6.5CVSS
6.3AI Score
0.0004EPSS
8.8CVSS
7AI Score
0.0004EPSS
8.8CVSS
8.8AI Score
0.0004EPSS
8.8CVSS
6.8AI Score
0.001EPSS
8.8CVSS
8.8AI Score
0.001EPSS
6.5CVSS
6.8AI Score
0.0004EPSS
6.5CVSS
7.6AI Score
0.0004EPSS
8.8CVSS
8.8AI Score
0.0004EPSS
8.8CVSS
6.8AI Score
0.0004EPSS
Improper validation of certain metadata input may result in the server not correctly serialising BSON. This can be performed pre-authentication and may cause unexpected application behavior including unavailability of serverStatus responses. This issue affects MongoDB Server v7.0 versions prior to....
7.5CVSS
7.5AI Score
0.0004EPSS
Improper validation of certain metadata input may result in the server not correctly serialising BSON. This can be performed pre-authentication and may cause unexpected application behavior including unavailability of serverStatus responses. This issue affects MongoDB Server v7.0 versions prior to....
7.5CVSS
6.5AI Score
0.0004EPSS
php-censor v2.1.4 and fixed in v.2.1.5 was discovered to utilize a weak hashing algorithm for its remember_key value. This allows attackers to bruteforce to bruteforce the remember_key value to gain access to accounts that have checked "remember me" when logging...
6.9AI Score
EPSS
php-censor v2.1.4 and fixed in v.2.1.5 was discovered to utilize a weak hashing algorithm for its remember_key value. This allows attackers to bruteforce to bruteforce the remember_key value to gain access to accounts that have checked "remember me" when logging...
7.2AI Score
EPSS
Globitel KSA SpeechLog v8.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Save Query...
5.9AI Score
EPSS
Globitel KSA SpeechLog v8.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Save Query...
5.7AI Score
EPSS
Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote attacker to execute arbitrary code via a crafted script to the Bluetooth stack...
7.5AI Score
EPSS
Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote attacker to execute arbitrary code via a crafted script to the Bluetooth stack...
7.8AI Score
EPSS
Buffer Overflow vulnerability in emp-ot v.0.2.4 allows a remote attacker to execute arbitrary code via the FerretCOT::read_pre_data128_from_file...
7.6AI Score
EPSS
Buffer Overflow vulnerability in emp-ot v.0.2.4 allows a remote attacker to execute arbitrary code via the FerretCOT::read_pre_data128_from_file...
7.9AI Score
EPSS
Insecure Permission vulnerability in TotalAV v.6.0.740 allows a local attacker to escalate privileges via a crafted...
6.4AI Score
EPSS
Insecure Permission vulnerability in TotalAV v.6.0.740 allows a local attacker to escalate privileges via a crafted...
6.6AI Score
EPSS
SQL Injection vulnerability in Cloud based customer service management platform v.1.0.0 allows a local attacker to execute arbitrary code via a crafted payload to Login.asp...
8AI Score
EPSS
SQL Injection vulnerability in Cloud based customer service management platform v.1.0.0 allows a local attacker to execute arbitrary code via a crafted payload to Login.asp...
8.4AI Score
EPSS
SQL Injection vulnerability in School Task Manager v.1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the delete-task.php...
7.4AI Score
EPSS
SQL Injection vulnerability in School Task Manager v.1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the delete-task.php...
7.1AI Score
EPSS
Cross Site Scripting (XSS) vulnerability in CrushFTP v.10.6.0 and v.10.5.5 allows an attacker to execute arbitrary code via a crafted...
6AI Score
EPSS
Cross Site Scripting (XSS) vulnerability in CrushFTP v.10.6.0 and v.10.5.5 allows an attacker to execute arbitrary code via a crafted...
6.3AI Score
EPSS
An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe...
6.5AI Score
EPSS
An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe...
6.8AI Score
EPSS
MongoDB Server may have unexpected application behaviour due to invalid BSON
Improper validation of certain metadata input may result in the server not correctly serialising BSON. This can be performed pre-authentication and may cause unexpected application behavior including unavailability of serverStatus responses. This issue affects MongoDB Server v7.0 versions prior to....
7.5CVSS
7AI Score
0.0004EPSS
NocoDB is software for building databases as spreadsheets. Prior to 0.202.9, a stored cross-site scripting vulnerability exists within the Formula virtual cell comments functionality. The nc-gui/components/virtual-cell/Formula.vue displays a v-html tag with the value of "urls" whose contents are...
7.3CVSS
5.7AI Score
0.0004EPSS
NocoDB is software for building databases as spreadsheets. Prior to 0.202.9, a stored cross-site scripting vulnerability exists within the Formula virtual cell comments functionality. The nc-gui/components/virtual-cell/Formula.vue displays a v-html tag with the value of "urls" whose contents are...
7.3CVSS
6.7AI Score
0.0004EPSS
NocoDB is software for building databases as spreadsheets. Prior to 0.202.9, a stored cross-site scripting vulnerability exists within the Formula virtual cell comments functionality. The nc-gui/components/virtual-cell/Formula.vue displays a v-html tag with the value of "urls" whose contents are...
7.3CVSS
5.5AI Score
0.0004EPSS
CVE-2024-3372 MongoDB Server may have unexpected application behaviour due to invalid BSON
Improper validation of certain metadata input may result in the server not correctly serialising BSON. This can be performed pre-authentication and may cause unexpected application behavior including unavailability of serverStatus responses. This issue affects MongoDB Server v7.0 versions prior to....
7.5CVSS
6.7AI Score
0.0004EPSS
CVE-2024-3372 MongoDB Server may have unexpected application behaviour due to invalid BSON
Improper validation of certain metadata input may result in the server not correctly serialising BSON. This can be performed pre-authentication and may cause unexpected application behavior including unavailability of serverStatus responses. This issue affects MongoDB Server v7.0 versions prior to....
7.5CVSS
7.7AI Score
0.0004EPSS
May 14, 2024—KB5037800 (Monthly Rollup)
May 14, 2024—KB5037800 (Monthly Rollup) __ End of support information Windows Server 2008 SP2 Extended Security Updates (ESU) third and final year ended on January 10, 2023. Additionally, Extended Security Updates on Azure only support ended on January 9, 2024. For more information, see Extended...
8.8CVSS
7AI Score
0.002EPSS
May 14, 2024—KB5037780 (Monthly Rollup)
May 14, 2024—KB5037780 (Monthly Rollup) __ End of support information As of January 10, 2023, Microsoft no longer provides security updates or technical support for Windows 7 Service Pack 1 (SP1). We recommend that you upgrade to a supported version of Windows. For more information, see Update...
8.8CVSS
7AI Score
0.002EPSS
8.8CVSS
8.8AI Score
0.001EPSS
May 14, 2024—KB5037823 (Monthly Rollup)
May 14, 2024—KB5037823 (Monthly Rollup) IMPORTANT The installation of this Extended Security Update (ESU) might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU...
8.8CVSS
7AI Score
0.001EPSS
8.8CVSS
8.8AI Score
0.0004EPSS
May 14, 2024—KB5037803 (Security-only update)
May 14, 2024—KB5037803 (Security-only update) __ End of support information As of January 10, 2023, Microsoft no longer provides security updates or technical support for Windows 7 Service Pack 1 (SP1). We recommend that you upgrade to a supported version of Windows. For more information, see...
8.8CVSS
7.1AI Score
0.002EPSS
6.5CVSS
6.6AI Score
0.0004EPSS
May 14, 2024—KB5037836 (Security-only update)
May 14, 2024—KB5037836 (Security-only update) __ **End of support information ** Windows Server 2008 SP2 Extended Security Updates (ESU) third and final year ended on January 10, 2023. Additionally, Extended Security Updates on Azure only support ended on January 9, 2024. For more information,...
8.8CVSS
7AI Score
0.002EPSS
Extreme Networks EXOS before v.22.7 and before v.30.2 was discovered to contain an issue in its Web GUI which fails to restrict URL access, allowing attackers to access sensitive information or escalate...
7.2AI Score
EPSS
Extreme Networks EXOS before v.22.7 and before v.30.2 was discovered to contain an issue in its Web GUI which fails to restrict URL access, allowing attackers to access sensitive information or escalate...
6.9AI Score
EPSS
KLA67434 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service, obtain sensitive information. Below is a complete list of...
8.8CVSS
9.7AI Score
0.002EPSS
This Week in Spring - May 14th, 2024
Hi, Spring fans! Welcome to another installment of This Week in Spring! This week's highlights in the Spring ecosystem emphasize the ongoing advancements and applications of Spring AI. The discussions range from exploring the impressive VectorStore abstraction and enhanced structured output...
7.1AI Score
Improper validation of certain metadata input may result in the server not correctly serialising BSON. This can be performed pre-authentication and may cause unexpected application behavior including unavailability of serverStatus responses. This issue affects MongoDB Server v7.0 versions prior to....
7.5CVSS
6.9AI Score
0.0004EPSS
KLA67433 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: A remote code...
8.8CVSS
9.8AI Score
0.008EPSS
Brother Printers Multiple Vulnerabilities (Mar 2024)
Multiple Brother printers are prone to multiple...
6.7AI Score
0.0004EPSS