A vulnerability, which was classified as critical, has been found in dst-admin 1.5.0. Affected by this issue is some unknown functionality of the file /home/kickPlayer. The manipulation of the argument userId leads to command injection. The attack may be launched remotely. The exploit has been...
7.5CVSS
7.9AI Score
0.001EPSS
A vulnerability classified as critical was found in dst-admin 1.5.0. Affected by this vulnerability is an unknown functionality of the file /home/cavesConsole. The manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit has been disclosed...
7.5CVSS
7.5AI Score
0.001EPSS
A vulnerability classified as critical was found in dst-admin 1.5.0. Affected by this vulnerability is an unknown functionality of the file /home/cavesConsole. The manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit has been disclosed...
7.5CVSS
7.1AI Score
0.001EPSS
A vulnerability classified as critical was found in dst-admin 1.5.0. Affected by this vulnerability is an unknown functionality of the file /home/cavesConsole. The manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit has been disclosed...
7.5CVSS
8AI Score
0.001EPSS
A vulnerability, which was classified as critical, was found in dst-admin 1.5.0. This affects an unknown part of the file /home/masterConsole. The manipulation of the argument command leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the.....
7.5CVSS
8AI Score
0.001EPSS
A vulnerability has been found in dst-admin 1.5.0 and classified as critical. This vulnerability affects unknown code of the file /home/sendBroadcast. The manipulation of the argument message leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the...
7.5CVSS
8AI Score
0.001EPSS
CVE-2023-0649 dst-admin sendBroadcast command injection
A vulnerability has been found in dst-admin 1.5.0 and classified as critical. This vulnerability affects unknown code of the file /home/sendBroadcast. The manipulation of the argument message leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the...
6.3CVSS
8.2AI Score
0.001EPSS
CVE-2023-0648 dst-admin masterConsole command injection
A vulnerability, which was classified as critical, was found in dst-admin 1.5.0. This affects an unknown part of the file /home/masterConsole. The manipulation of the argument command leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the.....
6.3CVSS
8.2AI Score
0.001EPSS
CVE-2023-0647 dst-admin kickPlayer command injection
A vulnerability, which was classified as critical, has been found in dst-admin 1.5.0. Affected by this issue is some unknown functionality of the file /home/kickPlayer. The manipulation of the argument userId leads to command injection. The attack may be launched remotely. The exploit has been...
6.3CVSS
8.1AI Score
0.001EPSS
CVE-2023-0646 dst-admin cavesConsole command injection
A vulnerability classified as critical was found in dst-admin 1.5.0. Affected by this vulnerability is an unknown functionality of the file /home/cavesConsole. The manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit has been disclosed...
6.3CVSS
8.2AI Score
0.001EPSS
Fedora: Security Advisory for bind (FEDORA-2023-95d98f89a8)
The remote host is missing an update for...
7.5CVSS
8AI Score
0.001EPSS
[SECURITY] Fedora 37 Update: bind-9.18.11-1.fc37
BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS.....
7.5CVSS
7.7AI Score
0.001EPSS
CentOS Errata and Security Advisory CESA-2023:0402 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying...
6.8CVSS
7.7AI Score
0.002EPSS
Incorrect Calculation of Buffer Size in function yank_copy_line
Description Incorrect Calculation of Buffer Size in function yank_copy_line at register.c:1468 vim version git log commit 657aea7fc47fb919ce76fad64ba0ec55a1af80f1 (HEAD -> master, tag: v9.0.1249, origin/master, origin/HEAD) POC ``` ./vim -u NONE -i NONE -n -m -X -Z -e -s -S...
6.6CVSS
6.9AI Score
0.001EPSS
[SECURITY] Fedora 37 Update: rust-exa-0.10.1-9.fc37
exa is a modern replacement for the command-line program ls that ships with Unix and Linux operating systems, with more features and better defaults. It uses colours to distinguish file types and metadata. It knows about symlinks, extended attributes, and Git. And it=EF=BF=BD=EF=BF =BD=EF=BF=BDs...
7.8CVSS
7.4AI Score
0.0005EPSS
ISC Releases Security Advisories for Multiple Versions of BIND 9
The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of the ISC’s Berkeley Internet Name Domain (BIND) 9. A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions and system...
7.5CVSS
2.5AI Score
0.001EPSS
Administrator of RSOCKS Proxy Botnet Pleads Guilty
Denis Emelyantsev, a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week. The plea comes just months after Emelyantsev was...
0.9AI Score
Kscan - Simple Asset Mapping Tool
0 Disclaimer (The author did not participate in the XX action, don't trace it ) This tool is only for legally authorized enterprise security construction behaviors and personal learning behaviors. If you need to test the usability of this tool, please build a target drone environment by...
-0.1AI Score
(RHSA-2023:0191) Moderate: java-17-openjdk security and bug fix update
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835) OpenJDK: soundbank URL remote loading (Sound, 8293742)...
0.7AI Score
0.001EPSS
-0.6AI Score
Siemens SIPROTEC 5 Devices Uncontrolled Resource Consumption (CVE-2022-45044)
A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP200) (All versions), SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions), SIPROTEC 5 6MD86 devices (CPU variant CP200) (All versions), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions), SIPROTEC 5...
5.7AI Score
0.001EPSS
bd-journal.com Cross Site Scripting vulnerability OBB-3128366
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
0.2AI Score
[SECURITY] Fedora 37 Update: protobuf-3.19.6-1.fc37
Protocol Buffers are a way of encoding structured data in an efficient yet extensible format. Google uses Protocol Buffers for almost all of its internal RPC protocols and file formats. Protocol buffers are a flexible, efficient, automated mechanism for serializing structured data...
7.5CVSS
6.8AI Score
0.002EPSS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....
5.3CVSS
6.1AI Score
0.001EPSS
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.50), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.50), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions < V9.50), SIPROTEC 5 6MD89 (CP30...
5.3CVSS
5.8AI Score
0.001EPSS
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.50), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.50), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions < V9.50), SIPROTEC 5 6MD89 (CP30...
5.3CVSS
0.001EPSS
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.50), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.50), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions < V9.50), SIPROTEC 5 6MD89 (CP30...
5.3CVSS
5.1AI Score
0.001EPSS
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.50), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.50), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions < V9.50), SIPROTEC 5 6MD89 (CP30...
5.3CVSS
5.5AI Score
0.001EPSS
[SECURITY] Fedora 37 Update: xfce4-places-plugin-1.8.3-1.fc37
A menu with quick access to folders, documents, and removable media. The Places plugin brings much of the functionality of GNOME=EF=BF=BD=EF=BF=BD=EF =BF=BDs Places menu to Xfce. It puts a simple button on the panel. Clicking on this button opens up a menu with 4 sections: 1) System-defined...
9.8CVSS
9.5AI Score
0.018EPSS
-0.5AI Score
7.1AI Score
[SECURITY] Fedora 37 Update: sfnt2woff-zopfli-1.3.1-3.fc37
This is a modified version of the sfnt2woff utility that uses Zopfli as a compression algorithm instead of zlib. This results in compression gains of =EF=BF=BD=EF=BF=BD=EF=BF=BD on average =EF=BF=BD=EF=BF=BD=EF=BF=BD 5-8% compared to regular WOFF files. Z opfli generates compressed output that is.....
7.2AI Score
[SECURITY] Fedora 36 Update: sfnt2woff-zopfli-1.3.1-3.fc36
This is a modified version of the sfnt2woff utility that uses Zopfli as a compression algorithm instead of zlib. This results in compression gains of =EF=BF=BD=EF=BF=BD=EF=BF=BD on average =EF=BF=BD=EF=BF=BD=EF=BF=BD 5-8% compared to regular WOFF files. Z opfli generates compressed output that is.....
7.2AI Score
[SECURITY] Fedora 35 Update: sfnt2woff-zopfli-1.3.1-3.fc35
This is a modified version of the sfnt2woff utility that uses Zopfli as a compression algorithm instead of zlib. This results in compression gains of =EF=BF=BD=EF=BF=BD=EF=BF=BD on average =EF=BF=BD=EF=BF=BD=EF=BF=BD 5-8% compared to regular WOFF files. Z opfli generates compressed output that is.....
7.2AI Score
A vulnerability classified as critical has been found in Teledyne FLIR AX8 up to 1.46.16. Affected is an unknown function of the file palette.php of the component Web Service Handler. The manipulation of the argument palette leads to command injection. It is possible to launch the attack remotely.....
9.8CVSS
9.8AI Score
0.003EPSS
A vulnerability classified as critical has been found in Teledyne FLIR AX8 up to 1.46.16. Affected is an unknown function of the file palette.php of the component Web Service Handler. The manipulation of the argument palette leads to command injection. It is possible to launch the attack remotely.....
9.8CVSS
0.003EPSS
A vulnerability classified as critical has been found in Teledyne FLIR AX8 up to 1.46.16. Affected is an unknown function of the file palette.php of the component Web Service Handler. The manipulation of the argument palette leads to command injection. It is possible to launch the attack remotely.....
9.8CVSS
9.8AI Score
0.003EPSS
CVE-2022-4364 Teledyne FLIR AX8 Web Service palette.php command injection
A vulnerability classified as critical has been found in Teledyne FLIR AX8 up to 1.46.16. Affected is an unknown function of the file palette.php of the component Web Service Handler. The manipulation of the argument palette leads to command injection. It is possible to launch the attack remotely.....
7.3CVSS
10AI Score
0.003EPSS
The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 (serial) port interface. If exploited, threat actors with physical access, specialized equipment and knowledge may be able to configure or disable the pump. No electronic protected health information (ePHI), protected...
5.3CVSS
4.9AI Score
0.001EPSS