Big-ip (ltm, Aam,afm, Analytics, Apm Asm, Edge Gateway, Fps, Psm, Websafe) Security Vulnerabilities
7.6CVSS
6.7AI Score
0.0004EPSS
10CVSS
6.7AI Score
0.001EPSS
7.5CVSS
6.7AI Score
0.013EPSS
Aquatronica Control System 5.1.6 Password Disclosure Exploit
Aquatronica Control System version 5.1.6 has a tcp.php endpoint on the controller that is exposed to unauthenticated attackers over the network. This vulnerability allows remote attackers to send a POST request which can reveal sensitive configuration information, including plaintext passwords....
7.5AI Score
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
7.2AI Score
EPSS
CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN...
8.6CVSS
6.3AI Score
0.945EPSS
CVE-2024-24919 Bulk Scanner CVE-2024-24919 [Check Point...
8.6CVSS
6AI Score
0.945EPSS
Mass Auto Scanner for CVE-2024-24919 This script is designed to...
8.6CVSS
6.4AI Score
0.945EPSS
ip172.ip-51-255-15.eu Cross Site Scripting vulnerability OBB-3932087
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CVE-2024-24919 Exploit CVE Identifier: CVE-2024-24919...
8.6CVSS
6.2AI Score
0.945EPSS
CVE-2024-24919 Esse projeto tem como objetivo criar uma...
8.6CVSS
6.3AI Score
0.945EPSS
...
8.6CVSS
6.3AI Score
0.945EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : Java (SUSE-SU-2024:1874-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1874-1 advisory. This update for Java fixes thefollowing issues: apiguardian was updated to vesion 1.1.2: - Added...
7.5CVSS
8.2AI Score
0.005EPSS
7.5CVSS
7.1AI Score
EPSS
Exploit for CVE-2024-24919 Description This Python...
8.6CVSS
6.1AI Score
0.945EPSS
Moodle CSRF risk in analytics management of models
Actions in the admin management of analytics models did not include the necessary token to prevent a CSRF...
6.4AI Score
0.0004EPSS
Moodle CSRF risk in analytics management of models
Actions in the admin management of analytics models did not include the necessary token to prevent a CSRF...
6.4AI Score
0.0004EPSS
Actions in the admin management of analytics models did not include the necessary token to prevent a CSRF...
6.7AI Score
0.0004EPSS
Actions in the admin management of analytics models did not include the necessary token to prevent a CSRF...
6.4AI Score
0.0004EPSS
CVE-2024-34008 moodle: CSRF risk in analytics management of models
Actions in the admin management of analytics models did not include the necessary token to prevent a CSRF...
6.3AI Score
0.0004EPSS
6.7AI Score
0.001EPSS
Check Point Security Gateway Arbitrary File Read
This module leverages an unauthenticated arbitrary root file read vulnerability for Check Point Security Gateway appliances. When the IPSec VPN or Mobile Access blades are enabled on affected devices, traversal payloads can be used to read any files on the local file system. Password hashes read...
8.6CVSS
7.4AI Score
0.945EPSS
CVE-2024-24919 Exploit Overview This repository contains...
8.6CVSS
8.6AI Score
0.945EPSS
7.5AI Score
CVE-2024-24919 Exploit tool to validate CVE-2024-24919...
8.6CVSS
5.9AI Score
0.945EPSS
7.4AI Score
7.5AI Score
How to tell if a VPN app added your Windows device to a botnet
On May 29, 2024, the US Department of Justice (DOJ) announced it had dismantled what was likely the world’s largest botnet ever. This botnet, called “911 S5,” infected systems at over 19 million IP addresses across more than 190 countries. The main sources of income for the operators, who stole a.....
7.2AI Score
Server Side Request Forgery (SSRF)
ip is vulnerable to Server Side Request Forgery (SSRF). The vulnerability is due to some IP addresses being improperly categorized via the isPublic, isPrivate, and isLoopback methods, which allows an attacker to perform Server-Side Request Forgery (SSRF) if an application utilizes the library to...
6.8AI Score
EPSS
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: .....
6.4CVSS
6.1AI Score
0.0004EPSS
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
5.4CVSS
6.2AI Score
0.0004EPSS
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
5.4CVSS
5.5AI Score
0.0004EPSS
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
5.4CVSS
5.5AI Score
0.0004EPSS
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: .....
6.4CVSS
6AI Score
0.0004EPSS
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
5.4CVSS
6.2AI Score
0.0004EPSS
**Check Point Security Gateway RCE Exploit Tool...
8.6CVSS
7.2AI Score
0.945EPSS
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
5.4CVSS
5.5AI Score
0.0004EPSS
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
5.4CVSS
6.2AI Score
0.0004EPSS
CVE-2024-31908 IBM Planning Analytics Local cross-site scripting
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: .....
6.4CVSS
6AI Score
0.0004EPSS
Edge Computing Versus Cloud Computing: Key Similarities and Differences
Explore the use cases, similarities, and differences of edge computing and cloud...
7.3AI Score
CVE-2024-31889 IBM Planning Analytics Local cross-site scripting
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
5.4CVSS
5.5AI Score
0.0004EPSS
Ars0N-Framework - A Modern Framework For Bug Bounty Hunting
Howdy! My name is Harrison Richardson, or rs0n (arson) when I want to feel cooler than I really am. The code in this repository started as a small collection of scripts to help automate many of the common Bug Bounty hunting processes I found myself repeating. Over time, I built a simple web...
7AI Score
CVE-2024-24919-Check-Point-Remote-Access-VPN...
8.6CVSS
6.5AI Score
0.945EPSS
Check point:CVE-2024-24919 ...
8.6CVSS
6.5AI Score
0.945EPSS
New banking trojan “CarnavalHeist” targets Brazil with overlay attacks
Since February 2024, Cisco Talos has been observing an active campaign targeting Brazilian users with a new banking trojan called "CarnavalHeist." Many of the observed tactics, techniques and procedures (TTPs) are common among other banking trojans coming out of Brazil. This family has also been...
8AI Score
CVE-2024-24919-POC Read about it -...
8.6CVSS
6.5AI Score
0.945EPSS
CVE-2024-24919 Exploit script for...
8.6CVSS
6.3AI Score
0.945EPSS
CVE-2024-24919 An Vulnerability detection and Exploitation...
8.6CVSS
6.1AI Score
0.945EPSS
$$\ce{$\unicode[goombafont; color:red; pointer-events:...
8.6CVSS
8.7AI Score
0.945EPSS
CVE-2024-24919 Checker A simple bash script to check for the...
8.6CVSS
6.2AI Score
0.945EPSS