 affecting package samba 4.12.5-6
CVE-2020-25719 affecting package samba 4.12.5-6. No patch is available...
7.2CVSS
7.2AI Score
0.001EPSS
CVE-2016-2124 affecting package samba 4.12.5-6
CVE-2016-2124 affecting package samba 4.12.5-6. No patch is available...
5.9CVSS
6.8AI Score
0.002EPSS
CVE-2022-0529 affecting package unzip 6.0-20
CVE-2022-0529 affecting package unzip 6.0-20. No patch is available...
5.5CVSS
5.9AI Score
0.002EPSS
CVE-2021-43566 affecting package samba 4.12.5-6
CVE-2021-43566 affecting package samba 4.12.5-6. No patch is available...
2.5CVSS
4.2AI Score
0.001EPSS
CVE-1999-0902 affecting package ypserv 4.1-4
CVE-1999-0902 affecting package ypserv 4.1-4. No patch is available...
6.9AI Score
0.0004EPSS
CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5
CVE-2020-17527 affecting package tomcat for versions less than 9.0.39-5. No patch is available...
7.5CVSS
7.8AI Score
0.003EPSS
CVE-2005-0469 affecting package telnet 0.17-81
CVE-2005-0469 affecting package telnet 0.17-81. No patch is available...
6.3AI Score
0.921EPSS
CVE-1999-0163 affecting package sendmail 8.15.2-46
CVE-1999-0163 affecting package sendmail 8.15.2-46. No patch is available...
6.8AI Score
0.0004EPSS
CVE-2021-3671 affecting package samba 4.12.5-6
CVE-2021-3671 affecting package samba 4.12.5-6. No patch is available...
6.5CVSS
7.7AI Score
0.005EPSS
CVE-2021-20277 affecting package samba 4.12.5-6
CVE-2021-20277 affecting package samba 4.12.5-6. No patch is available...
7.5CVSS
7.8AI Score
0.006EPSS
CVE-2021-20254 affecting package samba 4.12.5-6
CVE-2021-20254 affecting package samba 4.12.5-6. No patch is available...
6.8CVSS
6.4AI Score
0.004EPSS
CVE-2020-7071 affecting package php 7.4.14-3
CVE-2020-7071 affecting package php 7.4.14-3. This CVE either no longer is or was never...
5.3CVSS
6.6AI Score
0.006EPSS
CVE-2016-4912 affecting package openslp 2.0.0-26
CVE-2016-4912 affecting package openslp 2.0.0-26. No patch is available...
7.5CVSS
7.7AI Score
0.002EPSS
CVE-2018-10195 affecting package lrzsz 0.12.20-50
CVE-2018-10195 affecting package lrzsz 0.12.20-50. No patch is available...
7.1CVSS
7AI Score
0.0004EPSS
CVE-2020-8908 affecting package guava 25.0-5
CVE-2020-8908 affecting package guava 25.0-5. This CVE either no longer is or was never...
3.3CVSS
6.7AI Score
0.001EPSS
CVE-2002-0130 affecting package efax 0.9a-34
CVE-2002-0130 affecting package efax 0.9a-34. No patch is available...
6.9AI Score
0.0004EPSS
CVE-2007-6353 affecting package exiv2 0.28.0-1
CVE-2007-6353 affecting package exiv2 0.28.0-1. No patch is available...
6.4AI Score
0.021EPSS
CVE-2017-6839 affecting package audiofile 0.3.6-27
CVE-2017-6839 affecting package audiofile 0.3.6-27. No patch is available...
5.5CVSS
6.2AI Score
0.005EPSS