Authentication Bypass by Spoofing vulnerability in wpdevart Coming soon and Maintenance mode allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coming soon and Maintenance mode: from n/a through...
3.7CVSS
4.3AI Score
0.0004EPSS
Authentication Bypass by Spoofing vulnerability in 10up Restricted Site Access allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Restricted Site Access: from n/a through...
5.3CVSS
7AI Score
0.0004EPSS
Authentication Bypass by Spoofing vulnerability in 10up Restricted Site Access allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Restricted Site Access: from n/a through...
5.3CVSS
5.3AI Score
0.0004EPSS
Snowflake Warns: Targeted Credential Theft Campaign Hits Cloud Customers
Cloud computing and analytics company Snowflake said a "limited number" of its customers have been singled out as part of a targeted campaign. "We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake's platform," the company.....
7.2AI Score
Authentication Bypass by Spoofing vulnerability in yonifre Maspik – Spam blacklist allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Maspik – Spam blacklist: from n/a through...
5.3CVSS
5.3AI Score
0.0004EPSS
Authentication Bypass by Spoofing vulnerability in yonifre Maspik – Spam blacklist allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Maspik – Spam blacklist: from n/a through...
5.3CVSS
7AI Score
0.0004EPSS
Authentication Bypass by Spoofing vulnerability in WP Maintenance allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Maintenance: from n/a through...
3.7CVSS
4.3AI Score
0.0004EPSS
Authentication Bypass by Spoofing vulnerability in WP Maintenance allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Maintenance: from n/a through...
3.7CVSS
7.2AI Score
0.0004EPSS
CVE-2023-47769 WordPress WP Maintenance plugin <= 6.1.3 - IP Filtering Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in WP Maintenance allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Maintenance: from n/a through...
3.7CVSS
4.3AI Score
0.0004EPSS
CVE-2023-47769 WordPress WP Maintenance plugin <= 6.1.3 - IP Filtering Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in WP Maintenance allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Maintenance: from n/a through...
3.7CVSS
7AI Score
0.0004EPSS
Exploit for Injection in Vm2 Project Vm2
CVE-2023-30547 vm2 is a sandbox that can run untrusted code...
10CVSS
6.8AI Score
0.002EPSS
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source IP address of traffic to a cluster, identifying external traffic as coming from the host on which.....
7.3CVSS
6.2AI Score
0.001EPSS
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to version 1.13.4, when Gateway API is enabled in Cilium, the absence of a check on the namespace in which a ReferenceGrant is created could result in Cilium unintentionally gaining visibility of...
5.3CVSS
6AI Score
0.0005EPSS
A local attacker with low privileges can read and modify any users files and cause a DoS in the working directory of the affected products due to exposure of resource to wrong...
7.8CVSS
6.8AI Score
0.0004EPSS
Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through...
5.3CVSS
7.2AI Score
0.0004EPSS
Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through...
5.3CVSS
5.3AI Score
0.0004EPSS
CVE-2023-41134 WordPress Antispam Bee plugin <= 2.11.3 - Country IP Restriction Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through...
5.3CVSS
5.3AI Score
0.0004EPSS
CVE-2023-41134 WordPress Antispam Bee plugin <= 2.11.3 - Country IP Restriction Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through...
5.3CVSS
7AI Score
0.0004EPSS
Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country Blocker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Download IP2Location Country Blocker: from n/a through...
5.3CVSS
5.3AI Score
0.0004EPSS
Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country Blocker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Download IP2Location Country Blocker: from n/a through...
5.3CVSS
7.2AI Score
0.0004EPSS
Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country Blocker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Download IP2Location Country Blocker: from n/a through...
5.3CVSS
5.3AI Score
0.0004EPSS
Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country Blocker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Download IP2Location Country Blocker: from n/a through...
5.3CVSS
7AI Score
0.0004EPSS
The Authorize.net Payment Gateway For WooCommerce plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 8.0. This is due to the plugin not properly verifying the authenticity of the request that updates a orders payment status. This makes it possible for...
5.3CVSS
5.2AI Score
0.0005EPSS
The Authorize.net Payment Gateway For WooCommerce plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 8.0. This is due to the plugin not properly verifying the authenticity of the request that updates a orders payment status. This makes it possible for...
5.3CVSS
7.2AI Score
0.0005EPSS
The Authorize.net Payment Gateway For WooCommerce plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 8.0. This is due to the plugin not properly verifying the authenticity of the request that updates a orders payment status. This makes it possible for...
5.3CVSS
5.2AI Score
0.0005EPSS
The Authorize.net Payment Gateway For WooCommerce plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 8.0. This is due to the plugin not properly verifying the authenticity of the request that updates a orders payment status. This makes it possible for...
5.3CVSS
6.9AI Score
0.0005EPSS
Takes in a ip list and you...
8.6CVSS
6.2AI Score
0.945EPSS
CVE-2024-24919 Name: CVE-2024-24919 Scanner Author:...
8.6CVSS
9.1AI Score
0.945EPSS
K000139897: Linux kernel vulnerability CVE-2023-42753
Security Advisory Description An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h->nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer...
7.8CVSS
6.4AI Score
0.0004EPSS
Chromium: CVE-2024-5499 Out of bounds write in Streams API
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...
6.1AI Score
0.0004EPSS
Chromium: CVE-2024-5498 Use after free in Presentation API
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...
6.1AI Score
0.0004EPSS
Chromium: CVE-2024-5497 Out of bounds memory access in Keyboard Inputs
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...
6.1AI Score
0.0004EPSS
Chromium: CVE-2024-5496 Use after free in Media Session
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...
6.1AI Score
0.0004EPSS
Chromium: CVE-2024-5495 Use after free in Dawn
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...
6.1AI Score
0.0004EPSS
Chromium: CVE-2024-5494 Use after free in Dawn
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...
6.1AI Score
0.0004EPSS
Chromium: CVE-2024-5493 Heap buffer overflow in WebRTC
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...
6.1AI Score
0.0004EPSS
CVE-2024-24919 Nmap script to check vulnerability...
8.6CVSS
6.2AI Score
0.945EPSS
PCI DSS 4.0: Get Audit-Ready for the New Requirements
The Payment Card Industry Data Security Standard (PCI DSS) originated in 2004 and is managed by the PCI Security Standards Council to ensure security for the global payment industry. This mandate applies to all entities worldwide that store, process, or transmit payment cardholder data or...
7.6AI Score
Summary Vulnerabilities contained within OpenSSL (a 3rd party component) were addressed in the IBM MaaS360 VPN Module. Vulnerabilities contained within Netty, Spring Framework and Eclipse Jetty (3rd party components) were addressed in the IBM MaaS360 Mobile Enterprise Gateway (MEG) Module. ...
8.1CVSS
7.3AI Score
0.002EPSS
In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix uninitialised kfifo If a line is requested with debounce, and that results in debouncing in software, and the line is subsequently reconfigured to enable edge detection then the allocation of the kfifo to...
6.5AI Score
0.0004EPSS
A flaw was found in node-ip. The fix for CVE-2023-42282 in the ip package for Node.js was incomplete, and the issue may still be triggered using some IP addresses. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product...
9.8CVSS
5.8AI Score
EPSS
CVE-2024-24919-PoC ![Screenshot of the exploit...
8.6CVSS
8.8AI Score
0.945EPSS
In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try to execute a napi...
6.5AI Score
0.0004EPSS
CVE-2024-24919-Exploit Overview This repository contains...
8.6CVSS
6.1AI Score
0.945EPSS
Summary IBM Maximo Application Suite - Edge Data Collector uses Gunicorn-20.1.0-py3-none-any.whl which is vulnerable to CVE-2024-1135 Vulnerability Details ** CVEID: CVE-2024-1135 DESCRIPTION: **Gunicorn is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP...
7.5CVSS
5.3AI Score
0.0004EPSS
Summary IBM Maximo Application Suite - Edge Data Collector uses mio-0.8.10.crate and mio-0.8.8.crate which is vulnerable to CVE-2024-27308 Vulnerability Details ** CVEID: CVE-2024-27308 DESCRIPTION: **Tokio Mio s vulnerable to a denial of service, caused by a use-after-free flaw due to tokens for.....
7.5CVSS
6.9AI Score
0.0004EPSS
Summary IBM Maximo Application Suite - Edge Data Collector uses openssl-src-300.2.1+3.2.0.crate which is vulnerable to CVE-2024-0727, CVE-2023-6129, and CVE-2023-6237 Vulnerability Details ** CVEID: CVE-2024-0727 DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by improper...
6.5CVSS
6.7AI Score
0.002EPSS
HawtIO 4.0.0 for Red Hat build of Apache Camel 4 GA Release is now available. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. spring-security: Broken Access Control in...
7.5AI Score
0.001EPSS
Active Exploits target Check Point Security Gateway Zero-Day Information Disclosure flaw Check Point Cybersecurity has issued hotfixes to address a zero-day vulnerability in its VPNs that has been exploited to gain remote access to firewalls and potentially infiltrate corporate networks. On...
8.6CVSS
6.3AI Score
0.945EPSS
IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics Targeted attacks Operation Triangulation: the final mystery Last June, we published a series of reports on Operation Triangulation, a previously unknown iOS malware...
7.8CVSS
6AI Score
0.003EPSS