RHEL 5 : php (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: buffer overflow in handling of long link names in tar phar archives (CVE-2016-2554) php:...
9.8CVSS
10AI Score
0.969EPSS
EulerOS 2.0 SP11 : unbound (EulerOS-SA-2024-1794)
According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the...
8CVSS
7.9AI Score
0.05EPSS
RHEL 7 : libndp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. libndp: buffer overflow flaw in DNS Search List (DNSSL) handling (CVE-2014-3554) Note that Nessus has not tested for...
7AI Score
0.014EPSS
RHEL 6 : c-ares (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. c-ares: Single byte out of buffer write (CVE-2016-5180) The c-ares function ares_parse_naptr_reply(),...
9.8CVSS
7.7AI Score
0.045EPSS
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1807)
The remote host is missing an update for the Huawei...
8CVSS
7AI Score
0.05EPSS
RHEL 8 : avahi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. avahi: Multicast DNS responds to unicast queries outside of local network (CVE-2017-6519) Note that Nessus has not...
9.1CVSS
6.8AI Score
0.056EPSS
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1783)
The remote host is missing an update for the Huawei...
7.5CVSS
7.1AI Score
0.05EPSS
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1795)
The remote host is missing an update for the Huawei...
7.5CVSS
7.1AI Score
0.05EPSS
Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1790)
The remote host is missing an update for the Huawei...
7.3CVSS
6.4AI Score
0.001EPSS
EulerOS 2.0 SP11 : libuv (EulerOS-SA-2024-1802)
According to the versions of the libuv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uv_getaddrinfo function in src/unix/getaddrinfo.c (and its...
7.3CVSS
7.3AI Score
0.001EPSS
Job For .local Domain Fails When Using Ubuntu-base VMware Backup Proxy
This issue occurs because .local is only intended for multicast DNS, and Ubuntu's default configuration prevents the use of .local for unicast DNS. As a result, the Ubuntu-based machine does not contact the network's DNS server when attempting to resolve .local...
7.1AI Score
RHEL 6 : nfs-utils (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. nfs-utils: rpc.gssd is vulnerable to DNS spoofing (CVE-2013-1923) Note that Nessus has not tested for this issue but...
6.5AI Score
0.006EPSS
RHEL 5 : cups (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. cups: code execution via unescape ANSI escape sequences (CVE-2014-8166) cups: incorrect string reference...
8.8CVSS
8.2AI Score
0.93EPSS
RHEL 5 : openldap (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openldap-servers: /usr/libexec/openldap/generate-server-cert.sh create world readable password file ...
7.5CVSS
6.3AI Score
0.281EPSS
RHEL 6 : django (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python-django: DNS rebinding vulnerability when 'DEBUG=True' (CVE-2016-9014) Django before 1.4.21, 1.5.x...
8.1CVSS
7.7AI Score
0.017EPSS
RHEL 6 : nagios (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. nagios: Configured administrative account with fixed password and no IP restriction as default ...
9.8CVSS
7.6AI Score
0.005EPSS
RHEL 7 : iproute (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. iproute: use-after-free in get_netnsid_from_name in ip/ipnetns.c (CVE-2019-20795) Note that Nessus has not tested...
4.4CVSS
7.4AI Score
0.0004EPSS
RHEL 6 : avahi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. avahi: Multicast DNS responds to unicast queries outside of local network (CVE-2017-6519) Note that Nessus has not...
9.1CVSS
9.1AI Score
0.056EPSS
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1794)
The remote host is missing an update for the Huawei...
8CVSS
7AI Score
0.05EPSS
Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2024-1784)
The remote host is missing an update for the Huawei...
7.5CVSS
7AI Score
0.05EPSS
EulerOS 2.0 SP11 : dnsmasq (EulerOS-SA-2024-1796)
According to the versions of the dnsmasq package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of...
7.5CVSS
8.1AI Score
0.05EPSS
Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1802)
The remote host is missing an update for the Huawei...
7.3CVSS
6.4AI Score
0.001EPSS
EulerOS 2.0 SP11 : libuv (EulerOS-SA-2024-1790)
According to the versions of the libuv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uv_getaddrinfo function in src/unix/getaddrinfo.c (and its...
7.3CVSS
7.3AI Score
0.001EPSS
RHEL 8 : iscsi-initiator-utils (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. iscsi-initiator-utils: Heap-based buffer overflow in process_iscsid_broadcast() (CVE-2017-17840) An...
7.5CVSS
8.3AI Score
0.002EPSS
RHEL 7 : iscsi-initiator-utils (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. iscsi-initiator-utils: Heap-based buffer overflow in process_iscsid_broadcast() (CVE-2017-17840) An...
7.5CVSS
7.8AI Score
0.002EPSS
ip SSRF improper categorization in isPublic
The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for...
9.8CVSS
6.2AI Score
EPSS
ip SSRF improper categorization in isPublic
The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for...
9.8CVSS
6.2AI Score
EPSS
CVE-2024-24919-Sniper ![CVE-2024-24919 Sniper...
8.6CVSS
6.2AI Score
0.945EPSS
Apache HugeGraph-Server - Remote Command Execution
Apache HugeGraph-Server is an open-source graph database that provides a scalable and high-performance solution for managing and analyzing large-scale graph data. It is commonly used in Java8 and Java11 environments. However, versions prior to 1.3.0 are vulnerable to a remote command execution...
6.5AI Score
0.001EPSS
CVE_2024_24919 Vulnerability Scanner This Java tool scans a...
8.6CVSS
6.1AI Score
0.945EPSS
CVE_2024_24919 Vulnerability Scanner This Java tool scans a...
8.6CVSS
6.1AI Score
0.945EPSS
[SECURITY] Fedora 39 Update: rust-local_ipaddress-0.1.3-8.fc39
Get your local IP address without...
7.1AI Score
10CVSS
6.7AI Score
0.001EPSS
7.5CVSS
6.7AI Score
0.013EPSS
Aquatronica Control System 5.1.6 Password Disclosure Exploit
Aquatronica Control System version 5.1.6 has a tcp.php endpoint on the controller that is exposed to unauthenticated attackers over the network. This vulnerability allows remote attackers to send a POST request which can reveal sensitive configuration information, including plaintext passwords....
7.5AI Score
ip172.ip-51-255-15.eu Cross Site Scripting vulnerability OBB-3932087
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CVE-2024-24919 Esse projeto tem como objetivo criar uma...
8.6CVSS
6.3AI Score
0.945EPSS
Oracle Linux 8 : container-tools:ol8 (ELSA-2024-3254)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3254 advisory. aardvark-dns buildah [2:1.33.7-1] - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 ...
8.6CVSS
6.9AI Score
0.002EPSS
7.5CVSS
7.1AI Score
EPSS
Oracle Linux 8 : idm:DL1 / and / idm:client (ELSA-2024-3267)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3267 advisory. bind-dyndb-ldap custodia ipa [4.9.13-9.0.1] - Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674] [9.4.13-9] - dcerpc:...
6.8CVSS
6.8AI Score
0.0004EPSS
6.7AI Score
0.001EPSS
CVE-2024-24919 Exploit Overview This repository contains...
8.6CVSS
8.6AI Score
0.945EPSS
7.5AI Score
CVE-2024-24919 Exploit tool to validate CVE-2024-24919...
8.6CVSS
5.9AI Score
0.945EPSS
7.4AI Score
How to tell if a VPN app added your Windows device to a botnet
On May 29, 2024, the US Department of Justice (DOJ) announced it had dismantled what was likely the world’s largest botnet ever. This botnet, called “911 S5,” infected systems at over 19 million IP addresses across more than 190 countries. The main sources of income for the operators, who stole a.....
7.2AI Score
Server Side Request Forgery (SSRF)
ip is vulnerable to Server Side Request Forgery (SSRF). The vulnerability is due to some IP addresses being improperly categorized via the isPublic, isPrivate, and isLoopback methods, which allows an attacker to perform Server-Side Request Forgery (SSRF) if an application utilizes the library to...
6.8AI Score
EPSS
Ars0N-Framework - A Modern Framework For Bug Bounty Hunting
Howdy! My name is Harrison Richardson, or rs0n (arson) when I want to feel cooler than I really am. The code in this repository started as a small collection of scripts to help automate many of the common Bug Bounty hunting processes I found myself repeating. Over time, I built a simple web...
7AI Score
Check point:CVE-2024-24919 ...
8.6CVSS
6.5AI Score
0.945EPSS
New banking trojan “CarnavalHeist” targets Brazil with overlay attacks
Since February 2024, Cisco Talos has been observing an active campaign targeting Brazilian users with a new banking trojan called "CarnavalHeist." Many of the observed tactics, techniques and procedures (TTPs) are common among other banking trojans coming out of Brazil. This family has also been...
8AI Score