The Chirp Access app contains a hard-coded password, BEACON_PASSWORD. An attacker within Bluetooth range could change configuration settings within the Bluetooth beacon, effectively disabling the application's ability to notify users when they are near a Beacon-enabled access point. This variable.....
4.3CVSS
4.5AI Score
0.0004EPSS
Description The Specific Content For Mobile – Customize the mobile version without redirections plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 0.1.9.5 due to insufficient input sanitization and output escaping. This makes it possible for...
7.1CVSS
6.4AI Score
0.0004EPSS
CVE-2024-2197 Chirp Systems Chirp Access Use of Hard-coded Password
The Chirp Access app contains a hard-coded password, BEACON_PASSWORD. An attacker within Bluetooth range could change configuration settings within the Bluetooth beacon, effectively disabling the application's ability to notify users when they are near a Beacon-enabled access point. This variable.....
4.3CVSS
4.9AI Score
0.0004EPSS
CVE-2024-2197 Chirp Systems Chirp Access Use of Hard-coded Password
The Chirp Access app contains a hard-coded password, BEACON_PASSWORD. An attacker within Bluetooth range could change configuration settings within the Bluetooth beacon, effectively disabling the application's ability to notify users when they are near a Beacon-enabled access point. This variable.....
4.3CVSS
6.8AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jose Mortellaro Specific Content For Mobile – Customize the mobile version without redirections allows Reflected XSS.This issue affects Specific Content For Mobile – Customize the mobile version...
7.1CVSS
6.9AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jose Mortellaro Specific Content For Mobile – Customize the mobile version without redirections allows Reflected XSS.This issue affects Specific Content For Mobile – Customize the mobile version...
7.1CVSS
9.3AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jose Mortellaro Specific Content For Mobile – Customize the mobile version without redirections allows Reflected XSS.This issue affects Specific Content For Mobile – Customize the mobile version...
7.1CVSS
7.1AI Score
0.0004EPSS
Store manager admits SIM swapping his customers
A 42-year-old manager at an unnamed telecommunications company has admitted SIM swapping customers at his store. SIM swapping, also known as SIM jacking, is the act of illegally taking over a target’s cell phone number and re-routing it to a phone under the attacker's control. Once an attacker has....
7.3AI Score
Releases Ubuntu 20.04 LTS Ubuntu 18.04 ESM Packages linux - Linux kernel linux-bluefield - Linux kernel for NVIDIA BlueField platforms linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems linux-gkeop - Linux kernel for Google Container Engine (GKE) systems linux-hwe-5.4 - Linux...
7.8CVSS
7.3AI Score
0.002EPSS
Top 6 Data Breaches That Cost Millions
“If you put a key under the mat for the cops, a burglar can find it, too. Criminals are using every technology tool at their disposal to hack into people’s accounts. If they know there’s a key hidden somewhere, they won’t stop until they find it.” - Tim Cook, CEO of Apple Inc. The entire digital...
6.7AI Score
7.4AI Score
Exploit for Deserialization of Untrusted Data in Apache Log4J
Log4Shell Vulnerable Application(l4s-vulnapp) This is a...
9AI Score
Uncontrolled Resource Consumption in Mattermost Mobile versions before 2.13.0 fails to limit the size of the code block that will be processed by the syntax highlighter, allowing an attacker to send a very large code block and crash the mobile...
3.5CVSS
4.1AI Score
0.0004EPSS
Uncontrolled Resource Consumption in Mattermost Mobile versions before 2.13.0 fails to limit the size of the code block that will be processed by the syntax highlighter, allowing an attacker to send a very large code block and crash the mobile...
3.5CVSS
6.9AI Score
0.0004EPSS
CVE-2024-24975 Denial of Service for mobile app users due to automatic code highlighting
Uncontrolled Resource Consumption in Mattermost Mobile versions before 2.13.0 fails to limit the size of the code block that will be processed by the syntax highlighter, allowing an attacker to send a very large code block and crash the mobile...
3.5CVSS
4.5AI Score
0.0004EPSS
Webinar recap: 6 critical cyberthreats in 2024 and how to counter them
Our webinar on the 2024 State of Malware report is now available on-demand. Featuring cybersecurity experts Mark Stockley and Jérôme Segura, this webinar unpacks 2024’s most critical cyberthreats, including big game ransomware, malvertising, and emerging challenges to mobile and Mac security. Key.....
7.4AI Score
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....
9.8CVSS
9.6AI Score
0.303EPSS
Siemens Sinteso EN Cerberus PRO EN Fire Protection Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....
10CVSS
8.9AI Score
0.001EPSS
Microsoft Edge for Android (CVE-2024-26167)
An spoofing vulnerability exists in Microsoft Edge for Android. An unauthenticated, remote attacker can exploit this to trick end users into potentially revealing sensitive information. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported...
4.3CVSS
7.1AI Score
0.0005EPSS
IBM Maximo Application Suite - Maximo Mobile for EAM 8.10 and 8.11 could disclose sensitive information to a local user. IBM X-Force ID: ...
5.1CVSS
4.9AI Score
0.0004EPSS
IBM Maximo Application Suite - Maximo Mobile for EAM 8.10 and 8.11 could disclose sensitive information to a local user. IBM X-Force ID: ...
5.1CVSS
4.8AI Score
0.0004EPSS
IBM Maximo Application Suite - Maximo Mobile for EAM 8.10 and 8.11 could disclose sensitive information to a local user. IBM X-Force ID: ...
5.1CVSS
4.8AI Score
0.0004EPSS
CVE-2023-43043 IBM Maximo Application Suite information disclosure
IBM Maximo Application Suite - Maximo Mobile for EAM 8.10 and 8.11 could disclose sensitive information to a local user. IBM X-Force ID: ...
5.1CVSS
5AI Score
0.0004EPSS
The State of Stalkerware in 2023–2024
The State of Stalkerware in 2023 (PDF) The annual Kaspersky State of Stalkerware report aims to contribute to awareness and a better understanding of how people around the world are impacted by digital stalking. Stalkerware is commercially available software that can be discreetly installed on...
6.8AI Score
Microsoft's March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws
Microsoft on Tuesday released its monthly security update, addressing 61 different security flaws spanning its software, including two critical issues impacting Windows Hyper-V that could lead to denial-of-service (DoS) and remote code execution. Of the 61 vulnerabilities, two are rated Critical,.....
9.8CVSS
8.2AI Score
0.005EPSS
Intel 2024.1 IPU - BIOS March 2024 Security Updates
Intel has informed HP of potential security vulnerabilities identified in some Intel® Processors and/or BIOS Firmware for some Intel® Processors which may allow escalation of privilege, denial of service, or information disclosure. Intel is releasing firmware updates to mitigate this potential...
7.2CVSS
7.8AI Score
0.001EPSS
7.4AI Score
Siemens Sinteso EN and Cerberus PRO EN Fire Protection Systems Stack Buffer Overflow Vulnerability
Cerberus PRO EN is a fire protection system consisting of fire panels, detection and management stations. It is available to Siemens partners and complies with the European standard EN 54 for fire detection and alarm systems. Sinteso EN is a fire protection system consisting of fire panels,...
10CVSS
7.8AI Score
0.001EPSS
Intel 2024.1 IPU - Chipset Software March 2024 Security Update
Intel has informed HP of potential security vulnerabilities in the Intel® Converged Security Management Engine (CSME) installer and Intel® Local Manageability Service software which may allow escalation of privilege or information disclosure. Intel is releasing updates to mitigate these potential.....
6.7CVSS
7.6AI Score
0.0004EPSS
Siemens Sinteso EN and Cerberus PRO EN Fire Protection Systems Buffer Overflow Vulnerability
Cerberus PRO EN is a fire protection system consisting of fire panels, detection and management stations. It is available to Siemens partners and complies with the European standard EN 54 for fire detection and alarm systems. Sinteso EN is a fire protection system consisting of fire panels,...
7.5CVSS
7.3AI Score
0.0004EPSS
7.4AI Score
Siemens Sinteso EN and Cerberus PRO EN Fire Protection Systems Out-of-Bounds Read Vulnerability
Cerberus PRO EN is a fire protection system consisting of fire panels, detection and management stations. It is available to Siemens partners and complies with the European standard EN 54 for fire detection and alarm systems. Sinteso EN is a fire protection system consisting of fire panels,...
7.5CVSS
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that [ZONE_NORMAL ZONE_DEVICE...
7.3AI Score
0.0004EPSS
Summary IBM Maximo Mobile for EAM could disclose sensitive information to a local user. Vulnerability Details ** CVEID: CVE-2023-43043 DESCRIPTION: **IBM Maximo Application Suite - Maximo Mobile for EAM could disclose sensitive information to a local user. CVSS Base score: 5.1 CVSS Temporal...
5.1CVSS
6.2AI Score
0.0004EPSS
Schneider Electric EcoStruxure Power Design
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low Attack Complexity Vendor: Schneider Electric Equipment: EcoStruxure Power Design Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability may allow for arbitrary code execution. 3....
7.8CVSS
7.8AI Score
0.001EPSS
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x IP6 (All versions), Cerberus PRO EN Fire Panel FC72x IP7 (All versions), Cerberus PRO EN Fire Panel FC72x IP8 (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution...
7.5CVSS
8AI Score
0.0004EPSS
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x IP6 (All versions), Cerberus PRO EN Fire Panel FC72x IP7 (All versions), Cerberus PRO EN Fire Panel FC72x IP8 (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution...
7.5CVSS
7.4AI Score
0.0004EPSS
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions < IP8), Cerberus PRO EN Fire Panel FC72x IP6 (All versions < IP6 SR3), Cerberus PRO EN Fire Panel FC72x IP7 (All versions < IP7 SR5), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions < V3.0.66...
10CVSS
9.6AI Score
0.001EPSS
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions < IP8), Cerberus PRO EN Fire Panel FC72x IP6 (All versions < IP6 SR3), Cerberus PRO EN Fire Panel FC72x IP7 (All versions < IP7 SR5), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions < V3.0.66...
9.8CVSS
9.7AI Score
0.001EPSS
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x IP6 (All versions), Cerberus PRO EN Fire Panel FC72x IP7 (All versions), Cerberus PRO EN Fire Panel FC72x IP8 (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution...
7.5CVSS
7.5AI Score
0.0004EPSS
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x IP6 (All versions), Cerberus PRO EN Fire Panel FC72x IP7 (All versions), Cerberus PRO EN Fire Panel FC72x IP8 (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution...
7.5CVSS
8.1AI Score
0.0004EPSS
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution (All versions < V4.3.5618), Cerberus PRO EN X300 Cloud Distribution (All versions < V4.3.5617), Sinteso...
7.5CVSS
7.4AI Score
0.0004EPSS
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution (All versions < V4.3.5618), Cerberus PRO EN X300 Cloud Distribution (All versions < V4.3.5617), Sinteso...
7.5CVSS
7.2AI Score
0.0004EPSS
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions < IP8), Cerberus PRO EN Fire Panel FC72x (All versions < IP8), Cerberus PRO EN X200 Cloud Distribution (All versions < V4.0.5016), Cerberus PRO EN X300 Cloud Distribution (All versions < V4.2.5015), Si...
10CVSS
9.5AI Score
0.001EPSS
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x IP6 (All versions), Cerberus PRO EN Fire Panel FC72x IP7 (All versions), Cerberus PRO EN Fire Panel FC72x IP8 (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution...
7.5CVSS
7.6AI Score
0.0004EPSS
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x IP6 (All versions), Cerberus PRO EN Fire Panel FC72x IP7 (All versions), Cerberus PRO EN Fire Panel FC72x IP8 (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution...
7.5CVSS
6.9AI Score
0.0004EPSS
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x IP6 (All versions), Cerberus PRO EN Fire Panel FC72x IP7 (All versions), Cerberus PRO EN Fire Panel FC72x IP8 (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution...
7.5CVSS
7AI Score
0.0004EPSS
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x IP6 (All versions), Cerberus PRO EN Fire Panel FC72x IP7 (All versions), Cerberus PRO EN Fire Panel FC72x IP8 (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution...
7.5CVSS
7.7AI Score
0.0004EPSS
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions < IP8), Cerberus PRO EN Fire Panel FC72x IP6 (All versions < IP6 SR3), Cerberus PRO EN Fire Panel FC72x IP7 (All versions < IP7 SR5), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions < V3.0.66...
10CVSS
9.8AI Score
0.001EPSS
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions < IP8), Cerberus PRO EN Fire Panel FC72x IP6 (All versions < IP6 SR3), Cerberus PRO EN Fire Panel FC72x IP7 (All versions < IP7 SR5), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions < V3.0.66...
10CVSS
7.5AI Score
0.001EPSS