7.5AI Score
CVE-2024-27454 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server,...
7.5CVSS
7.7AI Score
0.0004EPSS
7.5AI Score
GHSA-PWR2-4V36-6QPR vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server,...
7.5AI Score
4.9CVSS
6AI Score
0.0004EPSS
4.9CVSS
6AI Score
0.0004EPSS
7.5AI Score
4.9CVSS
6AI Score
0.0004EPSS
7.5AI Score
7.5AI Score
Exploit for Path Traversal in Grafana
Grafana Decryptor for CVE-2021-43798 This script decrypts...
7.5CVSS
7.7AI Score
0.975EPSS
Exploit for Path Traversal in Grafana
Grafana Decryptor for CVE-2021-43798 This script decrypts...
7.5CVSS
7.7AI Score
0.975EPSS
8.1CVSS
8.1AI Score
0.0005EPSS
The server supports at least one cipher suite which is on the NCSC-NL list of cipher suites to be phased out, increasing the risk of cryptographic...
5.3CVSS
5.3AI Score
0.0004EPSS
The server supports at least one cipher suite which is on the NCSC-NL list of cipher suites to be phased out, increasing the risk of cryptographic...
5.3CVSS
0.0004EPSS
CVE-2024-36243 Arkcompiler Ets Runtime has an out-of-bounds read vulnerability
in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds read and...
8.2CVSS
EPSS
CVE-2023-41928 Remote server offers deprecated TLS protocol in Kiloview P1/P2 devices
The device is observed to accept deprecated TLS protocols, increasing the risk of cryptographic...
5.3CVSS
0.0004EPSS
CVE-2023-41927 Weak TLS Cipher Suites Supported in Kiloview P1/P2 devices
The server supports at least one cipher suite which is on the NCSC-NL list of cipher suites to be phased out, increasing the risk of cryptographic...
5.3CVSS
0.0004EPSS
In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of...
6.7CVSS
7.7AI Score
0.0004EPSS
In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists...
7.5CVSS
7.1AI Score
0.029EPSS
CVE-2024-6387 This script, created by R4Tw1z, is designed to...
8.1CVSS
8.1AI Score
0.0005EPSS
8.1CVSS
8.3AI Score
0.0005EPSS
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.8.1 via the 'map_style' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute...
8.8CVSS
8.9AI Score
0.001EPSS
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.8.1 via the 'map_style' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute...
8.8CVSS
0.001EPSS
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana (OnPrem) build 275. Vulnerability Details ** CVEID: CVE-2023-43804 DESCRIPTION: **urllib3 could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw with cookie request header not.....
8.8CVSS
9.9AI Score
0.732EPSS
Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware
A China-nexus cyber espionage group named Velvet Ant has been observed exploiting a zero-day flaw in Cisco NX-OS Software used in its switches to deliver malware. The vulnerability, tracked as CVE-2024-20399 (CVSS score: 6.0), concerns a case of command injection that allows an authenticated,...
9.8CVSS
8AI Score
0.002EPSS
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.8.1 via the 'map_style' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute...
8.8CVSS
0.001EPSS
Qualys Security Advisory regreSSHion: RCE in OpenSSH's server,...
9AI Score
OpenSSH CVE-2024-6387 Vulnerability Checker This Python script...
8.1CVSS
8.6AI Score
0.0005EPSS
9AI Score
Incorrect Default Permissions, Improper Preservation of Permissions vulnerability in Hitachi Ops Center Common Services allows File Manipulation.This issue affects Hitachi Ops Center Common Services: before...
5.1CVSS
5.4AI Score
0.0004EPSS
Incorrect Default Permissions, Improper Preservation of Permissions vulnerability in Hitachi Ops Center Common Services allows File Manipulation.This issue affects Hitachi Ops Center Common Services: before...
5.1CVSS
0.0004EPSS
Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible SNMP Agent for Windows, Hitachi JP1/Extensible SNMP Agent on Windows, Hitachi Job Management Partner1/Extensible SNMP Agent on Windows allows File Manipulation.This issue affects JP1/Extensible SNMP Agent for Windows: from 12-00....
7.8CVSS
7.7AI Score
0.0004EPSS
Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible SNMP Agent for Windows, Hitachi JP1/Extensible SNMP Agent on Windows, Hitachi Job Management Partner1/Extensible SNMP Agent on Windows allows File Manipulation.This issue affects JP1/Extensible SNMP Agent for Windows: from 12-00....
7.8CVSS
0.0004EPSS
CVE-2024-2819 File Permission Vulnerability in Hitachi Ops Center Common Services
Incorrect Default Permissions, Improper Preservation of Permissions vulnerability in Hitachi Ops Center Common Services allows File Manipulation.This issue affects Hitachi Ops Center Common Services: before...
5.1CVSS
0.0004EPSS
CVE-2024-4679 Folder Permission Vulnerability in JP1/Extensible SNMP Agent
Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible SNMP Agent for Windows, Hitachi JP1/Extensible SNMP Agent on Windows, Hitachi Job Management Partner1/Extensible SNMP Agent on Windows allows File Manipulation.This issue affects JP1/Extensible SNMP Agent for Windows: from 12-00....
7.8CVSS
0.0004EPSS
7.2AI Score
Summary Security vulnerabilities may affect IBM WebSphere Application Server Liberty shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the issues. Vulnerability Details ** CVEID: CVE-2024-25026 DESCRIPTION: **IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere...
7.5CVSS
6.8AI Score
0.0004EPSS
Summary TSSC/IMC is vulnerable to low availability, low integrity and low confidentiality due to Java SE. A patch has been provided that updates the Java SE library. CVE-2023-22006, CVE-2023-22036, CVE-2023-22041, CVE-2023-22045, CVE-2023-22049, CVE-2023-25193. Vulnerability Details ** CVEID:...
7.5CVSS
7.2AI Score
0.002EPSS
Security Bulletin: TSSC/IMC is vulnerable to aritrary code execution due to Linux Kernel
Summary TSSC/IMC is vulnerable to arbitrary code execution due to Linux Kernel. A patch that updates the Kernel library has been provided. CVE-2023-2002, CVE-2023-3090, CVE-2023-3390, CVE-2023-3776, CVE-2023-4004, CVE-2023-20593, CVE-2023-35001, CVE-2023-35788. Vulnerability Details ** CVEID:...
7.8CVSS
9.2AI Score
0.001EPSS
Security Bulletin: TSSC/IMC is vulnerable to arbitrary code execution due to systemd
Summary TSSC/IMC is vulnerable to arbitrary code execution due to systemd. A patch has been provided that updates the systemd library. CVE-2023-26604. Vulnerability Details ** CVEID: CVE-2023-26604 DESCRIPTION: **systemd could allow a local authenticated attacker to gain elevated privileges on...
7.8CVSS
7.4AI Score
0.0005EPSS
Security Bulletin: TSSC/IMC is vulnerable to arbitrary code execution due to Linux Kernel
Summary TSSC/IMC is vulnerable to aritrary code excecution due to kernel. A patch has been provided that updates the kernel library. CVE-2022-42896, CVE-2023-1281, CVE-2023-1829, CVE-2023-2124, CVE-2023-2194, CVE-2023-2235. Vulnerability Details ** CVEID: CVE-2022-42896 DESCRIPTION: **Linux...
8.8CVSS
8.5AI Score
0.001EPSS
K000140225: Codemirror vulnerability CVE-2020-7760
Security Advisory Description This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in...
7.5CVSS
6.5AI Score
0.015EPSS
Tuesday, July 2, 2024 Security Releases
Summary The Node.js project will release new versions of the 22.x, 20.x, 18.x releases lines on or shortly after, Tuesday, July 2, 2024 in order to address: 1 high severity issues. 1 medium severity issues. 3 low severity issues. Node.js fetch will be upgraded to undici v6.19.2 on Node.js 18.x...
7AI Score
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A vulnerability in versions prior to 6.5.7 and 7.1.0 allows SQL injection when Parse Server is configured to use the PostgreSQL database. The algorithm to detect SQL injection has been improved.....
9.8CVSS
0.0004EPSS
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A vulnerability in versions prior to 6.5.7 and 7.1.0 allows SQL injection when Parse Server is configured to use the PostgreSQL database. The algorithm to detect SQL injection has been improved.....
9.8CVSS
9.7AI Score
0.0004EPSS
Docker CLI leaks private registry credentials to registry-1.docker.io in github.com/docker/cli
Docker CLI leaks private registry credentials to registry-1.docker.io in...
7.5CVSS
7.1AI Score
0.001EPSS
Azure Identity Libraries Elevation of Privilege Vulnerability in...
5.5CVSS
6.7AI Score
0.0004EPSS
null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to version 2.4.60, which fixes this...
6.8AI Score
0.0004EPSS
Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Users are recommended to...
7AI Score
0.0004EPSS