Lucene search

K

R-30iB Plus, R-30iB Mate Plus, R-30iB Compact Plus, R-30iB Mini Plus Security Vulnerabilities

nvd
nvd

CVE-2023-49774

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Photo Album Plus: from n/a through...

5.3CVSS

5.2AI Score

0.0004EPSS

2024-06-04 12:15 PM
cve
cve

CVE-2023-49774

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Photo Album Plus: from n/a through...

5.3CVSS

7AI Score

0.0004EPSS

2024-06-04 12:15 PM
10
ics
ics

Mitsubishi Electric MELSEC iQ-R, Q, L Series and MELIPC Series (Update C)

EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R, Q, and L Series CPU Module; MELIPC Series CPU Vulnerability: Improper Resource Locking 2. RISK EVALUATION Successful exploitation of this vulnerability could...

7.5CVSS

7.9AI Score

0.003EPSS

2024-06-04 12:00 PM
31
ics
ics

Fuji Electric Monitouch V-SFT (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Monitouch V-SFT Vulnerabilities: Out-of-Bounds Write, Stack-Based Buffer Overflow, Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

9.8CVSS

8.2AI Score

0.001EPSS

2024-06-04 12:00 PM
1
ics
ics

Uniview NVR301-04S2-P4

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 4.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits available Vendor: Uniview Equipment: NVR301-04S2-P4 Vulnerability: Cross-site Scripting 2. RISK EVALUATION An attacker could send a user a URL that if clicked on could execute...

5.4CVSS

6.9AI Score

0.0004EPSS

2024-06-04 12:00 PM
ics
ics

Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: CC-Link IE TSN Industrial Managed Switch Vulnerabilities: Observable Timing Discrepancy, Double Free 2. RISK EVALUATION Successful exploitation of these...

7.5CVSS

8.2AI Score

0.002EPSS

2024-06-04 12:00 PM
15
githubexploit
githubexploit

Exploit for Authentication Bypass by Spoofing in Telerik Report Server 2024

CVE-2024-4358 An Vulnerability detection and Mass...

9.8CVSS

9.7AI Score

0.938EPSS

2024-06-04 11:32 AM
164
cvelist
cvelist

CVE-2023-49774 WordPress WP Photo Album Plus plugin <= 8.5.02.005 - IP Bypass vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Photo Album Plus: from n/a through...

5.3CVSS

5.2AI Score

0.0004EPSS

2024-06-04 11:23 AM
1
osv
osv

BIT-nginx-2024-24989

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate.Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3...

7.5CVSS

6.2AI Score

0.0004EPSS

2024-06-04 09:50 AM
7
osv
osv

BIT-nginx-2024-24990

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate.Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3...

7.5CVSS

6.2AI Score

0.0004EPSS

2024-06-04 09:50 AM
18
osv
osv

BIT-nginx-2024-31079

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the connection draining process, which the attacker....

4.8CVSS

6AI Score

0.0004EPSS

2024-06-04 09:50 AM
2
osv
osv

BIT-nginx-2024-32760

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause or other potential...

6.5CVSS

6.1AI Score

0.0004EPSS

2024-06-04 09:49 AM
2
osv
osv

BIT-nginx-2024-34161

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit (MTU) of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously freed...

5.3CVSS

5.9AI Score

0.0004EPSS

2024-06-04 09:49 AM
1
osv
osv

BIT-nginx-2024-35200

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to...

5.3CVSS

6AI Score

0.0004EPSS

2024-06-04 09:49 AM
2
githubexploit
githubexploit

Exploit for Code Injection in Openplcproject Openplc V3 Firmware

CVE-2021-31630 Modified the PoC...

8.8CVSS

6.6AI Score

0.006EPSS

2024-06-04 12:44 AM
138
nessus
nessus

Ubuntu 22.04 LTS / 23.10 / 24.04 LTS : libarchive vulnerability (USN-6805-1)

The remote Ubuntu 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6805-1 advisory. It was discovered that libarchive incorrectly handled certain RAR archive files. An attacker could possibly use this issue to execute...

7.8CVSS

8.5AI Score

0.001EPSS

2024-06-04 12:00 AM
zdt

7.4AI Score

2024-06-04 12:00 AM
64
f5
f5

K000139897: Linux kernel vulnerability CVE-2023-42753

Security Advisory Description An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h-&gt;nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer...

7.8CVSS

6.4AI Score

0.0004EPSS

2024-06-04 12:00 AM
4
openvas
openvas

Mageia: Security Advisory (MGASA-2024-0207)

The remote host is missing an update for...

7.9CVSS

6.5AI Score

0.0004EPSS

2024-06-04 12:00 AM
2
zdt

7.4AI Score

2024-06-04 12:00 AM
55
mageia
mageia

Updated microcode packages fix security vulnerabilities

The updated package fixes security vulnerabilities: Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access. (CVE-2023-45733) Sequence of processor instructions leads to unexpected...

7.9CVSS

6.3AI Score

0.0004EPSS

2024-06-03 09:30 PM
5
mssecure
mssecure

Microsoft is named a leader in the Forrester Wave for XDR

“Defenders think in lists, attackers think in graphs.”1 This remains a reality for the many organizations that operate across siloed security tools, fueling the demand on security operations (SOC) teams, as advanced cyberattacks continue to increase in frequency and speed. That’s where extended...

6.8AI Score

2024-06-03 04:00 PM
1
redhatcve
redhatcve

CVE-2024-36895

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: use correct buffer size when parsing configfs lists This commit fixes uvc gadget support on 32-bit platforms. Commit 0df28607c5cb ("usb: gadget: uvc: Generalise helper functions for reuse") introduced a helper...

6.7AI Score

0.0004EPSS

2024-06-03 01:32 PM
2
githubexploit

8.6CVSS

6.5AI Score

0.945EPSS

2024-06-03 01:30 PM
73
redhatcve
redhatcve

CVE-2024-36928

In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try to execute a napi...

6.5AI Score

0.0004EPSS

2024-06-03 12:33 PM
2
kitploit
kitploit

Startup-SBOM - A Tool To Reverse Engineer And Inspect The RPM And APT Databases To List All The Packages Along With Executables, Service And Versions

This is a simple SBOM utility which aims to provide an insider view on which packages are getting executed. The process and objective is simple we can get a clear perspective view on the packages installed by APT (currently working on implementing this for RPM and other package managers). This is.....

7.2AI Score

2024-06-03 12:30 PM
6
debiancve
debiancve

CVE-2024-36963

In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. Because the permissions are generated when accessed, they default to the root inode's...

6.8AI Score

0.0004EPSS

2024-06-03 08:15 AM
4
nvd
nvd

CVE-2024-36963

In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. Because the permissions are generated when accessed, they default to the root inode's...

6.6AI Score

0.0004EPSS

2024-06-03 08:15 AM
1
cve
cve

CVE-2024-36963

In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. Because the permissions are generated when accessed, they default to the root inode's...

6.8AI Score

0.0004EPSS

2024-06-03 08:15 AM
26
cvelist
cvelist

CVE-2024-36963 tracefs: Reset permissions on remount if permissions are options

In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. Because the permissions are generated when accessed, they default to the root inode's...

6.6AI Score

0.0004EPSS

2024-06-03 07:50 AM
1
vulnrichment
vulnrichment

CVE-2024-36963 tracefs: Reset permissions on remount if permissions are options

In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. Because the permissions are generated when accessed, they default to the root inode's...

7AI Score

0.0004EPSS

2024-06-03 07:50 AM
f5
f5

K000139877: Linux kernel vulnerabilities CVE-2021-47076 and CVE-2021-47080

Security Advisory Description CVE-2021-47076 In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Return CQE error if invalid lkey was supplied RXE is missing update of WQE status in LOCAL_WRITE failures. This caused the following kernel panic if someone sent an atomic...

5.6AI Score

0.0004EPSS

2024-06-03 12:00 AM
5
f5
f5

K000139880: Intel CPU/BIOS vulnerabilities CVE-2023-28402, CVE-2023-27504, and CVE-2023-28383

Security Advisory Description CVE-2023-28402 Improper input validation in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2023-27504 Improper conditions check in some Intel(R) BIOS Guard firmware may allow a...

7.2CVSS

6.5AI Score

0.0004EPSS

2024-06-03 12:00 AM
5
nessus
nessus

RHEL 7 : coreutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. coreutils: memory corruption flaw in parse_datetime() (CVE-2014-9471) coreutils: Non-privileged session...

6.5CVSS

6.3AI Score

0.018EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 8 : kernel (RHSA-2024:3528)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3528 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: NULL pointer dereference...

7.8CVSS

8.2AI Score

0.011EPSS

2024-06-03 12:00 AM
1
nessus
nessus

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1788)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is...

8CVSS

8.3AI Score

EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 5 : microcode_ctl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. hw: Intel SGX information leak (CVE-2019-0117) Improper conditions check in the voltage modulation...

6CVSS

6.7AI Score

0.0004EPSS

2024-06-03 12:00 AM
packetstorm

7.4AI Score

2024-06-03 12:00 AM
57
f5
f5

K000139876: Linux kernel vulnerability CVE-2021-46955

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets:...

5.9AI Score

0.0004EPSS

2024-06-03 12:00 AM
2
nessus
nessus

RHEL 4 : coreutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. coreutils: tty hijacking possible in su via TIOCSTI ioctl (CVE-2005-4890) In GNU Coreutils through 8.29,...

7.8CVSS

6.3AI Score

0.001EPSS

2024-06-03 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1800)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is...

8CVSS

8.3AI Score

EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 7 : linux-firmware (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362) An issue was discovered on...

8.8CVSS

5AI Score

0.007EPSS

2024-06-03 12:00 AM
exploitdb

7.4AI Score

2024-06-03 12:00 AM
37
nessus
nessus

RHEL 6 : wpa_supplicant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. NetworkManager, wpa_supplicant: Improper x509v3 certificate and key file paths sanitization ...

7.5CVSS

7.7AI Score

0.002EPSS

2024-06-03 12:00 AM
exploitdb

7.4AI Score

2024-06-03 12:00 AM
25
nessus
nessus

RHEL 7 : wpa_supplicant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. wpa_supplicant: local configuration update allows privilege escalation (CVE-2016-4477) hostapd 0.6.7...

7.5CVSS

8AI Score

0.002EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 8 : r (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. R: local buffer overflow in GUI preferences (CVE-2018-9060) Note that Nessus has not tested for this issue but has...

7.3AI Score

0.002EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 6 : xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Qemu: net: ne2000: OOB memory access in ioport r/w functions (CVE-2015-8743) The qemu implementation in...

7.5CVSS

6.4AI Score

0.011EPSS

2024-06-03 12:00 AM
nessus
nessus

RHEL 7 : microcode_ctl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: Intel firmware update for improper isolation of shared resources (CVE-2022-38090) Incorrect...

6.1CVSS

7.2AI Score

0.0004EPSS

2024-06-03 12:00 AM
packetstorm

7.4AI Score

2024-06-03 12:00 AM
46
Total number of security vulnerabilities120129