Debian dla-3824 : gir1.2-gst-plugins-base-1.0 - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3824 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3824-1 [email protected] ...
7.8CVSS
6.8AI Score
0.0004EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : PyMySQL vulnerability (USN-6801-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6801-1 advisory. It was discovered that PyMySQL incorrectly escaped untrusted JSON input. An attacker could possibly use this issue to perform...
8AI Score
0.0004EPSS
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : browserify-sign vulnerability (USN-6800-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has a package installed that is affected by a vulnerability as referenced in the USN-6800-1 advisory. It was discovered that browserify-sign incorrectly handled an upper bound check in signature verification. If a user or an...
7.5CVSS
7.2AI Score
0.001EPSS
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6797-1 advisory. It was discovered that some 3rd and 4th Generation Intel Xeon Processors did not properly...
7.9CVSS
7.3AI Score
0.001EPSS
Ubuntu 22.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6795-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6795-1 advisory. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use-...
7.8CVSS
7.6AI Score
EPSS
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6799-1 advisory. It was discovered that the debugger in Werkzeug was not restricted to trusted hosts. A remote attacker ...
7.5CVSS
7AI Score
0.0004EPSS
Ubuntu 20.04 LTS : Firefox regressions (USN-6779-2)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6779-2 advisory. USN-6779-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: ...
8AI Score
0.0004EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : TPM2 Software Stack vulnerabilities (USN-6796-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6796-1 advisory. Fergus Dall discovered that TPM2 Software Stack did not properly handle layer arrays. An attacker could possibly use...
6.4CVSS
8.2AI Score
EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : GStreamer Base Plugins vulnerability (USN-6798-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6798-1 advisory. It was discovered that GStreamer Base Plugins incorrectly handled certain EXIF metadata. An attacker could possibly use this...
7.8CVSS
7.7AI Score
0.0004EPSS
Debian dsa-5700 : python-pymysql-doc - security update
The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5700 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5700-1 [email protected] ...
6.9AI Score
0.0004EPSS
Debian dla-3822 : python-pymysql - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3822 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3822-1 [email protected] ...
7.3AI Score
0.0004EPSS
An issue discovered in D-Link DI-7003GV2 routers allows attackers to hijack TCP sessions which could lead to a denial of...
6.5AI Score
EPSS
An issue discovered in D-Link DI-7003GV2 routers allows attackers to hijack TCP sessions which could lead to a denial of...
7AI Score
EPSS
Exploit for OS Command Injection in Fortinet Fortisiem
CVE-2024-23108 POC Proof of concept exploit to blindly...
10CVSS
8AI Score
0.001EPSS
github.com/huandu/facebook is vulnerable to an Information Disclosure vulnerability. The vulnerability is due to the access_token being exposed in error messages upon failing HTTP requests, which could allow an attacker with log access to obtain sensitive access tokens by exploiting error messages....
3.7CVSS
6.4AI Score
0.0004EPSS
Ubuntu 22.04 LTS / 23.10 / 24.04 LTS : FRR vulnerabilities (USN-6794-1)
The remote Ubuntu 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6794-1 advisory. It was discovered that FRR incorrectly handled certain malformed BGP and OSPF packets. A remote attacker could use this issue to...
8.3AI Score
0.0004EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Git vulnerabilities (USN-6793-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6793-1 advisory. It was discovered that Git incorrectly handled certain submodules. An attacker could possibly use this issue to...
9CVSS
7.5AI Score
0.001EPSS
Foxit Reader Updater improper certificate validation privilege escalation vulnerability
Talos Vulnerability Report TALOS-2024-1989 Foxit Reader Updater improper certificate validation privilege escalation vulnerability May 28, 2024 CVE Number CVE-2024-29072 SUMMARY A privilege escalation vulnerability exists in the Foxit Reader 2024.2.0.25138. The vulnerability occurs due to improper....
8.2CVSS
7.6AI Score
0.0004EPSS
libigl readNODE out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2024-1930 libigl readNODE out-of-bounds write vulnerability May 28, 2024 CVE Number CVE-2024-22181 SUMMARY An out-of-bounds write vulnerability exists in the readNODE functionality of libigl v2.5.0. A specially crafted .node file can lead to an out-of-bounds write.....
7.8CVSS
7.5AI Score
0.001EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Unbound vulnerability (USN-6791-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6791-1 advisory. It was discovered that Unbound could take part in a denial of service amplification attack known as DNSBomb. This update...
6.9AI Score
0.0004EPSS
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Flask-Security vulnerability (USN-6792-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6792-1 advisory. Naom Moshe discovered that Flask-Security incorrectly validated URLs. An attacker could use this issue to redirect users to arbitrary...
6.1CVSS
7.1AI Score
0.001EPSS
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6787-1 advisory. It was discovered that Jinja2 incorrectly handled certain HTML attributes that were accepted by....
5.4CVSS
6.1AI Score
0.0004EPSS
Ubuntu 22.04 LTS / 23.10 / 24.04 LTS : WebKitGTK vulnerabilities (USN-6788-1)
The remote Ubuntu 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6788-1 advisory. Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious...
6.8AI Score
0.0004EPSS
Ubuntu 20.04 LTS / 22.04 LTS : Netatalk vulnerabilities (USN-6786-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6786-1 advisory. It was discovered that Netatalk did not properly protect an SMB and AFP default configuration. A remote attacker could possibly use this issue to ...
10CVSS
7.6AI Score
0.007EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : LibreOffice vulnerability (USN-6789-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6789-1 advisory. Amel Bouziane-Leblond discovered that LibreOffice incorrectly handled graphic on-click bindings. If a user were tricked into...
7.2AI Score
0.0004EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : amavisd-new vulnerability (USN-6790-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6790-1 advisory. It was discovered that amavisd-new incorrectly handled certain MIME email messages with multiple boundary parameters. A remote...
7.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ice: fix vsi->txq_map sizing The approach of having XDP queue per CPU regardless of user's setting exposed a hidden bug that could occur in case when Rx queue count differ from Tx queue count. Currently vsi->txq_map's size is...
6.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Disable Tx queues when reconfiguring the interface The Tx queues were not disabled in situations where the driver needed to stop the interface to apply a new configuration. This could result in a kernel panic when...
6.3AI Score
0.0004EPSS
Debian dla-3823 : less - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3823 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3823-1 [email protected] ...
7.7AI Score
0.0004EPSS
Ubuntu 24.04 LTS : python-cryptography vulnerability (USN-6673-3)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6673-3 advisory. USN-6673-1 provided a security update for python-cryptography. This update provides the corresponding update for Ubuntu 24.04 LTS. Original advisory details: ...
7.5CVSS
7.5AI Score
0.0004EPSS
Fedora: Security Advisory for rust-uu_vdir (FEDORA-2024-ce2936b568)
The remote host is missing an update for...
7.5AI Score
8.8CVSS
7.3AI Score
0.008EPSS
Domainim - A Fast And Comprehensive Tool For Organizational Network Scanning
Domainim is a fast domain reconnaissance tool for organizational network scanning. The tool aims to provide a brief overview of an organization's structure using techniques like OSINT, bruteforcing, DNS resolving etc. Features Current features (v1.0.1)- - Subdomain enumeration (2 engines +...
7.8AI Score
7.3AI Score
Debian dla-3821 : fonts-opensymbol - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3821 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3821-1 [email protected] ...
7.1AI Score
0.0004EPSS
JA4+ - Suite Of Network Fingerprinting Standards
JA4+ is a suite of network Fingerprinting methods that are easy to use and easy to share. These methods are both human and machine readable to facilitate more effective threat-hunting and analysis. The use-cases for these fingerprints include scanning for threat actors, malware detection, session.....
7AI Score
Wordpress Hash Form – Drag & Drop Form Builder <= 1.1.0 -...
9.8CVSS
8.5AI Score
0.035EPSS
Debian dla-3819 : fossil - security update
The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3819 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3819-1 [email protected] ...
6.7AI Score
0.0004EPSS
Debian dla-3818 : apache2 - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3818 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3818-1 [email protected] ...
7.5CVSS
7.5AI Score
0.01EPSS
Debian dla-3820 : bluetooth - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3820 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3820-1 [email protected] ...
7.1CVSS
7.3AI Score
0.001EPSS
github.com/huandu/facebook is a Go package that fully supports the Facebook Graph API with file upload, batch request and marketing API. access_token can be exposed in error message on fail in HTTP request. This issue has been patched in version...
3.7CVSS
4.1AI Score
0.0004EPSS
github.com/huandu/facebook is a Go package that fully supports the Facebook Graph API with file upload, batch request and marketing API. access_token can be exposed in error message on fail in HTTP request. This issue has been patched in version...
3.7CVSS
6.6AI Score
0.0004EPSS
github.com/huandu/facebook is a Go package that fully supports the Facebook Graph API with file upload, batch request and marketing API. access_token can be exposed in error message on fail in HTTP request. This issue has been patched in version...
3.7CVSS
6.5AI Score
0.0004EPSS
CVE-2024-35232 github.com/huandu/facebook may expose access_token in error message
github.com/huandu/facebook is a Go package that fully supports the Facebook Graph API with file upload, batch request and marketing API. access_token can be exposed in error message on fail in HTTP request. This issue has been patched in version...
3.7CVSS
4AI Score
0.0004EPSS
CVE-2024-35232 github.com/huandu/facebook may expose access_token in error message
github.com/huandu/facebook is a Go package that fully supports the Facebook Graph API with file upload, batch request and marketing API. access_token can be exposed in error message on fail in HTTP request. This issue has been patched in version...
3.7CVSS
6.8AI Score
0.0004EPSS
github.com/huandu/facebook may expose access_token in error message.
Summary access_token can be exposed in error message on fail in HTTP request. Details Using this module, when HTTP request fails, error message can contain access_token. This can be happen when: - module is sending HTTP request with query parameter ?access_token=.... - and HTTP request fails...
3.7CVSS
6.9AI Score
0.0004EPSS
github.com/huandu/facebook may expose access_token in error message.
Summary access_token can be exposed in error message on fail in HTTP request. Details Using this module, when HTTP request fails, error message can contain access_token. This can be happen when: - module is sending HTTP request with query parameter ?access_token=.... - and HTTP request fails...
3.7CVSS
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ice: fix vsi->txq_map sizing The approach of having XDP queue per CPU regardless of user's setting exposed a hidden bug that could occur in case when Rx queue count differ from Tx queue count. Currently vsi->txq_map's size is...
6.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Disable Tx queues when reconfiguring the interface The Tx queues were not disabled in situations where the driver needed to stop the interface to apply a new configuration. This could result in a kernel panic when...
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ice: fix vsi->txq_map sizing The approach of having XDP queue per CPU regardless of user's setting exposed a hidden bug that could occur in case when Rx queue count differ from Tx queue count. Currently vsi->txq_map's size is...
6.2AI Score
0.0004EPSS