Lucene search

K

Ryzen™ Threadripper™ 5000 Series Processors Security Vulnerabilities

nvd
nvd

CVE-2024-28974

Dell Data Protection Advisor, version(s) 19.9, contain(s) an Inadequate Encryption Strength vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of...

7.6CVSS

7.3AI Score

0.0004EPSS

2024-05-29 04:15 PM
talosblog
talosblog

Out-of-bounds reads in Adobe Acrobat; Foxit PDF Reader contains vulnerability that could lead to SYSTEM-level privileges

Cisco Talos' Vulnerability Research team has helped to disclose and patch more than 20 vulnerabilities over the past three weeks, including two in the popular Adobe Acrobat Reader software. Acrobat, one of the most popular PDF readers currently available, contains two out-of-bounds read...

9.8CVSS

9.8AI Score

0.001EPSS

2024-05-29 04:07 PM
2
cvelist
cvelist

CVE-2024-28974

Dell Data Protection Advisor, version(s) 19.9, contain(s) an Inadequate Encryption Strength vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of...

7.6CVSS

7.3AI Score

0.0004EPSS

2024-05-29 03:21 PM
3
vulnrichment
vulnrichment

CVE-2024-28974

Dell Data Protection Advisor, version(s) 19.9, contain(s) an Inadequate Encryption Strength vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of...

7.6CVSS

6.8AI Score

0.0004EPSS

2024-05-29 03:21 PM
thn
thn

Check Point Warns of Zero-Day Attacks on its VPN Gateway Products

Check Point is warning of a zero-day vulnerability in its Network Security gateway products that threat actors have exploited in the wild. Tracked as CVE-2024-24919 (CVSS score: 8.6), the issue impacts CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and...

8.6CVSS

9.1AI Score

0.945EPSS

2024-05-29 03:16 PM
1
thn
thn

Brazilian Banks Targeted by New AllaKore RAT Variant Called AllaSenha

Brazilian banking institutions are the target of a new campaign that distributes a custom variant of the Windows-based AllaKore remote access trojan (RAT) called AllaSenha. The malware is "specifically aimed at stealing credentials that are required to access Brazilian bank accounts, [and]...

7.7AI Score

2024-05-29 02:58 PM
1
malwarebytes
malwarebytes

Data leak site BreachForums is back, boasting Live Nation/Ticketmaster user data. But is it a trap?

Notorious data leak site BreachForums appears to be back online after it was seized by law enforcement a few weeks ago. At least one of BreachForums domains and its dark web site are live again. However, questions have been raised over whether it is a genuine attempt to revive the forums once...

7.3AI Score

2024-05-29 01:06 PM
8
osv
osv

intel-microcode vulnerabilities

It was discovered that some 3rd and 4th Generation Intel® Xeon® Processors did not properly restrict access to certain hardware features when using Intel® SGX or Intel® TDX. This may allow a privileged local user to potentially further escalate their privileges on the system. This issue only...

7.9CVSS

7.3AI Score

0.001EPSS

2024-05-29 07:13 AM
3
nessus
nessus

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Intel Microcode vulnerabilities (USN-6797-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6797-1 advisory. It was discovered that some 3rd and 4th Generation Intel Xeon Processors did not properly...

7.9CVSS

7.3AI Score

0.001EPSS

2024-05-29 12:00 AM
3
openvas
openvas

Ubuntu: Security Advisory (USN-6795-1)

The remote host is missing an update for...

7.8CVSS

7.3AI Score

EPSS

2024-05-29 12:00 AM
4
nessus
nessus

EulerOS Virtualization 2.11.0 : kernel (EulerOS-SA-2024-1735)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation...

8CVSS

7.2AI Score

EPSS

2024-05-29 12:00 AM
2
nessus
nessus

Ubuntu 22.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6795-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6795-1 advisory. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use-...

7.8CVSS

7.6AI Score

EPSS

2024-05-29 12:00 AM
2
nessus
nessus

EulerOS Virtualization 2.11.1 : kernel (EulerOS-SA-2024-1734)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation...

8CVSS

7.2AI Score

EPSS

2024-05-29 12:00 AM
2
ubuntu
ubuntu

Intel Microcode vulnerabilities

Releases Ubuntu 24.04 LTS Ubuntu 23.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 ESM Ubuntu 16.04 ESM Packages intel-microcode - Processor microcode for Intel CPUs Details It was discovered that some 3rd and 4th Generation Intel® Xeon® Processors did not properly restrict access to...

7.9CVSS

7.4AI Score

0.001EPSS

2024-05-29 12:00 AM
5
nvidia
nvidia

Security Bulletin: Triton Inference Server - May 2024

NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the Triton Inference Server Releases page on GitHub, and view the Secure Deployment Considerations Guide. Go to NVIDIA...

9CVSS

8AI Score

0.0004EPSS

2024-05-29 12:00 AM
5
ibm
ibm

Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Monitoring.

Summary Vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring (ITM) components. CVEs: CVE-2023-38264, CVE-2024-21011, CVE-2024-21085 and CVE-2024-21094 Vulnerability Details ** CVEID: CVE-2024-21094 DESCRIPTION: **An unspecified...

5.9CVSS

6.7AI Score

0.001EPSS

2024-05-28 07:41 PM
7
osv
osv

linux-intel-iotg vulnerabilities

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-47233) It was....

7.8CVSS

7AI Score

EPSS

2024-05-28 07:06 PM
4
nvd
nvd

CVE-2024-21785

A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted series of network requests can lead to unauthorized access. An attacker can send a sequence of requests to trigger this...

9.8CVSS

9.4AI Score

0.001EPSS

2024-05-28 04:15 PM
cve
cve

CVE-2024-21785

A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted series of network requests can lead to unauthorized access. An attacker can send a sequence of requests to trigger this...

9.8CVSS

6.7AI Score

0.001EPSS

2024-05-28 04:15 PM
3
mssecure
mssecure

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks

Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet (formerly Storm-1789), that uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for its financial and...

7.7AI Score

2024-05-28 04:00 PM
2
vulnrichment
vulnrichment

CVE-2024-21785

A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted series of network requests can lead to unauthorized access. An attacker can send a sequence of requests to trigger this...

9.8CVSS

6.8AI Score

0.001EPSS

2024-05-28 03:30 PM
cvelist
cvelist

CVE-2024-21785

A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted series of network requests can lead to unauthorized access. An attacker can send a sequence of requests to trigger this...

9.8CVSS

9.3AI Score

0.001EPSS

2024-05-28 03:30 PM
3
nvd
nvd

CVE-2024-4429

Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information...

5.4CVSS

5.2AI Score

0.0004EPSS

2024-05-28 03:15 PM
1
cve
cve

CVE-2024-4429

Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information...

5.4CVSS

6.3AI Score

0.0004EPSS

2024-05-28 03:15 PM
cve
cve

CVE-2024-3969

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML...

7.8CVSS

8.4AI Score

0.0004EPSS

2024-05-28 03:15 PM
3
nvd
nvd

CVE-2024-3969

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML...

7.8CVSS

8AI Score

0.0004EPSS

2024-05-28 03:15 PM
cvelist
cvelist

CVE-2024-4429 Cross Site Request Forgery vulnerability in iManager

Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information...

5.4CVSS

5.2AI Score

0.0004EPSS

2024-05-28 02:38 PM
2
vulnrichment
vulnrichment

CVE-2024-4429 Cross Site Request Forgery vulnerability in iManager

Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information...

5.4CVSS

6.4AI Score

0.0004EPSS

2024-05-28 02:38 PM
cvelist
cvelist

CVE-2024-3969 XML External Entity injection vulnerability in iManager

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML...

7.8CVSS

8AI Score

0.0004EPSS

2024-05-28 02:38 PM
4
kitploit
kitploit

Pyrit - The Famous WPA Precomputed Cracker

Pyrit allows you to create massive databases of pre-computed WPA/WPA2-PSK authentication phase in a space-time-tradeoff. By using the computational power of Multi-Core CPUs and other platforms through ATI-Stream,Nvidia CUDA and OpenCL, it is currently by far the most powerful attack against one of....

7.2AI Score

2024-05-28 12:30 PM
10
talos
talos

AutomationDirect P3-550E Telnet Diagnostic Interface leftover debug code vulnerability

Talos Vulnerability Report TALOS-2024-1942 AutomationDirect P3-550E Telnet Diagnostic Interface leftover debug code vulnerability May 28, 2024 CVE Number CVE-2024-21785 SUMMARY A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E...

9.8CVSS

7.8AI Score

0.001EPSS

2024-05-28 12:00 AM
4
talos
talos

AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Read-What-Where vulnerability

Talos Vulnerability Report TALOS-2024-1941 AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Read-What-Where vulnerability May 28, 2024 CVE Number CVE-2024-23315 SUMMARY A read-what-where vulnerability exists in the Programming Software Connection IMM 01A1 Memory...

7.5CVSS

7AI Score

0.001EPSS

2024-05-28 12:00 AM
4
talos
talos

AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Write-What-Where vulnerability

Talos Vulnerability Report TALOS-2024-1940 AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Write-What-Where vulnerability May 28, 2024 CVE Number CVE-2024-22187 SUMMARY A write-what-where vulnerability exists in the Programming Software Connection Remote Memory...

9.1CVSS

7.6AI Score

0.001EPSS

2024-05-28 12:00 AM
1
talos
talos

AutomationDirect P3-550E Programming Software Connection FileSelect stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-1939 AutomationDirect P3-550E Programming Software Connection FileSelect stack-based buffer overflow vulnerability May 28, 2024 CVE Number CVE-2024-24963,CVE-2024-24962 SUMMARY A stack-based buffer overflow vulnerability exists in the Programming Software...

9.8CVSS

8AI Score

0.001EPSS

2024-05-28 12:00 AM
4
packetstorm

7.4AI Score

2024-05-28 12:00 AM
70
ubuntu
ubuntu

Linux kernel (Intel IoTG) vulnerabilities

Releases Ubuntu 22.04 LTS Packages linux-intel-iotg - Linux kernel for Intel IoT platforms Details Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically...

7.8CVSS

7.5AI Score

EPSS

2024-05-28 12:00 AM
5
redhatcve
redhatcve

CVE-2021-47514

In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To fix....

6.6AI Score

0.0004EPSS

2024-05-27 11:01 AM
4
thn
thn

New Tricks in the Phishing Playbook: Cloudflare Workers, HTML Smuggling, GenAI

Cybersecurity researchers are alerting of phishing campaigns that abuse Cloudflare Workers to serve phishing sites that are used to harvest users' credentials associated with Microsoft, Gmail, Yahoo!, and cPanel Webmail. The attack method, called transparent phishing or adversary-in-the-middle...

7.2AI Score

2024-05-27 09:02 AM
1
openvas
openvas

Fedora: Security Advisory for R (FEDORA-2024-07b7b83a4f)

The remote host is missing an update for...

8.8CVSS

8.8AI Score

0.0004EPSS

2024-05-27 12:00 AM
openvas
openvas

Fedora: Security Advisory for R (FEDORA-2024-bc590cb3f1)

The remote host is missing an update for...

8.8CVSS

8.8AI Score

0.0004EPSS

2024-05-27 12:00 AM
kitploit
kitploit

Domainim - A Fast And Comprehensive Tool For Organizational Network Scanning

Domainim is a fast domain reconnaissance tool for organizational network scanning. The tool aims to provide a brief overview of an organization's structure using techniques like OSINT, bruteforcing, DNS resolving etc. Features Current features (v1.0.1)- - Subdomain enumeration (2 engines +...

7.8AI Score

2024-05-26 12:30 PM
15
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ucode-intel (SUSE-SU-2024:1771-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1771-1 advisory. Intel CPU Microcode was updated to the 20240514 release (bsc#1224277) - CVE-2023-45733: Fixed...

7.9CVSS

7.8AI Score

0.0004EPSS

2024-05-25 12:00 AM
2
debiancve
debiancve

CVE-2021-47514

In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To...

6.7AI Score

0.0004EPSS

2024-05-24 03:15 PM
1
nvd
nvd

CVE-2021-47514

In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To fix....

6.5AI Score

0.0004EPSS

2024-05-24 03:15 PM
cve
cve

CVE-2021-47514

In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To fix....

6.7AI Score

0.0004EPSS

2024-05-24 03:15 PM
24
cvelist
cvelist

CVE-2021-47514 devlink: fix netns refcount leak in devlink_nl_cmd_reload()

In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To fix....

6.5AI Score

0.0004EPSS

2024-05-24 03:09 PM
vulnrichment
vulnrichment

CVE-2021-47514 devlink: fix netns refcount leak in devlink_nl_cmd_reload()

In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To fix....

6.8AI Score

0.0004EPSS

2024-05-24 03:09 PM
2
arista
arista

Security Advisory 0097

Security Advisory 0097 PDF Date: May 24, 2024 Revision | Date | Changes ---|---|--- 1.0 | May 24, 2024 | Initial release The CVE-ID tracking this issue: CVE-2023-52424 CVSSv3.1 Base Score: Not indicated by NVD as of 5/23/2024 Description Arista Networks is providing this security update in...

6AI Score

EPSS

2024-05-24 12:00 AM
5
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:1771-1)

The remote host is missing an update for...

7.9CVSS

7.5AI Score

0.0004EPSS

2024-05-24 12:00 AM
2
ubuntucve
ubuntucve

CVE-2021-47514

In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To fix....

6.6AI Score

0.0004EPSS

2024-05-24 12:00 AM
1
Total number of security vulnerabilities52997