Lucene search

K

Sermon'e – Sermons Online Security Vulnerabilities

ubuntucve
ubuntucve

CVE-2024-35989

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms During the removal of the idxd driver, registered offline callback is invoked as part of the clean up process. However, on systems with only one CPU online, no valid...

6.5AI Score

0.0004EPSS

2024-05-20 12:00 AM
nessus
nessus

FreeBSD : electron29 -- setuid() does not affect libuv's internal io_uring (a431676c-f86c-4371-b48a-b7d2b0bec3a3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a431676c-f86c-4371-b48a-b7d2b0bec3a3 advisory. setuid() does not affect libuv's internal io_uring operations if initialized before the call to...

7.3CVSS

7.2AI Score

0.0004EPSS

2024-05-18 12:00 AM
1
nessus
nessus

FreeBSD : Arti -- Security issues related to circuit construction (f393b5a7-1535-11ef-8064-c5610a6efffb)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the f393b5a7-1535-11ef-8064-c5610a6efffb advisory. In Tor Arti before 1.2.3, STUB circuits incorrectly have a length of 2 (with lite vanguards),...

7.5AI Score

EPSS

2024-05-18 12:00 AM
2
nessus
nessus

FreeBSD : OpenSSL -- Denial of Service vulnerability (b88aa380-1442-11ef-a490-84a93843eb75)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b88aa380-1442-11ef-a490-84a93843eb75 advisory. Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: ...

7.4AI Score

0.0004EPSS

2024-05-18 12:00 AM
10
impervablog
impervablog

The Importance of Bot Management in Your Marketing Strategy

Marketing teams need a comprehensive bot management solution to address the challenges posed by bot traffic and protect marketing analytics. Bot management is designed to protect marketing efforts from bot-generated invalid traffic by accurately and efficiently classifying traffic and stopping...

7AI Score

2024-05-17 11:33 PM
6
nvd
nvd

CVE-2024-5069

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Online Mens Salon Management System 1.0. Affected by this issue is some unknown functionality of the file view_service.php. The manipulation of the argument id leads to sql injection. The attack may be...

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-17 09:15 PM
1
cve
cve

CVE-2024-5069

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Online Mens Salon Management System 1.0. Affected by this issue is some unknown functionality of the file view_service.php. The manipulation of the argument id leads to sql injection. The attack may be...

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-17 09:15 PM
26
vulnrichment
vulnrichment

CVE-2024-5069 SourceCodester Simple Online Mens Salon Management System view_service.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Online Mens Salon Management System 1.0. Affected by this issue is some unknown functionality of the file view_service.php. The manipulation of the argument id leads to sql injection. The attack may be...

6.3CVSS

7.3AI Score

0.0004EPSS

2024-05-17 09:00 PM
2
cvelist
cvelist

CVE-2024-5069 SourceCodester Simple Online Mens Salon Management System view_service.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Online Mens Salon Management System 1.0. Affected by this issue is some unknown functionality of the file view_service.php. The manipulation of the argument id leads to sql injection. The attack may be...

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-17 09:00 PM
nvd
nvd

CVE-2024-5065

A vulnerability classified as critical has been found in PHPGurukul Online Course Registration System 3.1. Affected is an unknown function of the file /onlinecourse/. The manipulation of the argument regno leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

7.3CVSS

7.6AI Score

0.0004EPSS

2024-05-17 08:15 PM
nvd
nvd

CVE-2024-5066

A vulnerability classified as critical was found in PHPGurukul Online Course Registration System 3.1. Affected by this vulnerability is an unknown functionality of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. The attack can be launched...

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-17 08:15 PM
cve
cve

CVE-2024-5066

A vulnerability classified as critical was found in PHPGurukul Online Course Registration System 3.1. Affected by this vulnerability is an unknown functionality of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. The attack can be launched...

6.3CVSS

7.4AI Score

0.0004EPSS

2024-05-17 08:15 PM
25
cve
cve

CVE-2024-5065

A vulnerability classified as critical has been found in PHPGurukul Online Course Registration System 3.1. Affected is an unknown function of the file /onlinecourse/. The manipulation of the argument regno leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

7.3CVSS

7.4AI Score

0.0004EPSS

2024-05-17 08:15 PM
25
cvelist
cvelist

CVE-2024-5066 PHPGurukul Online Course Registration System pincode-verification.php sql injection

A vulnerability classified as critical was found in PHPGurukul Online Course Registration System 3.1. Affected by this vulnerability is an unknown functionality of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. The attack can be launched...

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-17 08:00 PM
cvelist
cvelist

CVE-2024-5065 PHPGurukul Online Course Registration System sql injection

A vulnerability classified as critical has been found in PHPGurukul Online Course Registration System 3.1. Affected is an unknown function of the file /onlinecourse/. The manipulation of the argument regno leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

7.3CVSS

7.6AI Score

0.0004EPSS

2024-05-17 08:00 PM
vulnrichment
vulnrichment

CVE-2024-5065 PHPGurukul Online Course Registration System sql injection

A vulnerability classified as critical has been found in PHPGurukul Online Course Registration System 3.1. Affected is an unknown function of the file /onlinecourse/. The manipulation of the argument regno leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

7.3CVSS

7.4AI Score

0.0004EPSS

2024-05-17 08:00 PM
cve
cve

CVE-2024-5064

A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been rated as critical. This issue affects some unknown processing of the file news-details.php. The manipulation of the argument nid leads to sql injection. The attack may be initiated remotely. The exploit has.....

7.3CVSS

7.3AI Score

0.0004EPSS

2024-05-17 07:15 PM
26
nvd
nvd

CVE-2024-5064

A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been rated as critical. This issue affects some unknown processing of the file news-details.php. The manipulation of the argument nid leads to sql injection. The attack may be initiated remotely. The exploit has.....

7.3CVSS

7.5AI Score

0.0004EPSS

2024-05-17 07:15 PM
nvd
nvd

CVE-2024-5063

A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely....

7.3CVSS

7.5AI Score

0.0004EPSS

2024-05-17 07:15 PM
cve
cve

CVE-2024-5063

A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely....

7.3CVSS

7.5AI Score

0.0004EPSS

2024-05-17 07:15 PM
26
vulnrichment
vulnrichment

CVE-2024-5064 PHPGurukul Online Course Registration System news-details.php sql injection

A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been rated as critical. This issue affects some unknown processing of the file news-details.php. The manipulation of the argument nid leads to sql injection. The attack may be initiated remotely. The exploit has.....

7.3CVSS

7.3AI Score

0.0004EPSS

2024-05-17 06:31 PM
cvelist
cvelist

CVE-2024-5064 PHPGurukul Online Course Registration System news-details.php sql injection

A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been rated as critical. This issue affects some unknown processing of the file news-details.php. The manipulation of the argument nid leads to sql injection. The attack may be initiated remotely. The exploit has.....

7.3CVSS

7.5AI Score

0.0004EPSS

2024-05-17 06:31 PM
cvelist
cvelist

CVE-2024-5063 PHPGurukul Online Course Registration System index.php sql injection

A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely....

7.3CVSS

7.5AI Score

0.0004EPSS

2024-05-17 06:31 PM
vulnrichment
vulnrichment

CVE-2024-5063 PHPGurukul Online Course Registration System index.php sql injection

A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely....

7.3CVSS

7.5AI Score

0.0004EPSS

2024-05-17 06:31 PM
hackread
hackread

Breach Forums Admin ShinyHunters Claims Domain Reclaimed from FBI

By Waqas Breach Forums, a notorious cybercrime hub, could be back online with the same domain even after the FBI seizure. Hackers claim to have regained access to the clear web domain, while the dark web version remains in a tug-of-war. This is a post from HackRead.com Read the original post:...

7.2AI Score

2024-05-17 03:45 PM
7
cve
cve

CVE-2024-34919

An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted...

7.7AI Score

EPSS

2024-05-17 02:15 PM
25
nvd
nvd

CVE-2024-34919

An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted...

7.4AI Score

EPSS

2024-05-17 02:15 PM
cve
cve

CVE-2024-5046

A vulnerability was found in SourceCodester Online Examination System 1.0. It has been rated as critical. This issue affects some unknown processing of the file registeracc.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has...

7.3CVSS

7.3AI Score

0.0004EPSS

2024-05-17 01:15 PM
23
nvd
nvd

CVE-2024-5046

A vulnerability was found in SourceCodester Online Examination System 1.0. It has been rated as critical. This issue affects some unknown processing of the file registeracc.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has...

7.3CVSS

7.5AI Score

0.0004EPSS

2024-05-17 01:15 PM
cve
cve

CVE-2024-5045

A vulnerability was found in SourceCodester Online Birth Certificate Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin. The manipulation leads to files or directories accessible. The attack can be initiated remotely. The exploit.....

5.3CVSS

7AI Score

0.0004EPSS

2024-05-17 01:15 PM
24
nvd
nvd

CVE-2024-5045

A vulnerability was found in SourceCodester Online Birth Certificate Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin. The manipulation leads to files or directories accessible. The attack can be initiated remotely. The exploit.....

5.3CVSS

5.4AI Score

0.0004EPSS

2024-05-17 01:15 PM
cvelist
cvelist

CVE-2024-5046 SourceCodester Online Examination System registeracc.php sql injection

A vulnerability was found in SourceCodester Online Examination System 1.0. It has been rated as critical. This issue affects some unknown processing of the file registeracc.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has...

7.3CVSS

7.5AI Score

0.0004EPSS

2024-05-17 01:00 PM
cvelist
cvelist

CVE-2024-5045 SourceCodester Online Birth Certificate Management System admin file access

A vulnerability was found in SourceCodester Online Birth Certificate Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin. The manipulation leads to files or directories accessible. The attack can be initiated remotely. The exploit.....

5.3CVSS

5.4AI Score

0.0004EPSS

2024-05-17 12:31 PM
1
vulnrichment
vulnrichment

CVE-2024-5045 SourceCodester Online Birth Certificate Management System admin file access

A vulnerability was found in SourceCodester Online Birth Certificate Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin. The manipulation leads to files or directories accessible. The attack can be initiated remotely. The exploit.....

5.3CVSS

7.1AI Score

0.0004EPSS

2024-05-17 12:31 PM
1
nvd
nvd

CVE-2023-51479

Improper Privilege Management vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through...

8.8CVSS

8.8AI Score

0.0004EPSS

2024-05-17 09:15 AM
cve
cve

CVE-2023-51479

Improper Privilege Management vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through...

8.8CVSS

6.8AI Score

0.0004EPSS

2024-05-17 09:15 AM
34
thn
thn

Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks

The Kimsuky (aka Springtail) advanced persistent threat (APT) group, which is linked to North Korea's Reconnaissance General Bureau (RGB), has been observed deploying a Linux version of its GoBear backdoor as part of a campaign targeting South Korean organizations. The backdoor, codenamed Gomir,...

8.1AI Score

2024-05-17 08:46 AM
1
cvelist
cvelist

CVE-2023-51479 WordPress Build App Online plugin <= 1.0.19 - Authenticated Privilege Escalation vulnerability

Improper Privilege Management vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through...

8.8CVSS

8.8AI Score

0.0004EPSS

2024-05-17 08:43 AM
vulnrichment
vulnrichment

CVE-2023-51479 WordPress Build App Online plugin <= 1.0.19 - Authenticated Privilege Escalation vulnerability

Improper Privilege Management vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through...

8.8CVSS

7AI Score

0.0004EPSS

2024-05-17 08:43 AM
talosblog
talosblog

Rounding up some of the major headlines from RSA

While I one day wish to make it to the RSA Conference in person, I've never had the pleasure of making the trek to San Francisco for one of the largest security conferences in the U.S. Instead, I had to watch from afar and catch up on the internet every day like the common folk. This at least...

7.8CVSS

7.6AI Score

0.001EPSS

2024-05-16 06:00 PM
8
wordfence
wordfence

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 6, 2024 to May 12, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 184 vulnerabilities disclosed in 146...

10CVSS

9.5AI Score

EPSS

2024-05-16 01:04 PM
23
ics
ics

GE Healthcare Ultrasound Products (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: low attack complexity Vendor: GE Healthcare Equipment: Ultrasound Products Vulnerability: Protection Mechanism Failure, Incorrect User Management 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker with...

7.4CVSS

7AI Score

0.001EPSS

2024-05-16 12:00 PM
44
ics
ics

Siemens SIMATIC RTLS Locating Manager

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....

10CVSS

9.2AI Score

0.009EPSS

2024-05-16 12:00 PM
11
malwarebytes
malwarebytes

Scammers can easily phish your multi-factor authentication codes. Here&#8217;s how to avoid it

More and more websites and services are making multi-factor-authentication (MFA) mandatory, which makes it much harder for cybercriminals to access your accounts. That's a great thing. But as security evolves, so do cybercriminals who are always looking for new ways to scam us. A type of phishing.....

7.5AI Score

2024-05-16 11:45 AM
9
cve
cve

CVE-2024-4223

The Tutor LMS plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.7.0. This makes it possible for unauthenticated attackers to add, modify, or delete...

9.8CVSS

6.6AI Score

0.001EPSS

2024-05-16 09:15 AM
26
cve
cve

CVE-2024-4946

A vulnerability was found in SourceCodester Online Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin/adminHome.php. The manipulation of the argument sliderpic leads to unrestricted upload. The attack...

6.3CVSS

6.8AI Score

0.0004EPSS

2024-05-16 06:15 AM
23
nvd
nvd

CVE-2024-4946

A vulnerability was found in SourceCodester Online Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin/adminHome.php. The manipulation of the argument sliderpic leads to unrestricted upload. The attack...

6.3CVSS

6.5AI Score

0.0004EPSS

2024-05-16 06:15 AM
cve
cve

CVE-2024-4318

The Tutor LMS plugin for WordPress is vulnerable to time-based SQL Injection via the ‘question_id’ parameter in versions up to, and including, 2.7.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for.....

8.8CVSS

7.1AI Score

0.001EPSS

2024-05-16 06:15 AM
26
cve
cve

CVE-2024-4279

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference to Arbitrary Course Deletion in versions up to, and including, 2.7.0 via the 'tutor_course_delete' function due to missing validation on a user controlled key. This can allow....

6.5CVSS

6.5AI Score

0.001EPSS

2024-05-16 06:15 AM
24
nvd
nvd

CVE-2024-4279

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference to Arbitrary Course Deletion in versions up to, and including, 2.7.0 via the 'tutor_course_delete' function due to missing validation on a user controlled key. This can allow....

6.5CVSS

6.6AI Score

0.001EPSS

2024-05-16 06:15 AM
Total number of security vulnerabilities42683