7.4AI Score
EPSS
Mozilla Firefox Security Update (mfsa_2024-23_2024-26) - Windows
Mozilla Firefox is prone to multiple ...
6.7AI Score
0.0004EPSS
RHEL 8 : dnsmasq (RHSA-2024:3929)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3929 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol)...
7.5CVSS
8.4AI Score
0.05EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cups (SUSE-SU-2024:2003-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2003-1 advisory. - CVE-2024-35235: Fixed a bug in cupsd that could allow an attacker to change the permissions of...
4.4CVSS
4.7AI Score
0.0004EPSS
Mozilla Firefox Security Update (mfsa_2024-23_2024-26) - Mac OS X
Mozilla Firefox is prone to multiple ...
6.7AI Score
0.0004EPSS
RHEL 8 : dnsmasq (RHSA-2024:3877)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3877 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol)...
7.5CVSS
8.2AI Score
0.05EPSS
4.4CVSS
4.9AI Score
0.0004EPSS
SUSE SLES12 Security Update : cups (SUSE-SU-2024:2002-1)
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2002-1 advisory. - CVE-2024-35235: Fixed a bug in cupsd that could allow an attacker to change the permissions of other files in the system....
4.4CVSS
4.6AI Score
0.0004EPSS
Fedora 39 : php (2024-52c23ef1ec)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-52c23ef1ec advisory. PHP version 8.2.20 (06 Jun 2024) CGI: * Fixed buffer limit on Windows, replacing read call usage by _read. (David Carlier) * Fixed bug...
9.8CVSS
8.8AI Score
0.973EPSS
RHEL 9 : expat (RHSA-2024:3926)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3926 advisory. Expat is a C library for parsing XML documents. Security Fix(es): * expat: parsing large tokens can trigger a denial of service...
7.5CVSS
10AI Score
0.001EPSS
Microsoft Edge (Chromium) < 126.0.2592.56 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 126.0.2592.56. It is, therefore, affected by multiple vulnerabilities as referenced in the June 13, 2024 advisory. Microsoft Edge (Chromium-based) Spoofing Vulnerability (CVE-2024-30058, CVE-2024-38083) Type...
8.8CVSS
8.8AI Score
0.001EPSS
Google Chrome Security Update (stable-channel-update-for-desktop-2024-06) - Linux
Google Chrome is prone to multiple ...
8.8CVSS
8.8AI Score
0.001EPSS
7.8CVSS
7.3AI Score
0.0004EPSS
7.8CVSS
7.4AI Score
0.0005EPSS
4.4CVSS
4.9AI Score
0.0004EPSS
Fedora: Security Advisory for php (FEDORA-2024-52c23ef1ec)
The remote host is missing an update for...
9.8CVSS
10AI Score
0.973EPSS
Mozilla Firefox ESR Security Update (mfsa_2024-23_2024-26) - Mac OS X
Firefox ESR is prone to multiple ...
6.6AI Score
0.0004EPSS
Adobe Photoshop Arbitrary Code Execution Vulnerability (APSB24-27) - Windows
Adobe Photoshop is prone to an arbitrary code execution...
7.8CVSS
7.9AI Score
0.001EPSS
Adobe Media Encoder Memory Leak Vulnerability (APSB24-34) - Windows
Adobe Media Encoder is prone to a memory leak...
5.5CVSS
6.8AI Score
0.001EPSS
7.4AI Score
EPSS
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2005-1 advisory. Security Update 550.90.07: - CVE-2024-0090: Fixed out of bounds write (bsc#1223356). - CVE-2024-0092: Fixed incorrect exception...
7.8CVSS
7AI Score
0.0004EPSS
Fedora: Security Advisory for tomcat (FEDORA-2024-2bf73514cd)
The remote host is missing an update for...
7.3AI Score
0.0004EPSS
Creative Cloud Desktop Application Arbitrary Code Execution Vulnerability APSB24-44 (Windows)
Adobe Creative Cloud Desktop Application is prone to an arbitrary code execution...
5.5CVSS
7.8AI Score
0.0004EPSS
7.1AI Score
0.0004EPSS
5.5CVSS
5.6AI Score
0.001EPSS
7.4AI Score
0.0004EPSS
RHEL 8 / 9 : OpenShift Container Platform 4.14.29 (RHSA-2024:3700)
The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3700 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private...
8.1CVSS
7.3AI Score
0.0004EPSS
SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2024:2012-1)
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2012-1 advisory. - Update to version 115.12.0 ESR (bsc#1226027) - CVE-2024-5702: Use-after-free in networking - CVE-2024-5688: Use-after-free in...
7.5AI Score
0.0004EPSS
8.1CVSS
7.1AI Score
0.0004EPSS
Google Chrome Security Update (stable-channel-update-for-desktop-2024-06) - Windows
Google Chrome is prone to multiple ...
8.8CVSS
8.8AI Score
0.001EPSS
Adobe Audition Multiple Vulnerabilities (APSB24-32) - Windows
Adobe Audition is prone to multiple ...
5.5CVSS
7AI Score
0.001EPSS
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2008-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2008-1 advisory. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were...
9.8CVSS
8.8AI Score
EPSS
Adobe Photoshop Arbitrary Code Execution Vulnerability (APSB24-27) - Mac OS X
Adobe Photoshop is prone to an arbitrary code execution...
7.8CVSS
7.9AI Score
0.001EPSS
Summary There is a vulnerability in Java on z/OS used by IBM Maximo Asset Management application. Vulnerability Details ** CVEID: CVE-2024-3933 DESCRIPTION: **Eclipse Openj9 could allow a local authenticated attacker to bypass security restrictions, caused by the failure to restrict access to a...
5.3CVSS
6.9AI Score
0.0004EPSS
Ivanti EPM - Remote Code Execution
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary...
9.6CVSS
9.9AI Score
0.001EPSS
Summary There is a vulnerability in tinymce-6.7.3.min.js used by IBM Maximo Asset Management application. Vulnerability Details ** CVEID: CVE-2024-29203 DESCRIPTION: **TinyMCE is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the iframe elements. A...
4.3CVSS
6.8AI Score
0.0004EPSS
Summary There is a vulnerability in tinymce-6.7.3.min.js used by IBM Maximo Asset Management application. (CVE-2024-29881). Vulnerability Details ** CVEID: CVE-2024-29881 DESCRIPTION: **TinyMCE is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the...
4.3CVSS
6.9AI Score
0.0004EPSS
Summary IBM Maximo Asset Management application is vulnerable to sensitive information disclosure. Vulnerability Details ** CVEID: CVE-2024-22333 DESCRIPTION: **IBM Maximo Asset Management allows web pages to be stored locally which can be read by another user on the system. CVSS Base score: 4...
4CVSS
6.2AI Score
0.0004EPSS
Summary IBM Maximo Manage application in IBM Maximo Application Suite is vulnerable to sensitive information disclosure. Vulnerability Details ** CVEID: CVE-2024-22333 DESCRIPTION: **IBM Maximo Asset Management allows web pages to be stored locally which can be read by another user on the system......
4CVSS
6.1AI Score
0.0004EPSS
SolarWinds Serv-U Unauthenticated Arbitrary File Read
This module exploits an unauthenticated file read vulnerability, due to directory traversal, affecting SolarWinds Serv-U FTP Server 15.4, Serv-U Gateway 15.4, and Serv-U MFT Server 15.4. All versions prior to the vendor supplied hotfix "15.4.2 Hotfix 2" (version 15.4.2.157) are...
8.6CVSS
7.3AI Score
0.343EPSS
Introducing the 0-day Threat Hunt Bug Bounty Promo Through July 11th, 2024!
At Wordfence our mission is to Secure The Web. WordPress powers over 40% of the Web, and Wordfence secures over 5 million WordPress websites. That's why we’ve decided to run another exciting and new promotion for our Bug Bounty Program. With this promotion, our goal is to get more of the highest...
7.8AI Score
Summary IBM Maximo Application Suite uses bcprov-jdk18on-1.74.jar which is vulnerable to CVE-2024-30171.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2024-30171 DESCRIPTION: **The Bouncy Castle Crypto Package For Java could...
6.4AI Score
0.0004EPSS
Summary IBM Maximo Application Suite Predict Component IBM WebSphere Application Server Liberty is vulnerable to a denial of service which is vulnerable toCVE-2024-25026 .This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2024-25026 ....
5.9CVSS
7AI Score
0.0004EPSS
Summary IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to an XML External Entity (XXE) injection vulnerability (CVE-2024-22354).This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details **...
7CVSS
7.1AI Score
0.0004EPSS
Summary IBM Maximo Application Suite Predict Component uses: webSphere Application Server Liberty is vulnerable to a server-side request forgery (SSRF) vulnerability which is vulnerable to CVE-2024-22329. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability....
4.3CVSS
6.3AI Score
0.0004EPSS
Summary IBM Maximo Application Suite Predict Component uses :IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to jose4j which is vulnerable to CVE-2023-51775. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details **...
7.2AI Score
0.0004EPSS
Summary IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to a denial of service which is vulnerable to CVE-2024-27268 .This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID:...
5.9CVSS
7AI Score
0.0004EPSS
Summary IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to a denial of service when using the openidConnectClient-1.0 or socialLogin-1.0 feature which is vulnerable toCVE-2024-22353.This bulletin contains information regarding the...
7.5CVSS
7.1AI Score
0.0004EPSS
Summary IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to cross-site scripting (CVE-2024-27270). This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2024-27270 DESCRIPTION:...
4.7CVSS
5.9AI Score
0.0004EPSS
Summary IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty which is vulnerable to CVE-2023-50312.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2023-50312 DESCRIPTION: **IBM WebSphere...
5.3CVSS
6.4AI Score
0.0004EPSS