Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2024-1868)
The remote host is missing an update for the Huawei...
5.5CVSS
5.7AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1852)
The remote host is missing an update for the Huawei...
7.8CVSS
7.8AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1864)
The remote host is missing an update for the Huawei...
7.5CVSS
8.1AI Score
0.05EPSS
6.7AI Score
EPSS
7.8CVSS
8.9AI Score
EPSS
6.5CVSS
7.1AI Score
0.0005EPSS
7.1AI Score
0.0004EPSS
7AI Score
0.0004EPSS
6.7AI Score
0.0004EPSS
7.8CVSS
7.1AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
8.1CVSS
6.8AI Score
0.002EPSS
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1866)
The remote host is missing an update for the Huawei...
7.8CVSS
7.8AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1862)
The remote host is missing an update for the Huawei...
6.5CVSS
6.9AI Score
0.003EPSS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-24:04.openssh Security Advisory The FreeBSD Project Topic: OpenSSH pre-authentication remote code execution Category: contrib Module: openssh Announced:...
8.1CVSS
8.5AI Score
EPSS
Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can...
3.6CVSS
6.9AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
7AI Score
0.0004EPSS
7AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2024-1857)
The remote host is missing an update for the Huawei...
5.5CVSS
5.7AI Score
0.0005EPSS
Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1869)
The remote host is missing an update for the Huawei...
5.3CVSS
5.6AI Score
0.0005EPSS
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1873)
The remote host is missing an update for the Huawei...
8CVSS
8.2AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for less (EulerOS-SA-2024-1860)
The remote host is missing an update for the Huawei...
6.8AI Score
0.0004EPSS
6.7AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2024-1851)
The remote host is missing an update for the Huawei...
7.5CVSS
8.1AI Score
0.05EPSS
9.8CVSS
7.1AI Score
0.001EPSS
6.7AI Score
0.0004EPSS
7.5CVSS
7.1AI Score
0.0004EPSS
8.1CVSS
8.4AI Score
EPSS
RHEL 8 : pki-core (RHSA-2024:4179)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4179 advisory. The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System. Security Fix(es): * dogtag ca:...
7.5CVSS
7.6AI Score
0.0004EPSS
Exploit for Improper Preservation of Permissions in Mobyproject Moby
CVE-2021-41091 This exploit offers an in-depth look at the...
7.9AI Score
Polyfill.io Supply Chain Attack
The polyfill.js is a popular open-source library that supports older browsers. Thousands of sites embed it using the cdn[.]polyfill[.]io domain. In February 2024, a Chinese company (Funnull) bought the domain and the GitHub account. The company has modified Polyfill.js so malicious code would be...
7.7AI Score
SUSE SLES15 Security Update : frr (SUSE-SU-2024:2245-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2245-1 advisory. - CVE-2023-38406: Fixed nlri length of zero mishandling, aka 'flowspec overflow'. (bsc#1216900) - CVE-2023-47235: Fixed a crash on.....
9.8CVSS
7.9AI Score
0.001EPSS
Summary A cross-site request forgery vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2024-31902 DESCRIPTION: **IBM InfoSphere Information Server is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and.....
4.3CVSS
6.4AI Score
0.0004EPSS
Summary A vulnerability in Oracle MySQL Connectors used by InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2023-22102 DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Connectors related to the Connector/J component could allow a remote attacker to cause.....
8.3CVSS
5.8AI Score
0.001EPSS
Summary Multiple vulnerabilities in Open Container Initiative runc used by IBM InfoSphere Information Server were addressed. Vulnerability Details ** CVEID: CVE-2024-21626 DESCRIPTION: **Open Container Initiative runc could allow a remote attacker to bypass security restrictions, caused by an...
8.6CVSS
7.8AI Score
0.051EPSS
Summary A cross-site scripting vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2023-50964 DESCRIPTION: **IBM InfoSphere Information Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript...
5.4CVSS
5.9AI Score
0.0004EPSS
Summary IBM WebSphere Application Server is vulnerable to cross-site scripting in the administrative console. Vulnerability Details ** CVEID: CVE-2024-35153 DESCRIPTION: **IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed...
4.8CVSS
6.2AI Score
0.0004EPSS
Summary An improper error handling vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2023-50953 DESCRIPTION: **IBM InfoSphere Information Server could allow a remote attacker to obtain sensitive information when a detailed technical error...
5.4CVSS
5.8AI Score
0.0004EPSS
Summary A sensitive information disclosure vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2024-35119 DESCRIPTION: **IBM InfoSphere Information Server could allow a remote attacker to obtain sensitive information when a detailed technical...
5.3CVSS
6AI Score
0.0004EPSS
Summary A code execution vulnerability in Eclipse JGit used by InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2023-4759 DESCRIPTION: **Eclipse JGit could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of case...
8.8CVSS
7.6AI Score
0.001EPSS
Summary Multiple vulnerabilities in OpenSSL used by IBM InfoSphere Information Server were addressed. Vulnerability Details ** CVEID: CVE-2023-3817 DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a flaw when using the DH_check(), DH_check_ex() or EVP_PKEY_param_check()...
7.5CVSS
7.8AI Score
0.003EPSS
Summary An information exposure vulnerability in InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2023-50954 DESCRIPTION: **IBM InfoSphere Information Server returns sensitive information in URL information that could be used in further attacks against the system....
4.3CVSS
5.9AI Score
0.0004EPSS
Summary There are multiple vulnerabilities in IBM® WebSphere Application Server Liberty that is used by IBM InfoSphere Information Server. These are addressed. Vulnerability Details ** CVEID: CVE-2024-27268 DESCRIPTION: **IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.4 is...
5.9CVSS
7.7AI Score
0.0004EPSS
Summary A vulnerability in tqdm used by InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2024-34062 DESCRIPTION: **tqdm could allow a local authenticated attacker to execute arbitrary code on the system, caused by a CLI arguments injection . By sending a specially...
4.8CVSS
5.6AI Score
0.0004EPSS
Summary An insecure authorization vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2023-35022 DESCRIPTION: **IBM InfoSphere Information Server could allow a local user to update projects that they do not have the authorization to access. CVSS...
4CVSS
6.1AI Score
0.0004EPSS
Summary A stored cross-site scripting vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2024-28794 DESCRIPTION: **IBM InfoSphere Information Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary...
5.4CVSS
5.7AI Score
0.0004EPSS
Summary A vulnerability in Psf Requests used by InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2024-35195 DESCRIPTION: **Psf Requests could allow a local authenticated attacker to bypass security restrictions, caused by an incorrect control flow implementation...
5.6CVSS
6.1AI Score
0.0004EPSS
BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker with a valid join link to a meeting can trick BigBlueButton into generating a signed join link with additional parameters. One of those parameters may be "role=moderator", allowing an.....
4.6CVSS
0.0004EPSS
BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker may be able to exploit the overly elevated file permissions in the /usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0 directory with the goal of privilege...
3.7CVSS
4.1AI Score
0.0004EPSS