Lucene search

K

R-30iB Plus, R-30iB Mate Plus, R-30iB Compact Plus, R-30iB Mini Plus Security Vulnerabilities

nessus
nessus

Oracle Linux 8 : kernel (ELSA-2024-3138)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3138 advisory. - x86/sev: Harden #VC instruction emulation somewhat (Vitaly Kuznetsov) [RHEL-30040] {CVE-2024-25743 CVE-2024-25742} - mm/sparsemem: fix race in...

9.8CVSS

8.8AI Score

EPSS

2024-05-28 12:00 AM
5
nessus
nessus

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Git vulnerabilities (USN-6793-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6793-1 advisory. It was discovered that Git incorrectly handled certain submodules. An attacker could possibly use this issue to...

9CVSS

7.5AI Score

0.001EPSS

2024-05-28 12:00 AM
1
nessus
nessus

Oracle Linux 8 : python39:3.9 / and / python39-devel:3.9 (ELSA-2024-2985)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2985 advisory. mod_wsgi [4.7.1-7] - Bump release for rebuild Resolves: rhbz#2213595 [4.7.1-6] - Remove rpath Resolves: rhbz#2213837 [4.7.1-5] - Core...

8.2CVSS

7.2AI Score

0.016EPSS

2024-05-28 12:00 AM
2
nessus
nessus

RHEL 9 : kpatch-patch (RHSA-2024:3427)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3427 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security...

7.8CVSS

7AI Score

0.011EPSS

2024-05-28 12:00 AM
nessus
nessus

Oracle Linux 8 : container-tools:ol8 (ELSA-2024-2988)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2988 advisory. The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type...

7.5CVSS

7.1AI Score

0.962EPSS

2024-05-28 12:00 AM
2
nessus
nessus

RHEL 9 : kernel-rt (RHSA-2024:3414)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3414 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

7.8CVSS

7.3AI Score

0.011EPSS

2024-05-28 12:00 AM
nessus
nessus

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Unbound vulnerability (USN-6791-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6791-1 advisory. It was discovered that Unbound could take part in a denial of service amplification attack known as DNSBomb. This update...

6.9AI Score

0.0004EPSS

2024-05-28 12:00 AM
2
nessus
nessus

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Flask-Security vulnerability (USN-6792-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6792-1 advisory. Naom Moshe discovered that Flask-Security incorrectly validated URLs. An attacker could use this issue to redirect users to arbitrary...

6.1CVSS

7.1AI Score

0.001EPSS

2024-05-28 12:00 AM
1
packetstorm

7.4AI Score

2024-05-28 12:00 AM
70
nessus
nessus

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Jinja2 vulnerability (USN-6787-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6787-1 advisory. It was discovered that Jinja2 incorrectly handled certain HTML attributes that were accepted by....

5.4CVSS

6.1AI Score

0.0004EPSS

2024-05-28 12:00 AM
2
nessus
nessus

Oracle Linux 8 : python27:2.7 (ELSA-2024-2987)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2987 advisory. babel [2.5.1-10] - Fix CVE-2021-20095 Resolves: rhbz#1955615 [2.5.1-9] - Bumping due to problems with modular RPM upgrade path - Resolves:...

9.8CVSS

7.2AI Score

0.032EPSS

2024-05-28 12:00 AM
4
f5
f5

K000139794: Mozilla NSS vulnerability CVE-2023-5388

Security Advisory Description NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. (CVE-2023-5...

6.7AI Score

0.0004EPSS

2024-05-28 12:00 AM
4
nessus
nessus

RHEL 9 : linux-firmware (RHSA-2024:3422)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3422 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): *...

8.2CVSS

7AI Score

0.0004EPSS

2024-05-28 12:00 AM
nessus
nessus

Ubuntu 22.04 LTS / 23.10 / 24.04 LTS : WebKitGTK vulnerabilities (USN-6788-1)

The remote Ubuntu 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6788-1 advisory. Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious...

6.8AI Score

0.0004EPSS

2024-05-28 12:00 AM
1
talos
talos

libigl readOFF stack-based buffer overflow vulnerabilities

Talos Vulnerability Report TALOS-2023-1784 libigl readOFF stack-based buffer overflow vulnerabilities May 28, 2024 CVE Number CVE-2023-35950,CVE-2023-35953,CVE-2023-35952,CVE-2023-35951,CVE-2023-35949 SUMMARY Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp...

7.8CVSS

8.5AI Score

0.001EPSS

2024-05-28 12:00 AM
5
talos
talos

AutomationDirect P3-550E Programming Software Connection CurrDir heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-1937 AutomationDirect P3-550E Programming Software Connection CurrDir heap-based buffer overflow vulnerability May 28, 2024 CVE Number CVE-2024-24947,CVE-2024-24946 SUMMARY A heap-based buffer overflow vulnerability exists in the Programming Software...

8.2CVSS

8AI Score

0.0005EPSS

2024-05-28 12:00 AM
3
nessus
nessus

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : amavisd-new vulnerability (USN-6790-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6790-1 advisory. It was discovered that amavisd-new incorrectly handled certain MIME email messages with multiple boundary parameters. A remote...

7.2AI Score

0.0004EPSS

2024-05-28 12:00 AM
1
nessus
nessus

RHEL 9 : kernel (RHSA-2024:3421)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3421 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Marvin vulnerability...

7.8CVSS

7.3AI Score

EPSS

2024-05-28 12:00 AM
nessus
nessus

Ubuntu 20.04 LTS / 22.04 LTS : Netatalk vulnerabilities (USN-6786-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6786-1 advisory. It was discovered that Netatalk did not properly protect an SMB and AFP default configuration. A remote attacker could possibly use this issue to ...

10CVSS

7.6AI Score

0.007EPSS

2024-05-28 12:00 AM
6
nessus
nessus

Fedora 40 : glycin-loaders / gnome-tour / helix / helvum / libipuz / loupe / etc (2024-ce2936b568)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-ce2936b568 advisory. This update contains builds from a mini-mass-rebuild for Rust applications (and some C-style libraries). Rebuilding with the Rust 1.78 toolchain should fix...

7.4AI Score

2024-05-28 12:00 AM
nessus
nessus

Oracle Linux 8 : edk2 (ELSA-2024-3017)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3017 advisory. [20220126gitbb1bba3d77-13] - edk2-EmbeddedPkg-Hob-Integer-Overflow-in-CreateHob.patch [RHEL-21158] -...

9.4CVSS

6AI Score

0.006EPSS

2024-05-28 12:00 AM
5
nessus
nessus

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : LibreOffice vulnerability (USN-6789-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6789-1 advisory. Amel Bouziane-Leblond discovered that LibreOffice incorrectly handled graphic on-click bindings. If a user were tricked into...

7.2AI Score

0.0004EPSS

2024-05-28 12:00 AM
2
githubexploit
githubexploit

Exploit for CVE-2024-5084

🚀 HashForm Exploit Script This script demonstrates the...

9.8CVSS

8.6AI Score

0.035EPSS

2024-05-27 08:04 PM
129
nvd
nvd

CVE-2024-36037

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session...

5.5CVSS

5.3AI Score

0.0004EPSS

2024-05-27 06:15 PM
1
cve
cve

CVE-2024-36037

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session...

5.5CVSS

6.5AI Score

0.0004EPSS

2024-05-27 06:15 PM
31
nvd
nvd

CVE-2024-36036

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent...

4.2CVSS

4.2AI Score

0.0004EPSS

2024-05-27 06:15 PM
cve
cve

CVE-2024-36036

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent...

4.2CVSS

6.2AI Score

0.0004EPSS

2024-05-27 06:15 PM
26
nvd
nvd

CVE-2024-27310

Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-05-27 06:15 PM
cve
cve

CVE-2024-27310

Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP...

5.3CVSS

6.8AI Score

0.0004EPSS

2024-05-27 06:15 PM
27
cvelist
cvelist

CVE-2024-36037 Insufficient Access Control Vulnerability

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session...

5.5CVSS

5.3AI Score

0.0004EPSS

2024-05-27 05:59 PM
3
vulnrichment
vulnrichment

CVE-2024-36037 Insufficient Access Control Vulnerability

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session...

5.5CVSS

6.6AI Score

0.0004EPSS

2024-05-27 05:59 PM
vulnrichment
vulnrichment

CVE-2024-36036 Insufficient Access Control Vulnerability

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent...

4.2CVSS

6.3AI Score

0.0004EPSS

2024-05-27 05:58 PM
cvelist
cvelist

CVE-2024-36036 Insufficient Access Control Vulnerability

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent...

4.2CVSS

4.2AI Score

0.0004EPSS

2024-05-27 05:58 PM
vulnrichment
vulnrichment

CVE-2024-27310 DOS Vulnerability

Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP...

5.3CVSS

6.9AI Score

0.0004EPSS

2024-05-27 05:26 PM
cvelist
cvelist

CVE-2024-27310 DOS Vulnerability

Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP...

5.3CVSS

5.3AI Score

0.0004EPSS

2024-05-27 05:26 PM
2
securelist
securelist

Message board scams

Marketplace fraud is nothing new. Cybercriminals swindle money out of buyers and sellers alike. Lately, we've seen a proliferation of cybergangs operating under the Fraud-as-a-Service model and specializing in tricking users of online marketplaces, in particular, message boards. Criminals are...

6.4AI Score

2024-05-27 01:00 PM
9
kitploit
kitploit

SherlockChain - A Streamlined AI Analysis Framework For Solidity, Vyper And Plutus Contracts

SherlockChain is a powerful smart contract analysis framework that combines the capabilities of the renowned Slither tool with advanced AI-powered features. Developed by a team of security experts and AI researchers, SherlockChain offers unparalleled insights and vulnerability detection for...

7.4AI Score

2024-05-27 12:30 PM
14
githubexploit
githubexploit

Exploit for OS Command Injection in Dolibarr Dolibarr Erp/Crm

CVE-2023-30253 Exploit Dolibarr...

8.8CVSS

7.4AI Score

0.008EPSS

2024-05-27 11:00 AM
144
githubexploit
githubexploit

Exploit for OS Command Injection in Dolibarr Dolibarr Erp/Crm

CVE-2023-30253 Exploit Dolibarr...

8.8CVSS

7.4AI Score

0.008EPSS

2024-05-27 11:00 AM
88
redhatcve
redhatcve

CVE-2021-47505

In the Linux kernel, the following vulnerability has been resolved: aio: fix use-after-free due to missing POLLFREE handling signalfd_poll() and binder_poll() are special in that they use a waitqueue whose lifetime is the current task, rather than the struct file as is normally the case. This is...

6.4AI Score

0.0004EPSS

2024-05-27 11:00 AM
3
nvd
nvd

CVE-2024-27314

Zoho ManageEngine ServiceDesk Plus versions below 14730, ServiceDesk Plus MSP below 14720 and SupportCenter Plus below 14720 are vulnerable to stored XSS in the Custom Actions menu on the request details. This vulnerability can be exploited only by the SDAdmin role...

2.4CVSS

3.2AI Score

0.0004EPSS

2024-05-27 07:15 AM
1
cve
cve

CVE-2024-27314

Zoho ManageEngine ServiceDesk Plus versions below 14730, ServiceDesk Plus MSP below 14720 and SupportCenter Plus below 14720 are vulnerable to stored XSS in the Custom Actions menu on the request details. This vulnerability can be exploited only by the SDAdmin role...

2.4CVSS

5.9AI Score

0.0004EPSS

2024-05-27 07:15 AM
30
cvelist
cvelist

CVE-2024-27314 Stored XSS Vulnerability

Zoho ManageEngine ServiceDesk Plus versions below 14730, ServiceDesk Plus MSP below 14720 and SupportCenter Plus below 14720 are vulnerable to stored XSS in the Custom Actions menu on the request details. This vulnerability can be exploited only by the SDAdmin role...

2.4CVSS

3.2AI Score

0.0004EPSS

2024-05-27 07:03 AM
vulnrichment
vulnrichment

CVE-2024-27314 Stored XSS Vulnerability

Zoho ManageEngine ServiceDesk Plus versions below 14730, ServiceDesk Plus MSP below 14720 and SupportCenter Plus below 14720 are vulnerable to stored XSS in the Custom Actions menu on the request details. This vulnerability can be exploited only by the SDAdmin role...

2.4CVSS

6AI Score

0.0004EPSS

2024-05-27 07:03 AM
f5
f5

K000139793: MacOS vulnerability CVE-2023-41993

Security Advisory Description The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7....

7.1AI Score

0.003EPSS

2024-05-27 12:00 AM
7
nessus
nessus

Ubuntu 24.04 LTS : python-cryptography vulnerability (USN-6673-3)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6673-3 advisory. USN-6673-1 provided a security update for python-cryptography. This update provides the corresponding update for Ubuntu 24.04 LTS. Original advisory details: ...

7.5CVSS

7.5AI Score

0.0004EPSS

2024-05-27 12:00 AM
4
openvas
openvas

Fedora: Security Advisory for R (FEDORA-2024-07b7b83a4f)

The remote host is missing an update for...

8.8CVSS

8.8AI Score

0.0004EPSS

2024-05-27 12:00 AM
openvas
openvas

Fedora: Security Advisory for R (FEDORA-2024-bc590cb3f1)

The remote host is missing an update for...

8.8CVSS

8.8AI Score

0.0004EPSS

2024-05-27 12:00 AM
openvas
openvas

Fedora: Security Advisory for ruff (FEDORA-2024-ce2936b568)

The remote host is missing an update for...

7.5AI Score

2024-05-27 12:00 AM
githubexploit

8.8CVSS

7.3AI Score

0.008EPSS

2024-05-26 03:43 PM
139
Total number of security vulnerabilities120128