Lucene search

K

Professional Social Sharing Buttons, Icons & Related Posts – Shareaholic Security Vulnerabilities

nvd
nvd

CVE-2024-30931

Stored Cross Site Scripting vulnerability in Emby Media Server Emby Media Server 4.8.3.0 allows a remote attacker to escalate privileges via the notifications.html...

EPSS

2024-06-25 10:15 PM
3
cve
cve

CVE-2024-30931

Stored Cross Site Scripting vulnerability in Emby Media Server Emby Media Server 4.8.3.0 allows a remote attacker to escalate privileges via the notifications.html...

6.3AI Score

EPSS

2024-06-25 10:15 PM
3
malwarebytes
malwarebytes

Neiman Marcus confirms breach. Is the customer data already for sale?

Luxury retail chain Neiman Marcus has begun to inform customers about a cyberattack it discovered in May. The attacker compromised a database platform storing customers' personal information. The letter tells customers: “Promptly after learning of the issue, we took steps to contain it, including.....

7.5AI Score

2024-06-25 09:35 PM
2
redhatcve
redhatcve

CVE-2024-39362

In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: Unbind mux adapters before delete There is an issue with ACPI overlay table removal specifically related to I2C multiplexers. Consider an ACPI SSDT Overlay that defines a PCA9548 I2C mux on an existing I2C bus. When...

7.1AI Score

EPSS

2024-06-25 07:50 PM
wordfence
wordfence

WordPress 6.5.5 Security Release – What You Need to Know

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? __Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the...

5.4AI Score

2024-06-25 03:38 PM
2
cve
cve

CVE-2024-39362

In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: Unbind mux adapters before delete There is an issue with ACPI overlay table removal specifically related to I2C multiplexers. Consider an ACPI SSDT Overlay that defines a PCA9548 I2C mux on an existing I2C bus. When...

6.8AI Score

EPSS

2024-06-25 03:15 PM
3
nvd
nvd

CVE-2024-39362

In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: Unbind mux adapters before delete There is an issue with ACPI overlay table removal specifically related to I2C multiplexers. Consider an ACPI SSDT Overlay that defines a PCA9548 I2C mux on an existing I2C bus. When...

EPSS

2024-06-25 03:15 PM
vulnrichment
vulnrichment

CVE-2024-39362 i2c: acpi: Unbind mux adapters before delete

In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: Unbind mux adapters before delete There is an issue with ACPI overlay table removal specifically related to I2C multiplexers. Consider an ACPI SSDT Overlay that defines a PCA9548 I2C mux on an existing I2C bus. When...

7AI Score

EPSS

2024-06-25 02:22 PM
cvelist
cvelist

CVE-2024-39362 i2c: acpi: Unbind mux adapters before delete

In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: Unbind mux adapters before delete There is an issue with ACPI overlay table removal specifically related to I2C multiplexers. Consider an ACPI SSDT Overlay that defines a PCA9548 I2C mux on an existing I2C bus. When...

EPSS

2024-06-25 02:22 PM
2
rapid7blog
rapid7blog

From Top Dogs to Unified Pack

Embracing a consolidated security ecosystem Authored by Ralph Wascow Cybersecurity is as unpredictable as it is rewarding. Each day often presents a new set of challenges and responsibilities, particularly as organizations accelerate digital transformation efforts. This means you and your cyber...

7.2AI Score

2024-06-25 01:30 PM
kitploit
kitploit

CloudBrute - Awesome Cloud Enumerator

A tool to find a company (target) infrastructure, files, and apps on the top cloud providers (Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, Linode). The outcome is useful for bug bounty hunters, red teamers, and penetration testers alike. The complete writeup is available. here...

7.2AI Score

2024-06-25 12:30 PM
2
ics
ics

PTC Creo Elements/Direct License Server

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: PTC Equipment: Creo Elements/Direct License Server Vulnerability: Missing Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated remote...

8.1AI Score

EPSS

2024-06-25 12:00 PM
1
ics
ics

ABB Ability System 800xA

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Low attack complexity Vendor: ABB Equipment: 800xA Base Vulnerabilities: Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause services to crash and restart. 3. TECHNICAL DETAILS 3.1...

5.7CVSS

7.3AI Score

0.0004EPSS

2024-06-25 12:00 PM
securelist
securelist

Cybersecurity in the SMB space — a growing threat

Small and medium-sized businesses (SMBs) are increasingly targeted by cybercriminals. Despite adopting digital technology for remote work, production, and sales, SMBs often lack robust cybersecurity measures. SMBs face significant cybersecurity challenges due to limited resources and expertise....

7.3AI Score

2024-06-25 10:00 AM
2
ibm
ibm

Security Bulletin: IBM Event Streams are vulnerable in terms of both confidentiality and integrity. (CVE-2024-20918, CVE-2024-20926, CVE-2024-20952).

Summary IBM Event Streams are vulnerable in terms of both confidentiality and integrity. Multiple Java components within IBM Event Streams are susceptible to these vulnerabilities, enabling remote attackers to execute malicious actions through these components. Vulnerability Details ** CVEID:...

7.4CVSS

7.1AI Score

0.001EPSS

2024-06-25 09:10 AM
8
thn
thn

WikiLeaks' Julian Assange Released from U.K. Prison, Heads to Australia

WikiLeaks founder Julian Assange has been freed in the U.K. and has departed the country after serving more than five years in a maximum security prison at Belmarsh for what was described by the U.S. government as the "largest compromises of classified information" in its history. Capping off a...

6.8AI Score

2024-06-25 05:03 AM
13
cve
cve

CVE-2024-6297

Several plugins for WordPress hosted on WordPress.org have been compromised and injected with malicious PHP scripts. A malicious threat actor compromised the source code of various plugins and injected code that exfiltrates database credentials and is used to create new, malicious, administrator...

10CVSS

9.7AI Score

0.001EPSS

2024-06-25 04:15 AM
15
nvd
nvd

CVE-2024-6297

Several plugins for WordPress hosted on WordPress.org have been compromised and injected with malicious PHP scripts. A malicious threat actor compromised the source code of various plugins and injected code that exfiltrates database credentials and is used to create new, malicious, administrator...

10CVSS

0.001EPSS

2024-06-25 04:15 AM
22
thn
thn

4 FIN9-linked Vietnamese Hackers Indicted in $71M U.S. Cybercrime Spree

Four Vietnamese nationals with ties to the FIN9 cybercrime group have been indicted in the U.S. for their involvement in a series of computer intrusions that caused over $71 million in losses to companies. The defendants, Ta Van Tai (aka Quynh Hoa and Bich Thuy), Nguyen Viet Quoc (aka Tien...

7AI Score

2024-06-25 03:52 AM
10
thn
thn

Multiple WordPress Plugins Compromised: Hackers Create Rogue Admin Accounts

Multiple WordPress plugins have been backdoored to inject malicious code that makes it possible to create rogue administrator accounts with the aim of performing arbitrary actions. "The injected malware attempts to create a new administrative user account and then sends those details back to the...

7.2AI Score

2024-06-25 03:32 AM
9
cvelist
cvelist

CVE-2024-6297 Several WordPress.org Plugins <= Various Versions - Injected Backdoor

Several plugins for WordPress hosted on WordPress.org have been compromised and injected with malicious PHP scripts. A malicious threat actor compromised the source code of various plugins and injected code that exfiltrates database credentials and is used to create new, malicious, administrator...

10CVSS

0.001EPSS

2024-06-25 03:30 AM
19
nessus
nessus

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1837)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fix mcast list locking Releasing the priv-lock while iterating...

7.8CVSS

7.7AI Score

0.0004EPSS

2024-06-25 12:00 AM
3
nessus
nessus

RHEL 8 : [23.0] Security update for the 23.0 (RPMs) (Low) (RHSA-2024:4081)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4081 advisory. The quarkus-mandrel-java and quarkus-mandrel-23 packages provide the GraalVM installation for the quarkus/mandrel-23-rhel8:23.0 container...

3.7CVSS

6.9AI Score

0.0005EPSS

2024-06-25 12:00 AM
nessus
nessus

FreeBSD : chromium -- multiple security fixes (2b68c86a-32d5-11ef-8a0f-a8a1599412c6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 2b68c86a-32d5-11ef-8a0f-a8a1599412c6 advisory. Chrome Releases reports: This update includes 5 security fixes: Tenable has extracted the...

7.1AI Score

0.0004EPSS

2024-06-25 12:00 AM
nessus
nessus

PyTorch < 2.2.2 RCE

The remote host contains a torchserve version that is prior to 2.2.2. It is, therefore, affected by a remote code execution vulnerability. A vulnerability in the PyTorch's torch.distributed.rpc framework, specifically in versions prior to 2.2.2, allows for remote code execution (RCE). The...

10CVSS

8.3AI Score

0.0004EPSS

2024-06-25 12:00 AM
openvas
openvas

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1816)

The remote host is missing an update for the Huawei...

7.8CVSS

7.5AI Score

0.0004EPSS

2024-06-25 12:00 AM
1
almalinux
almalinux

Important: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...

7.8CVSS

7.6AI Score

0.0005EPSS

2024-06-25 12:00 AM
openvas
openvas

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2024-1822)

The remote host is missing an update for the Huawei...

7.8CVSS

7.5AI Score

0.0005EPSS

2024-06-25 12:00 AM
nessus
nessus

RHEL 9 : python3.11 (RHSA-2024:4077)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4077 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic...

7.8CVSS

6.9AI Score

0.0004EPSS

2024-06-25 12:00 AM
nessus
nessus

RHEL 7 : kpatch-patch (RHSA-2024:4073)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4073 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security...

7.8CVSS

7.6AI Score

0.011EPSS

2024-06-25 12:00 AM
osv
osv

Important: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...

7.8CVSS

7.7AI Score

0.0004EPSS

2024-06-25 12:00 AM
oraclelinux
oraclelinux

git security update

[2.43.5-1] - Update to 2.43.5 - Related: RHEL-36402, RHEL-36414 [2.43.4-1] - Update to 2.43.4 - Resolves: RHEL-36402,...

9CVSS

9.4AI Score

0.001EPSS

2024-06-25 12:00 AM
oraclelinux
oraclelinux

git security update

[2.43.5-1] - Update to 2.43.5 - Related: RHEL-36399, RHEL-36411 [2.43.4-1] - Update to 2.43.4 - Resolves: RHEL-36399,...

9CVSS

9.4AI Score

0.001EPSS

2024-06-25 12:00 AM
openvas
openvas

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1837)

The remote host is missing an update for the Huawei...

7.8CVSS

7.5AI Score

0.0004EPSS

2024-06-25 12:00 AM
almalinux
almalinux

Important: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...

7.8CVSS

7.7AI Score

0.0004EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1816)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fix mcast list locking Releasing the priv-lock while iterating...

7.8CVSS

7.7AI Score

0.0004EPSS

2024-06-25 12:00 AM
3
nessus
nessus

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2185-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2185-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: .....

9.8CVSS

8.2AI Score

0.005EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : python3 (EulerOS-SA-2024-1822)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and...

7.8CVSS

7.3AI Score

0.0005EPSS

2024-06-25 12:00 AM
nessus
nessus

RHEL 9 : kpatch-patch (RHSA-2024:4074)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4074 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security...

7.8CVSS

7.6AI Score

0.011EPSS

2024-06-25 12:00 AM
nessus
nessus

RHEL 8 : git (RHSA-2024:4084)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4084 advisory. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a...

9CVSS

7.2AI Score

0.001EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : python3 (EulerOS-SA-2024-1843)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and...

7.8CVSS

7.4AI Score

0.0005EPSS

2024-06-25 12:00 AM
osv
osv

Important: git security update

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to...

9CVSS

9.1AI Score

0.001EPSS

2024-06-25 12:00 AM
osv
osv

Important: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...

7.8CVSS

7.6AI Score

0.0005EPSS

2024-06-25 12:00 AM
nessus
nessus

RHEL 8 : [23.1] Security update for the 23.1 (RPMs) (Low) (RHSA-2024:4079)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4079 advisory. The quarkus-mandrel-java and quarkus-mandrel-231 packages provide the GraalVM installation for the quarkus/mandrel-for-jdk-21-rhel8:23.1...

3.7CVSS

6.9AI Score

0.0005EPSS

2024-06-25 12:00 AM
cvelist
cvelist

CVE-2024-30931

Stored Cross Site Scripting vulnerability in Emby Media Server Emby Media Server 4.8.3.0 allows a remote attacker to escalate privileges via the notifications.html...

EPSS

2024-06-25 12:00 AM
almalinux
almalinux

Important: git security update

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to...

9CVSS

9.1AI Score

0.001EPSS

2024-06-25 12:00 AM
openvas
openvas

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2024-1843)

The remote host is missing an update for the Huawei...

7.8CVSS

7.5AI Score

0.0005EPSS

2024-06-25 12:00 AM
nessus
nessus

RHEL 8 : kpatch-patch (RHSA-2024:4075)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4075 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security...

7.8CVSS

7.4AI Score

0.011EPSS

2024-06-25 12:00 AM
osv
osv

Important: git security update

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to...

9CVSS

9.1AI Score

0.001EPSS

2024-06-25 12:00 AM
nessus
nessus

RHEL 9 : git (RHSA-2024:4083)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4083 advisory. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a...

9CVSS

7.2AI Score

0.001EPSS

2024-06-25 12:00 AM
Total number of security vulnerabilities222745