Summary IBM Event Streams is vulnerable to a denial of service (DoS) due to the Eclipse Jetty component. Eclipse Jetty provides a Web server and javax. servlet container, plus support for Web Sockets, OSGi, JMX, JNDI, JASPI, AJP and many other integrations. Vulnerability Details ** CVEID:...
7AI Score
0.002EPSS
Progress OpenEdge 11.7.x < 11.7.19 / 12.2.x < 12.2.13 / 12.8.x < 12.8.1 (000253075)
The version of Progress OpenEdge installed on the remote host is prior to 11.7.19, 12.2.13, or 12.8.1. It is, therefore, affected by a vulnerability as referenced in the 000253075 advisory. In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms ...
7.7AI Score
K000138931 : Intel CPU vulnerability CVE-2023-32666
Security Advisory Description On-chip debug and test interface with improper access control in some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2023-32666) Impact....
7.2CVSS
7.4AI Score
0.0004EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (March 4, 2024 to March 10, 2024)
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 74 vulnerabilities disclosed in 56 WordPress.....
9.9CVSS
8.9AI Score
0.0004EPSS
Elements Plus! < 2.16.3 - Authenticated(Contributor+) Stored Cross-Site Scripting via widget links
Description The Elements Plus! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widget link URLs in all versions up to, and including, 2.16.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
5.9AI Score
0.0004EPSS
A vulnerability in the PPP over Ethernet (PPPoE) termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to crash the ppp_ma process, resulting in a denial of service (DoS) condition. This vulnerability...
7.4CVSS
7.4AI Score
0.0004EPSS
A vulnerability in the PPP over Ethernet (PPPoE) termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to crash the ppp_ma process, resulting in a denial of service (DoS) condition. This vulnerability...
7.4CVSS
7.2AI Score
0.0004EPSS
A vulnerability in the PPP over Ethernet (PPPoE) termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to crash the ppp_ma process, resulting in a denial of service (DoS) condition. This vulnerability...
6.9AI Score
0.0004EPSS
The User Shortcodes Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.2 via the user_meta shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level...
5.3CVSS
6.7AI Score
0.0004EPSS
The User Shortcodes Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.2 via the user_meta shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level...
5.3CVSS
6.9AI Score
0.0004EPSS
A vulnerability in the PPP over Ethernet (PPPoE) termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to crash the ppp_ma process, resulting in a denial of service (DoS) condition. This vulnerability...
7.2AI Score
0.0004EPSS
The User Shortcodes Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.2 via the user_meta shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level...
6.1AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for proftpd (EulerOS-SA-2024-1345)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
K000138895 : BIND vulnerability CVE-2023-5679
Security Advisory Description A bad interaction between DNS64 and serve-stale may cause named to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through.....
7.5CVSS
7AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2024-1317)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2024-1339)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1343)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for proftpd (EulerOS-SA-2024-1323)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1321)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2024-1316)
The remote host is missing an update for the Huawei...
6.6AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2024-1338)
The remote host is missing an update for the Huawei...
6.6AI Score
0.962EPSS
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:0855-1)
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0855-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free...
7.9AI Score
EulerOS 2.0 SP11 : openssh (EulerOS-SA-2024-1241)
According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7.9AI Score
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2024-1216)
The remote host is missing an update for the Huawei...
6.6AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for proftpd (EulerOS-SA-2024-1244)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
EulerOS 2.0 SP11 : libssh (EulerOS-SA-2024-1238)
According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7.3AI Score
Huawei EulerOS: Security Advisory for python-paramiko (EulerOS-SA-2024-1246)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1219)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1241)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
EulerOS 2.0 SP10 : proftpd (EulerOS-SA-2024-1323)
According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7.3AI Score
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1286)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2024-1238)
The remote host is missing an update for the Huawei...
6.6AI Score
0.962EPSS
EulerOS 2.0 SP10 : libssh (EulerOS-SA-2024-1338)
According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7.3AI Score
EulerOS 2.0 SP10 : libssh2 (EulerOS-SA-2024-1317)
According to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7.3AI Score
Huawei EulerOS: Security Advisory for proftpd (EulerOS-SA-2024-1222)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2024-1239)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2024-1217)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
EulerOS 2.0 SP10 : openssh (EulerOS-SA-2024-1321)
According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7.8AI Score
EulerOS 2.0 SP11 : python-paramiko (EulerOS-SA-2024-1246)
According to the versions of the python-paramiko package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to...
7.3AI Score
EulerOS 2.0 SP11 : proftpd (EulerOS-SA-2024-1222)
According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7.5AI Score
EulerOS 2.0 SP11 : libssh2 (EulerOS-SA-2024-1239)
According to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7.4AI Score
Huawei EulerOS: Security Advisory for python-paramiko (EulerOS-SA-2024-1224)
The remote host is missing an update for the Huawei...
6.7AI Score
0.962EPSS
EulerOS 2.0 SP11 : python-paramiko (EulerOS-SA-2024-1224)
According to the versions of the python-paramiko package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to...
7.3AI Score
EulerOS 2.0 SP8 : openssh (EulerOS-SA-2024-1286)
According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7.9AI Score
EulerOS 2.0 SP11 : libssh (EulerOS-SA-2024-1216)
According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7.3AI Score
EulerOS 2.0 SP11 : proftpd (EulerOS-SA-2024-1244)
According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7.4AI Score
EulerOS 2.0 SP10 : libssh (EulerOS-SA-2024-1316)
According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7.3AI Score
EulerOS 2.0 SP10 : libssh2 (EulerOS-SA-2024-1339)
According to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7.4AI Score
EulerOS 2.0 SP10 : proftpd (EulerOS-SA-2024-1345)
According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7.3AI Score
EulerOS 2.0 SP11 : libssh2 (EulerOS-SA-2024-1217)
According to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
7.4AI Score