RHEL 6 : freerdp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. freerdp: Out-of-bounds write in nsc_rle_decode() function (CVE-2018-8788) freerdp: Integer Overflow...
8.8AI Score
0.1EPSS
RHEL 6 : openjpeg (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openjpeg: Stack-buffer overflow in the pgxtoimage function (CVE-2017-17479) openjpeg: heap-based buffer...
9.1AI Score
0.087EPSS
RHEL 7 : etcd (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. etcd: Cross-site request forgery via crafted local POST forms (CVE-2018-1098) etcd: Information...
7.6AI Score
0.003EPSS
RHEL 5 : libdb (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libdb: Reads DB_CONFIG from the current working directory (CVE-2017-10140) Vulnerability in the Data...
6AI Score
0.001EPSS
RHEL 7 : openjpeg (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openjpeg: Stack-buffer overflow in the pgxtoimage function (CVE-2017-17479) openjpeg: heap-based buffer...
9.1AI Score
0.087EPSS
RHEL 6 : kernel (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: Buffer overflow due to unbounded strcpy in ISDN I4L driver (CVE-2017-12762) kernel: lack of port...
8.7AI Score
EPSS
RHEL 6 : mozilla (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Mozilla: Stack overflow due to incorrect parsing of SMTP server response codes (CVE-2020-26970) Mozilla:...
9.7AI Score
0.38EPSS
RHEL 6 : openssl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openssl: the c_rehash script allows command injection (CVE-2022-2068) Integer overflow in the...
9.2AI Score
0.895EPSS
RHEL 6 : libdb (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libdb: Reads DB_CONFIG from the current working directory (CVE-2017-10140) Vulnerability in the Data...
5.1AI Score
0.001EPSS
RHEL 6 : pyopenssl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. pyOpenSSL: Failure to release memory before removing last reference in PKCS #12 Store (CVE-2018-1000808) Note that...
6AI Score
0.003EPSS
CVE-2024-4213 Shopping Cart & eCommerce Store <= 5.6.4 - Sensitive Information Exposure
The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.6.4 via the order report functionality. This makes it possible for unauthenticated attackers to extract sensitive data including order details such as...
5.3CVSS
6.7AI Score
0.0005EPSS
CVE-2024-4213 Shopping Cart & eCommerce Store <= 5.6.4 - Sensitive Information Exposure
The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.6.4 via the order report functionality. This makes it possible for unauthenticated attackers to extract sensitive data including order details such as...
5.3CVSS
6.5AI Score
0.0005EPSS
Updated glibc packages fix security vulnerabilities
Stack-based buffer overflow in netgroup cache: If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. (CVE-2024-33599) Null pointer crashes after notfound response:...
7.9AI Score
0.0004EPSS
Sylius is an open source eCommerce platform. Prior to 1.12.16 and 1.13.1, there is a possibility to execute javascript code in the Admin panel. In order to perform an XSS attack input a script into Name field in which of the resources: Taxons, Products, Product Options or Product Variants. The...
6.1CVSS
6.2AI Score
0.0004EPSS
Shopping Cart & eCommerce Store < 5.6.5 - Sensitive Information Exposure
Description The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.6.4 via the order report functionality. This makes it possible for unauthenticated attackers to extract sensitive data including order...
5.3CVSS
6.3AI Score
0.0005EPSS
RHCOS 4 : OpenShift Container Platform 4.14.24 (RHSA-2024:2672)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2672 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of...
8.6CVSS
7.6AI Score
0.0005EPSS
Genie Path Traversal vulnerability via File Uploads
Overview Path Traversal Vulnerability via File Uploads in Genie Impact Any Genie OSS users running their own instance and relying on the filesystem to store file attachments submitted to the Genie application may be impacted. Using this technique, it is possible to write a file with any...
9.9CVSS
7.2AI Score
0.0004EPSS
Genie Path Traversal vulnerability via File Uploads
Overview Path Traversal Vulnerability via File Uploads in Genie Impact Any Genie OSS users running their own instance and relying on the filesystem to store file attachments submitted to the Genie application may be impacted. Using this technique, it is possible to write a file with any...
9.9CVSS
7.5AI Score
0.0004EPSS
The Porto Theme - Functionality plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.0 via the 'porto_portfolios' shortcode 'portfolio_layout' attribute. This makes it possible for authenticated attackers, with contributor-level and above...
8.8CVSS
9.4AI Score
0.001EPSS
The Porto Theme - Functionality plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.0.9 via the 'slideshow_type' post meta. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute...
8.8CVSS
9.4AI Score
0.001EPSS
The Porto Theme - Functionality plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.0 via the 'porto_portfolios' shortcode 'portfolio_layout' attribute. This makes it possible for authenticated attackers, with contributor-level and above...
8.8CVSS
7.6AI Score
0.001EPSS
CVE-2024-3806 Porto <= 7.1.0 - Unauthenticated Local File Inclusion via porto_ajax_posts
The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via the 'porto_ajax_posts' function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in.....
9.8CVSS
10AI Score
0.001EPSS
CVE-2024-3806 Porto <= 7.1.0 - Unauthenticated Local File Inclusion via porto_ajax_posts
The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via the 'porto_ajax_posts' function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in.....
9.8CVSS
7.9AI Score
0.001EPSS
The Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the General widget in all versions up to, and including, 3.14.3 due to insufficient input sanitization and output escaping. This...
6.4CVSS
6AI Score
0.0004EPSS
The Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the General widget in all versions up to, and including, 3.14.3 due to insufficient input sanitization and output escaping. This...
6.4CVSS
5.8AI Score
0.0004EPSS
CVE-2024-3807 Porto <= 7.1.0 - Authenticated (Contributor+) Local File Inclusion via Post Meta
The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via 'porto_page_header_shortcode_type', 'slideshow_type' and 'post_layout' post meta. This makes it possible for authenticated attackers, with contributor-level and above permissions, to....
8.8CVSS
9.1AI Score
0.001EPSS
CVE-2024-3807 Porto <= 7.1.0 - Authenticated (Contributor+) Local File Inclusion via Post Meta
The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via 'porto_page_header_shortcode_type', 'slideshow_type' and 'post_layout' post meta. This makes it possible for authenticated attackers, with contributor-level and above permissions, to....
8.8CVSS
7.6AI Score
0.001EPSS
With this new offering, Qualys establishes itself as the first and only vendor solution with the unique ability to scan AWS Bottlerocket instances directly using the Qualys Cloud Agent and TotalCloud Agent-less Snapshot-Based Scan. This innovative capability empowers organizations to...
7.6AI Score
CVE-2024-27397 netfilter: nf_tables: use timestamp to check for set element timeout
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to...
6.6AI Score
0.0004EPSS
CVE-2024-27397 netfilter: nf_tables: use timestamp to check for set element timeout
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to...
6.7AI Score
0.0004EPSS
Npgsql vulnerable to SQL Injection via Protocol Message Size Overflow
Summary The WriteBind() method in src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs uses int variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths becomes too large. This causes Npgsql to write a message size that is....
8.1CVSS
7.3AI Score
0.0005EPSS
Npgsql vulnerable to SQL Injection via Protocol Message Size Overflow
Summary The WriteBind() method in src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs uses int variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths becomes too large. This causes Npgsql to write a message size that is....
8.1CVSS
7.6AI Score
0.0005EPSS
CVE-2024-32655 Npgsql Vulnerable to SQL Injection via Protocol Message Size Overflow
Npgsql is the .NET data provider for PostgreSQL. The WriteBind() method in src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs uses int variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths becomes too large. This...
8.1CVSS
7.5AI Score
0.0005EPSS
CVE-2024-32655 Npgsql Vulnerable to SQL Injection via Protocol Message Size Overflow
Npgsql is the .NET data provider for PostgreSQL. The WriteBind() method in src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs uses int variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths becomes too large. This...
8.1CVSS
8.4AI Score
0.0005EPSS
Deserialization of Untrusted Data vulnerability in BdThemes Ultimate Store Kit Elementor Addons.This issue affects Ultimate Store Kit Elementor Addons: from n/a through...
5.4CVSS
6.2AI Score
0.0004EPSS
Deserialization of Untrusted Data vulnerability in BdThemes Ultimate Store Kit Elementor Addons.This issue affects Ultimate Store Kit Elementor Addons: from n/a through...
5.4CVSS
6.9AI Score
0.0004EPSS
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2024-1592)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we...
7.8CVSS
7AI Score
0.011EPSS
AlmaLinux 8 : git-lfs (ALSA-2024:2699)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:2699 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK...
7.3AI Score
0.0004EPSS
AlmaLinux 9 : git-lfs (ALSA-2024:2724)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:2724 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining...
8AI Score
0.0004EPSS
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2024-1570)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we...
7.8CVSS
7AI Score
0.011EPSS
Rocky Linux 8 : git-lfs (RLSA-2024:2699)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:2699 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK...
7.3AI Score
0.0004EPSS
Oracle Linux 8 : git-lfs (ELSA-2024-2699)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-2699 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK...
7.1AI Score
0.0004EPSS
PackRat is a post-exploitation module that gathers file and information artifacts from end users' systems. PackRat searches for and downloads files of interest (such as config files, and received and deleted emails) and extracts information (such as contacts and usernames and passwords), using...
7AI Score
Sylpheed email credential gatherer
PackRat is a post-exploitation module that gathers file and information artifacts from end users' systems. PackRat searches for and downloads files of interest (such as config files, and received and deleted emails) and extracts information (such as contacts and usernames and passwords), using...
7AI Score
The Fundamentals of Cloud Security Stress Testing
״Defenders think in lists, attackers think in graphs," said John Lambert from Microsoft, distilling the fundamental difference in mindset between those who defend IT systems and those who try to compromise them. The traditional approach for defenders is to list security gaps directly related to...
7.4AI Score
Oracle Linux 9 : golang (ELSA-2024-2562)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2562 advisory. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or...
7.5CVSS
7.9AI Score
0.0005EPSS
Halloy IRC credential gatherer
PackRat is a post-exploitation module that gathers file and information artifacts from end users' systems. PackRat searches for and downloads files of interest (such as config files, and received and deleted emails) and extracts information (such as contacts and usernames and passwords), using...
7AI Score
Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.71.8 allows local attackers to write arbitrary files with the privilege of Galaxy...
5.1CVSS
6.8AI Score
0.0004EPSS
Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.71.8 allows local attackers to write arbitrary files with the privilege of Galaxy...
5.1CVSS
5.3AI Score
0.0004EPSS
Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.71.8 allows local attackers to write arbitrary files with the privilege of Galaxy...
5.1CVSS
5.6AI Score
0.0004EPSS