SCALANCE X307-2 EEC (2x 230V, Coated) Security Vulnerabilities
CVE-2023-0215 affecting package shim-unsigned-x64 15.4-2
CVE-2023-0215 affecting package shim-unsigned-x64 15.4-2. This CVE either no longer is or was never...
7.5CVSS
8.4AI Score
0.004EPSS
CVE-2022-46908 affecting package sqlite 3.34.1-2
CVE-2022-46908 affecting package sqlite 3.34.1-2. This CVE either no longer is or was never...
7.3CVSS
9.8AI Score
0.001EPSS
CVE-2022-3697 affecting package ansible 2.9.27-2
CVE-2022-3697 affecting package ansible 2.9.27-2. No patch is available...
7.5CVSS
7.5AI Score
0.002EPSS
CVE-2022-21628 affecting package openjdk8 1.8.0.332-2
CVE-2022-21628 affecting package openjdk8 1.8.0.332-2. No patch is available...
5.3CVSS
6.1AI Score
0.002EPSS
CVE-2022-2879 affecting package golang 1.17.13-2
CVE-2022-2879 affecting package golang 1.17.13-2. No patch is available...
7.5CVSS
9.1AI Score
0.002EPSS
CVE-2022-21541 affecting package openjdk8 1.8.0.332-2
CVE-2022-21541 affecting package openjdk8 1.8.0.332-2. No patch is available...
5.9CVSS
9.9AI Score
0.001EPSS
CVE-2022-41725 affecting package golang 1.17.13-2
CVE-2022-41725 affecting package golang 1.17.13-2. No patch is available...
7.5CVSS
10AI Score
0.001EPSS
CVE-2023-0215 affecting package cloud-hypervisor 22.0-2
CVE-2023-0215 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...
7.5CVSS
8.4AI Score
0.004EPSS
CVE-2022-41715 affecting package golang 1.17.13-2
CVE-2022-41715 affecting package golang 1.17.13-2. No patch is available...
7.5CVSS
9.1AI Score
0.002EPSS
CVE-2023-21843 affecting package openjdk8 1.8.0.332-2
CVE-2023-21843 affecting package openjdk8 1.8.0.332-2. No patch is available...
3.7CVSS
6.9AI Score
0.001EPSS
CVE-2022-34169 affecting package openjdk8 1.8.0.332-2
CVE-2022-34169 affecting package openjdk8 1.8.0.332-2. No patch is available...
7.5CVSS
9.1AI Score
0.002EPSS
CVE-2023-0286 affecting package cloud-hypervisor 22.0-2
CVE-2023-0286 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...
7.4CVSS
8.4AI Score
0.003EPSS
CVE-2023-21830 affecting package openjdk8 1.8.0.332-2
CVE-2023-21830 affecting package openjdk8 1.8.0.332-2. No patch is available...
5.3CVSS
6.9AI Score
0.001EPSS
CVE-2022-21619 affecting package openjdk8 1.8.0.332-2
CVE-2022-21619 affecting package openjdk8 1.8.0.332-2. No patch is available...
3.7CVSS
6.1AI Score
0.002EPSS
CVE-2022-2880 affecting package golang 1.17.13-2
CVE-2022-2880 affecting package golang 1.17.13-2. No patch is available...
7.5CVSS
9.1AI Score
0.002EPSS
CVE-2022-38126 affecting package binutils 2.36.1-2
CVE-2022-38126 affecting package binutils 2.36.1-2. This CVE either no longer is or was never...
7.5AI Score
EPSS
CVE-2022-4304 affecting package cloud-hypervisor 22.0-2
CVE-2022-4304 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...
5.9CVSS
8.4AI Score
0.002EPSS
CVE-2021-34141 affecting package numpy 1.16.6-2
CVE-2021-34141 affecting package numpy 1.16.6-2. This CVE either no longer is or was never...
5.3CVSS
9.8AI Score
0.001EPSS
CVE-2022-38128 affecting package binutils 2.36.1-2
CVE-2022-38128 affecting package binutils 2.36.1-2. This CVE either no longer is or was never...
7.5AI Score
EPSS
CVE-2022-4450 affecting package cloud-hypervisor 22.0-2
CVE-2022-4450 affecting package cloud-hypervisor 22.0-2. This CVE either no longer is or was never...
7.5CVSS
9AI Score
0.001EPSS
CVE-2022-21624 affecting package openjdk8 1.8.0.332-2
CVE-2022-21624 affecting package openjdk8 1.8.0.332-2. No patch is available...
3.7CVSS
6.1AI Score
0.002EPSS
CVE-2022-38127 affecting package binutils 2.36.1-2
CVE-2022-38127 affecting package binutils 2.36.1-2. This CVE either no longer is or was never...
7.5AI Score
EPSS
CVE-2022-27664 affecting package golang 1.17.13-2
CVE-2022-27664 affecting package golang 1.17.13-2. No patch is available...
7.5CVSS
9AI Score
0.002EPSS
CVE-2022-21540 affecting package openjdk8 1.8.0.332-2
CVE-2022-21540 affecting package openjdk8 1.8.0.332-2. No patch is available...
5.3CVSS
9.9AI Score
0.001EPSS
CVE-2018-25032 affecting package openjdk8 for versions less than 1.8.0.332-2
CVE-2018-25032 affecting package openjdk8 for versions less than 1.8.0.332-2. A patched version of the package is...
7.5CVSS
9.1AI Score
0.003EPSS
CVE-2022-41724 affecting package golang 1.17.13-2
CVE-2022-41724 affecting package golang 1.17.13-2. No patch is available...
7.5CVSS
9.1AI Score
0.001EPSS
CVE-2020-8563 affecting package kubernetes-1.18.19 1.18.19-2
CVE-2020-8563 affecting package kubernetes-1.18.19 1.18.19-2. No patch is available...
5.5CVSS
7.5AI Score
0.0005EPSS
CVE-2022-41722 affecting package golang 1.17.13-2
CVE-2022-41722 affecting package golang 1.17.13-2. No patch is available...
7.5CVSS
8.7AI Score
0.001EPSS
CVE-2022-43410 affecting package mercurial 5.4-2
CVE-2022-43410 affecting package mercurial 5.4-2. No patch is available...
5.3CVSS
7.5AI Score
0.001EPSS
CVE-2022-21626 affecting package openjdk8 1.8.0.332-2
CVE-2022-21626 affecting package openjdk8 1.8.0.332-2. No patch is available...
5.3CVSS
6.1AI Score
0.002EPSS
CVE-2021-41495 affecting package numpy 1.16.6-2
CVE-2021-41495 affecting package numpy 1.16.6-2. No patch is available...
5.3CVSS
9.9AI Score
0.001EPSS
CVE-2023-44487 affecting package prometheus-adapter for versions less than 0.10.0-2
CVE-2023-44487 affecting package prometheus-adapter for versions less than 0.10.0-2. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-44487 affecting package kata-containers-cc for versions less than 0.6.1-2
CVE-2023-44487 affecting package kata-containers-cc for versions less than 0.6.1-2. A patched version of the package is...
7.5CVSS
8.9AI Score
0.732EPSS
CVE-2023-48795 affecting package nmap for versions less than 7.93-2
CVE-2023-48795 affecting package nmap for versions less than 7.93-2. A patched version of the package is...
5.9CVSS
6.2AI Score
0.963EPSS
CVE-2023-39325 affecting package golang for versions less than 1.20.7-2
CVE-2023-39325 affecting package golang for versions less than 1.20.7-2. A patched version of the package is...
7.5CVSS
7.8AI Score
0.002EPSS
CVE-2023-45853 affecting package cloud-hypervisor for versions less than 32.0-2
CVE-2023-45853 affecting package cloud-hypervisor for versions less than 32.0-2. A patched version of the package is...
9.8CVSS
9.9AI Score
0.001EPSS
Metasploit Weekly Wrap-Up 06/28/2024
Unauthenticated Command Injection in Netis Router This week's Metasploit release includes an exploit module for an unauthenticated command injection vulnerability in the Netis MW5360 router which is being tracked as CVE-2024-22729. The vulnerability stems from improper handling of the password...
9.8CVSS
9AI Score
0.005EPSS
Summary Vulnerabilities in Curl could allow a remote attacker to bypass security restrictions (CVE-2024-2466, CVE-2024-2004, CVE-2024-2379) or cause a denial of service (CVE-2024-2398). PowerSC uses Curl as part of PowerSC Trusted Network Connect (TNC). Vulnerability Details ** CVEID:...
7.5AI Score
0.0004EPSS
9CVSS
9.2AI Score
EPSS
Security Bulletin: Vulnerability in tqdm affects IBM Process Mining CVE-2024-34062
Summary There is a vulnerability in tqdm that could allow an local authenticated attacker to execute arbitrary code on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details ** CVEID:...
4.8CVSS
5.9AI Score
0.0004EPSS
Security Bulletin: Vulnerability in Jinja affects IBM Process Mining CVE-2024-34064
Summary There is a vulnerability in Jinja that could allow an attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability....
5.4CVSS
6.7AI Score
0.0004EPSS
Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an remote authenticated attacker to obtain sensitive information on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability....
6.3AI Score
0.0004EPSS
Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an attacker to perform a DNS poisoning attack on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...
6.9AI Score
0.0004EPSS
Security Bulletin: Vulnerability in Netty affects IBM Process Mining CVE-2024-29025
Summary There is a vulnerability in Netty that could allow an attacker to cause a denial of service condition on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details ** CVEID: CVE-2024-29025 ...
5.3CVSS
7.1AI Score
0.0004EPSS
Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an attacker to cause a denial of service condition on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability...
7.1AI Score
0.0004EPSS
Security Bulletin: Vulnerability in Pydantic affects IBM Process Mining CVE-2024-3772
Summary There is a vulnerability in Pydantic that could allow an attacker to cause a denial of service on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details ** CVEID: CVE-2024-3772 ...
5.9CVSS
7.2AI Score
0.0004EPSS
Security Bulletin: Vulnerability in Node.js affects IBM Process Mining CVE-2024-28849
Summary There is a vulnerability in Node.js that could allow an remote authenticated attacker to obtain sensitive information on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details ** CVEID:...
6.5CVSS
6.3AI Score
0.0004EPSS
Summary There is a vulnerability in VMware Tanzu Spring Framework that could allow a remote attacker to conduct phishing attacks on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details ** CVEID:....
8.1CVSS
6.8AI Score
0.0004EPSS
Security Bulletin: Vulnerability in Gunicorn affects IBM Process Mining CVE-2024-1135
Summary There is a vulnerability in Gunicorn that could allow an attacker to conduct XSS attacks on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details ** CVEID: CVE-2024-1135 DESCRIPTION:...
7.5CVSS
6.2AI Score
0.0004EPSS
Summary There is a vulnerability in Bouncy Castle Crypto Package For Java that could allow an attacker to cause excessive CPU consumption on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details.....
7.1AI Score
EPSS