Lucene search

K

Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Security Vulnerabilities

thn
thn

Grandoreiro Banking Trojan Hits Brazil as Smishing Scams Surge in Pakistan

Pakistan has become the latest target of a threat actor called the Smishing Triad, marking the first expansion of its footprint beyond the E.U., Saudi Arabia, the U.A.E., and the U.S. "The group's latest tactic involves sending malicious messages on behalf of Pakistan Post to customers of mobile...

7AI Score

2024-06-15 09:51 AM
12
nvd
nvd

CVE-2023-6696

The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 4.3.1. While some functions contain a nonce check,....

8.1CVSS

0.001EPSS

2024-06-15 02:15 AM
3
cve
cve

CVE-2024-2544

The Popup Builder plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on all AJAX actions. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform multiple unauthorized actions,...

7.4CVSS

7AI Score

0.0004EPSS

2024-06-15 02:15 AM
2
cve
cve

CVE-2023-6696

The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 4.3.1. While some functions contain a nonce check,....

8.1CVSS

8AI Score

0.001EPSS

2024-06-15 02:15 AM
3
cvelist
cvelist

CVE-2023-6696 Popup Builder – Create highly converting, mobile friendly marketing popups <= 4.3.1 - Missing Authorization and Nonce Exposure

The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 4.3.1. While some functions contain a nonce check,....

8.1CVSS

0.001EPSS

2024-06-15 02:02 AM
2
nvd
nvd

CVE-2024-6003

A vulnerability was found in Guangdong Baolun Electronics IP Network Broadcasting Service Platform 2.0. It has been classified as critical. Affected is an unknown function of the file /api/v2/maps. The manipulation of the argument orderColumn leads to sql injection. It is possible to launch the...

7.3CVSS

0.0004EPSS

2024-06-14 10:15 PM
3
cve
cve

CVE-2024-6003

A vulnerability was found in Guangdong Baolun Electronics IP Network Broadcasting Service Platform 2.0. It has been classified as critical. Affected is an unknown function of the file /api/v2/maps. The manipulation of the argument orderColumn leads to sql injection. It is possible to launch the...

7.3CVSS

7.5AI Score

0.0004EPSS

2024-06-14 10:15 PM
18
cvelist
cvelist

CVE-2024-6003 Guangdong Baolun Electronics IP Network Broadcasting Service Platform maps sql injection

A vulnerability was found in Guangdong Baolun Electronics IP Network Broadcasting Service Platform 2.0. It has been classified as critical. Affected is an unknown function of the file /api/v2/maps. The manipulation of the argument orderColumn leads to sql injection. It is possible to launch the...

7.3CVSS

0.0004EPSS

2024-06-14 09:31 PM
3
malwarebytes
malwarebytes

Truist bank confirms data breach

On Wednesday June 12, 2024, a well-known dark web data broker and cybercriminal acting under the name "Sp1d3r" offered a significant amount of data allegedly stolen from Truist Bank for sale. Truist is a US bank holding company and operates 2,781 branches in 15 states and Washington DC. By assets,....

7.7AI Score

2024-06-14 04:29 PM
5
nvd
nvd

CVE-2024-37643

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formPasswordAuth...

0.0004EPSS

2024-06-14 04:15 PM
2
cve
cve

CVE-2024-37642

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a command injection vulnerability via the ipv4_ping, ipv6_ping parameter at /formSystemCheck...

8AI Score

0.0004EPSS

2024-06-14 04:15 PM
10
nvd
nvd

CVE-2024-37645

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formSysLog...

0.0004EPSS

2024-06-14 04:15 PM
1
nvd
nvd

CVE-2024-37642

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a command injection vulnerability via the ipv4_ping, ipv6_ping parameter at /formSystemCheck...

0.0004EPSS

2024-06-14 04:15 PM
2
cve
cve

CVE-2024-37641

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow via the submit-url parameter at...

7.9AI Score

0.0004EPSS

2024-06-14 04:15 PM
9
cve
cve

CVE-2024-37643

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formPasswordAuth...

7.9AI Score

0.0004EPSS

2024-06-14 04:15 PM
10
cve
cve

CVE-2024-37645

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formSysLog...

7.9AI Score

0.0004EPSS

2024-06-14 04:15 PM
11
nvd
nvd

CVE-2024-37641

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow via the submit-url parameter at...

0.0004EPSS

2024-06-14 04:15 PM
1
nvd
nvd

CVE-2024-37644

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as...

0.0004EPSS

2024-06-14 03:15 PM
1
cve
cve

CVE-2024-37644

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as...

7.5AI Score

0.0004EPSS

2024-06-14 03:15 PM
10
cve
cve

CVE-2024-37640

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function...

7.9AI Score

0.0004EPSS

2024-06-14 02:15 PM
11
nvd
nvd

CVE-2024-37640

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function...

0.0004EPSS

2024-06-14 02:15 PM
3
cve
cve

CVE-2024-37637

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function...

7.9AI Score

0.0004EPSS

2024-06-14 02:15 PM
12
nvd
nvd

CVE-2024-37639

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function...

0.0004EPSS

2024-06-14 02:15 PM
3
nvd
nvd

CVE-2024-37637

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function...

0.0004EPSS

2024-06-14 02:15 PM
2
cve
cve

CVE-2024-37639

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function...

7.9AI Score

0.0004EPSS

2024-06-14 02:15 PM
11
thn
thn

Why Regulated Industries are Turning to Military-Grade Cyber Defenses

As cyber threats loom large and data breaches continue to pose increasingly significant risks. Organizations and industries that handle sensitive information and valuable assets make prime targets for cybercriminals seeking financial gain or strategic advantage. Which is why many highly regulated.....

7.2AI Score

2024-06-14 11:01 AM
4
thn
thn

North Korean Hackers Target Brazilian Fintech with Sophisticated Phishing Tactics

Threat actors linked to North Korea have accounted for one-third of all the phishing activity targeting Brazil since 2020, as the country's emergence as an influential power has drawn the attention of cyber espionage groups. "North Korean government-backed actors have targeted the Brazilian...

7.1AI Score

2024-06-14 06:45 AM
cvelist
cvelist

CVE-2024-37642

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a command injection vulnerability via the ipv4_ping, ipv6_ping parameter at /formSystemCheck...

0.0004EPSS

2024-06-14 12:00 AM
1
ubuntucve
ubuntucve

CVE-2024-0093

NVIDIA GPU software for Linux contains a vulnerability where it can expose sensitive information to an actor that is not explicitly authorized to have access to that information. A successful exploit of this vulnerability might lead to information disclosure. Notes Author| Note ---|--- mdeslaur |.....

6.5CVSS

6.9AI Score

0.0004EPSS

2024-06-14 12:00 AM
exploitdb

7.4AI Score

0.0004EPSS

2024-06-14 12:00 AM
55
packetstorm

7.2AI Score

0.0004EPSS

2024-06-14 12:00 AM
53
cvelist
cvelist

CVE-2024-37644

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as...

0.0004EPSS

2024-06-14 12:00 AM
packetstorm

7.2AI Score

0.0004EPSS

2024-06-14 12:00 AM
54
nessus
nessus

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2019-1)

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2019-1 advisory. The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following...

9.8CVSS

8.4AI Score

0.005EPSS

2024-06-14 12:00 AM
cvelist
cvelist

CVE-2024-37637

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function...

0.0004EPSS

2024-06-14 12:00 AM
cvelist
cvelist

CVE-2024-37639

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function...

0.0004EPSS

2024-06-14 12:00 AM
packetstorm

7.2AI Score

0.0004EPSS

2024-06-14 12:00 AM
54
cvelist
cvelist

CVE-2024-37643

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formPasswordAuth...

0.0004EPSS

2024-06-14 12:00 AM
cvelist
cvelist

CVE-2024-37641

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow via the submit-url parameter at...

0.0004EPSS

2024-06-14 12:00 AM
cvelist
cvelist

CVE-2024-37645

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formSysLog...

0.0004EPSS

2024-06-14 12:00 AM
cvelist
cvelist

CVE-2024-37640

TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function...

0.0004EPSS

2024-06-14 12:00 AM
1
nvd
nvd

CVE-2024-5951

Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this...

7.1CVSS

0.0004EPSS

2024-06-13 08:15 PM
4
nvd
nvd

CVE-2024-5952

Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability......

4.3CVSS

0.0004EPSS

2024-06-13 08:15 PM
2
cve
cve

CVE-2024-5951

Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this...

7.1CVSS

7AI Score

0.0004EPSS

2024-06-13 08:15 PM
15
cve
cve

CVE-2024-5952

Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability......

4.3CVSS

4.5AI Score

0.0004EPSS

2024-06-13 08:15 PM
13
nvd
nvd

CVE-2024-5950

Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...

8.8CVSS

0.0004EPSS

2024-06-13 08:15 PM
2
nvd
nvd

CVE-2024-5948

Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit....

8.8CVSS

0.0004EPSS

2024-06-13 08:15 PM
2
cve
cve

CVE-2024-5948

Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit....

8.8CVSS

9AI Score

0.0004EPSS

2024-06-13 08:15 PM
14
Total number of security vulnerabilities92195