Lucene search

K

P10, P10 Plus Security Vulnerabilities

nvd
nvd

CVE-2024-21791

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection in lockout history option. Note: Non-admin users cannot exploit this...

4.7CVSS

5.4AI Score

0.0004EPSS

2024-05-22 06:15 PM
1
cve
cve

CVE-2024-21791

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection in lockout history option. Note: Non-admin users cannot exploit this...

4.7CVSS

8.1AI Score

0.0004EPSS

2024-05-22 06:15 PM
26
cvelist
cvelist

CVE-2024-21791 SQL Injection in ADAudit Plus

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection in lockout history option. Note: Non-admin users cannot exploit this...

4.7CVSS

5.4AI Score

0.0004EPSS

2024-05-22 06:05 PM
1
vulnrichment
vulnrichment

CVE-2024-21791 SQL Injection in ADAudit Plus

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection in lockout history option. Note: Non-admin users cannot exploit this...

4.7CVSS

8.1AI Score

0.0004EPSS

2024-05-22 06:05 PM
1
kitploit
kitploit

Above - Invisible Network Protocol Sniffer

Invisible protocol sniffer for finding vulnerabilities in the network. Designed for pentesters and security engineers. Above: Invisible network protocol sniffer Designed for pentesters and security engineers Author: Magama Bazarov, <[email protected]> Pseudonym: Caster Version: 2.6 ...

7.1AI Score

2024-05-22 12:30 PM
32
malwarebytes
malwarebytes

Microsoft AI “Recall” feature records everything, secures far less

Developing an AI-powered threat to security, privacy, and identity is certainly a choice, but it's one that Microsoft was willing to make this week at its “Build” developer conference. On Monday, the computing giant unveiled a new line of PCs that integrate Artificial Intelligence (AI) technology.....

6.8AI Score

2024-05-22 09:14 AM
9
nvd
nvd

CVE-2021-47267

In the Linux kernel, the following vulnerability has been resolved: usb: fix various gadget panics on 10gbps cabling usb_assign_descriptors() is called with 5 parameters, the last 4 of which are the usb_descriptor_header for: full-speed (USB1.1 - 12Mbps [including USB1.0 low-speed @ 1.5Mbps), ...

6.3AI Score

0.0004EPSS

2024-05-21 03:15 PM
2
debiancve
debiancve

CVE-2021-47267

In the Linux kernel, the following vulnerability has been resolved: usb: fix various gadget panics on 10gbps cabling usb_assign_descriptors() is called with 5 parameters, the last 4 of which are the usb_descriptor_header for: full-speed (USB1.1 - 12Mbps [including USB1.0 low-speed @...

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
5
cve
cve

CVE-2021-47267

In the Linux kernel, the following vulnerability has been resolved: usb: fix various gadget panics on 10gbps cabling usb_assign_descriptors() is called with 5 parameters, the last 4 of which are the usb_descriptor_header for: full-speed (USB1.1 - 12Mbps [including USB1.0 low-speed @ 1.5Mbps), ...

6.5AI Score

0.0004EPSS

2024-05-21 03:15 PM
30
cvelist
cvelist

CVE-2021-47267 usb: fix various gadget panics on 10gbps cabling

In the Linux kernel, the following vulnerability has been resolved: usb: fix various gadget panics on 10gbps cabling usb_assign_descriptors() is called with 5 parameters, the last 4 of which are the usb_descriptor_header for: full-speed (USB1.1 - 12Mbps [including USB1.0 low-speed @ 1.5Mbps), ...

6.3AI Score

0.0004EPSS

2024-05-21 02:19 PM
vulnrichment
vulnrichment

CVE-2021-47267 usb: fix various gadget panics on 10gbps cabling

In the Linux kernel, the following vulnerability has been resolved: usb: fix various gadget panics on 10gbps cabling usb_assign_descriptors() is called with 5 parameters, the last 4 of which are the usb_descriptor_header for: full-speed (USB1.1 - 12Mbps [including USB1.0 low-speed @ 1.5Mbps), ...

6.7AI Score

0.0004EPSS

2024-05-21 02:19 PM
thn
thn

Five Core Tenets Of Highly Effective DevSecOps Practices

One of the enduring challenges of building modern applications is to make them more secure without disrupting high-velocity DevOps processes or degrading the developer experience. Today's cyber threat landscape is rife with sophisticated attacks aimed at all different parts of the software supply.....

7.2AI Score

2024-05-21 11:33 AM
1
ubuntucve
ubuntucve

CVE-2021-47267

In the Linux kernel, the following vulnerability has been resolved: usb: fix various gadget panics on 10gbps cabling usb_assign_descriptors() is called with 5 parameters, the last 4 of which are the usb_descriptor_header for: full-speed (USB1.1 - 12Mbps [including USB1.0 low-speed @ 1.5Mbps),...

6.4AI Score

0.0004EPSS

2024-05-21 12:00 AM
5
f5
f5

K000139698: Python vulnerabilities CVE-2016-5636, and CVE-2023-36632

Security Advisory Description CVE-2016-5636 Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based...

8.3AI Score

0.028EPSS

2024-05-21 12:00 AM
15
f5
f5

K000139700: Linux kernel usbmon vulnerability CVE-2022-43750

Security Advisory Description drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory. (CVE-2022-43750) Impact This vulnerability may allow an attacker with local access to gain improper...

7.1AI Score

0.0004EPSS

2024-05-21 12:00 AM
4
trellix
trellix

Detecting and Visualizing Lateral Movement Attacks with Trellix XDR - Part 2

Detecting and Visualizing Lateral Movement Attacks with Trellix XDR - Part 2 By Chintan Shah, Maulik Maheta · May 21, 2024 Executive summary In the part 1 of this series we discussed in depth about the known Lateral movement attacks like abusing weak service permissions (T1574.011), NTDS.dit file.....

7.9AI Score

2024-05-21 12:00 AM
8
f5
f5

K000139691: Python vulnerabilities CVE-2022-48565, CVE-2018-1000802 and CVE-2016-9063

Security Advisory Description CVE-2022-48565 An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. CVE-2018-1000802 Python Software Foundation Python (CPython)...

8.4AI Score

0.01EPSS

2024-05-21 12:00 AM
17
f5
f5

K000139685: Python vulnerability CVE-2023-40217

Security Advisory Description An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into...

7AI Score

0.0005EPSS

2024-05-21 12:00 AM
6
cve
cve

CVE-2023-49335

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server...

8.3CVSS

7.9AI Score

0.0004EPSS

2024-05-20 06:15 PM
30
nvd
nvd

CVE-2023-49335

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server...

8.3CVSS

8.8AI Score

0.0004EPSS

2024-05-20 06:15 PM
1
cve
cve

CVE-2023-49332

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file...

8.3CVSS

7.9AI Score

0.0004EPSS

2024-05-20 06:15 PM
34
cve
cve

CVE-2023-49333

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph...

8.3CVSS

7.8AI Score

0.0004EPSS

2024-05-20 06:15 PM
27
nvd
nvd

CVE-2023-49334

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary...

8.3CVSS

8.7AI Score

0.0004EPSS

2024-05-20 06:15 PM
cve
cve

CVE-2023-49331

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search...

8.3CVSS

7.8AI Score

0.0004EPSS

2024-05-20 06:15 PM
28
cve
cve

CVE-2023-49334

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary...

8.3CVSS

8.1AI Score

0.0004EPSS

2024-05-20 06:15 PM
31
nvd
nvd

CVE-2023-49331

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search...

8.3CVSS

8.7AI Score

0.0004EPSS

2024-05-20 06:15 PM
nvd
nvd

CVE-2023-49332

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file...

8.3CVSS

8.8AI Score

0.0004EPSS

2024-05-20 06:15 PM
1
nvd
nvd

CVE-2023-49333

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph...

8.3CVSS

8.7AI Score

0.0004EPSS

2024-05-20 06:15 PM
1
vulnrichment
vulnrichment

CVE-2023-49335

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server...

8.3CVSS

8AI Score

0.0004EPSS

2024-05-20 05:55 PM
cvelist
cvelist

CVE-2023-49335

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server...

8.3CVSS

8.8AI Score

0.0004EPSS

2024-05-20 05:55 PM
1
cvelist
cvelist

CVE-2023-49334

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary...

8.3CVSS

8.7AI Score

0.0004EPSS

2024-05-20 05:55 PM
vulnrichment
vulnrichment

CVE-2023-49334

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary...

8.3CVSS

8.1AI Score

0.0004EPSS

2024-05-20 05:55 PM
vulnrichment
vulnrichment

CVE-2023-49333

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph...

8.3CVSS

7.9AI Score

0.0004EPSS

2024-05-20 05:51 PM
2
cvelist
cvelist

CVE-2023-49333

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph...

8.3CVSS

8.7AI Score

0.0004EPSS

2024-05-20 05:51 PM
vulnrichment
vulnrichment

CVE-2023-49332

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file...

8.3CVSS

8AI Score

0.0004EPSS

2024-05-20 05:45 PM
1
cvelist
cvelist

CVE-2023-49332

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file...

8.3CVSS

8.8AI Score

0.0004EPSS

2024-05-20 05:45 PM
cvelist
cvelist

CVE-2023-49331

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search...

8.3CVSS

8.7AI Score

0.0004EPSS

2024-05-20 05:35 PM
vulnrichment
vulnrichment

CVE-2023-49331

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search...

8.3CVSS

7.9AI Score

0.0004EPSS

2024-05-20 05:35 PM
githubexploit
githubexploit

Exploit for Improper Restriction of Excessive Authentication Attempts in Netgate Pfsense Plus

[CVE-2023-27100 - pfSense Anti-brute force protection bypass]...

9.8CVSS

7.3AI Score

0.002EPSS

2024-05-20 01:35 PM
109
cve
cve

CVE-2023-49330

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report...

8.3CVSS

8.1AI Score

0.0004EPSS

2024-05-20 01:15 PM
25
nvd
nvd

CVE-2023-49330

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report...

8.3CVSS

8.8AI Score

0.0004EPSS

2024-05-20 01:15 PM
vulnrichment
vulnrichment

CVE-2023-49330

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report...

8.3CVSS

8.2AI Score

0.0004EPSS

2024-05-20 12:19 PM
1
cvelist
cvelist

CVE-2023-49330

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report...

8.3CVSS

8.8AI Score

0.0004EPSS

2024-05-20 12:19 PM
2
f5
f5

K000139680: MySQL2 vulnerability CVE-2024-21508

Security Advisory Description Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values. (CVE-2024-21508) Impact There is no impact; F5 products are not...

7.8AI Score

0.0004EPSS

2024-05-20 12:00 AM
7
f5
f5

K000139682: Speculative race conditions vulnerabilities CVE-2024-2193 and CVE-2024-26602

Security Advisory Description CVE-2024-2193 A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data...

5.5AI Score

0.0004EPSS

2024-05-20 12:00 AM
10
f5
f5

K000139678: MySQL Server vulnerability CVE-2024-21055

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

6AI Score

0.0004EPSS

2024-05-20 12:00 AM
7
f5
f5

K000139684: AMD processors vulnerability CVE-2023-20569

Security Advisory Description A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. (CVE-2023-20569) Impact...

6.3AI Score

0.0004EPSS

2024-05-20 12:00 AM
5
f5
f5

K000139692: Websense vulnerabilities CVE-2006-2035 and CVE-2010-5144

Security Advisory Description CVE-2006-2035 Websense, when configured to permit access to the dynamic content category, allows local users to bypass intended blocking of the Uncategorized category by appending a "/?" sequence to a URL. CVE-2010-5144 The ISAPI Filter plug-in in Websense...

7.1AI Score

0.002EPSS

2024-05-20 12:00 AM
3
wired
wired

US Official Warns a Cell Network Flaw Is Being Exploited for Spying

Plus: Three arrested in North Korean IT workers fraud ring, Tesla staffers shared videos from owners’ cars, and...

7.3AI Score

2024-05-18 10:00 AM
10
nvd
nvd

CVE-2023-47178

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in POSIMYTH Innovation The Plus Addons for Elementor Pro allows PHP Local File Inclusion.This issue affects The Plus Addons for Elementor Pro: from n/a through...

8.6CVSS

8.7AI Score

0.0004EPSS

2024-05-17 09:15 AM
2
Total number of security vulnerabilities14815