Fedora: Security Advisory for polymake (FEDORA-2023-9ef8a60a05)
The remote host is missing an update for...
7.8CVSS
8AI Score
0.0004EPSS
[SECURITY] Fedora 38 Update: polymake-4.10-2.fc38
Polymake is a tool to study the combinatorics and the geometry of convex polytopes and polyhedra. It is also capable of dealing with simplicial complexes, matroids, polyhedral fans, graphs, tropical objects, and so forth. Polymake can use various computational packages if they are installed....
7.8CVSS
6.5AI Score
0.0004EPSS
[SECURITY] Fedora 39 Update: polymake-4.11-2.fc39
Polymake is a tool to study the combinatorics and the geometry of convex polytopes and polyhedra. It is also capable of dealing with simplicial complexes, matroids, polyhedral fans, graphs, tropical objects, and so forth. Polymake can use various computational packages if they are installed....
7.8CVSS
7.3AI Score
0.0004EPSS
Fedora: Security Advisory for polymake (FEDORA-2023-c67f4dbf13)
The remote host is missing an update for...
7.8CVSS
8AI Score
0.0004EPSS
Apache UIMA Java SDK Deserialization of Untrusted Data, Improper Input Validation vulnerability
Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK. This issue affects Apache UIMA Java SDK before 3.5.0. Users are recommended to upgrade to version 3.5.0, which fixes the issue. There are several locations in the code where serialized Java objects.....
8.8CVSS
7.3AI Score
0.001EPSS
Apache UIMA Java SDK Deserialization of Untrusted Data, Improper Input Validation vulnerability
Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK. This issue affects Apache UIMA Java SDK before 3.5.0. Users are recommended to upgrade to version 3.5.0, which fixes the issue. There are several locations in the code where serialized Java objects.....
8.8CVSS
7.3AI Score
0.001EPSS
Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK.This issue affects Apache UIMA Java SDK: before 3.5.0. Users are recommended to upgrade to version 3.5.0, which fixes the issue....
8.8CVSS
8.6AI Score
0.001EPSS
Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK.This issue affects Apache UIMA Java SDK: before 3.5.0. Users are recommended to upgrade to version 3.5.0, which fixes the issue....
8.8CVSS
8.7AI Score
0.001EPSS
Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK.This issue affects Apache UIMA Java SDK: before 3.5.0. Users are recommended to upgrade to version 3.5.0, which fixes the issue....
8.8CVSS
0.001EPSS
Deserialization of untrusted data
Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK.This issue affects Apache UIMA Java SDK: before 3.5.0. Users are recommended to upgrade to version 3.5.0, which fixes the issue....
8.8CVSS
7.1AI Score
0.001EPSS
Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK.This issue affects Apache UIMA Java SDK: before 3.5.0. Users are recommended to upgrade to version 3.5.0, which fixes the issue....
8.9AI Score
0.001EPSS
From the Big Bang to Leonardo da Vinci, these socks have protected the cloud throughout...
7AI Score
vinci-immobilier-vaucluse.com Cross Site Scripting vulnerability OBB-3087382
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.2AI Score
vinci-archipel.com Improper Access Control vulnerability OBB-2274915
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.6AI Score
macOS 11’s hidden security improvements
A deep dive into macOS 11's internals reveals some security surprises that deserve to be more widely known. Contents Introduction Disclaimers macOS 11's better known security improvements Secret messages revealed? CPU security mitigation APIs The NO_SMT mitigation The TECS mitigation Who...
-0.3AI Score
An overview of targeted attacks and APTs on Linux
Perhaps unsurprisingly, a lot has been written about targeted attacks on Windows systems. Windows is, due to its popularity, the platform for which we discover most APT attack tools. At the same time, there's a widely held opinion that Linux is a secure-by-default operating system that isn't...
AI Score
0.974EPSS
uimaj is vulnerable to XML External Entity (XXE) attacks. The library does not disable document type declaration by default, allowing a malicious user to pass an XML file that can lead to arbitrary code execution or information...
6.5CVSS
7.1AI Score
0.001EPSS
jeporte1casque.com XSS vulnerability
Vulnerable URL: http://www.jeporte1casque.com/pub/Vinci-Toulouse-160x600-ClickTag.swf?clickTAG=javascript:alert(%27OPENBUGBOUNTY%27) Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 11198398 VIP website status:|...
6.3AI Score
QQ browser Wormable Browser vulnerability
Source link: http://blog.pangu.io/wormable-browser/ Vulnerability description Android QQ browser, QQ hot spots and other applications on the local wifi started, it will monitor local 8786 port, and listens to all local ip addresses. When the attacking party and the attacked party is on the same...
7.1AI Score
Troldesh ransomware influenced by (the) Da Vinci code
We at the MMPC are constantly tracking new and emerging ransomware threats so we can be one step ahead of active campaigns and help protect our users. As part of these efforts, we recently came across a new variant of the Win32/Troldesh ransomware family. Ransomware, like most malware, is...
6.8AI Score
Da Vinci Riddles: Mystery - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Da Vinci Riddles: Mystery published at the 'play' market has multiple...
1.2AI Score
The Gratta & Vinci? (aka com.dreamstep.wGrattaevinci) application 0.21.13167.93474 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...
6AI Score
0.001EPSS
The Gratta & Vinci? (aka com.dreamstep.wGrattaevinci) application 0.21.13167.93474 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...
5.9AI Score
0.001EPSS
The Gratta & Vinci? (aka com.dreamstep.wGrattaevinci) application 0.21.13167.93474 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...
6.4AI Score
0.001EPSS
The Gratta & Vinci? (aka com.dreamstep.wGrattaevinci) application 0.21.13167.93474 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...
5.9AI Score
0.001EPSS
Researchers Uncover Spying Tool Used by Governments to Hijack all Types of Smartphones
Purchasing malware to victimize people is illegal by laws but if the same thing any government official do, then its not!! Yes, the police forces around the World are following the footsteps of U.S. National Security Agency (NSA) and FBI. Researchers from the Citizen Lab at the Munk School of...
6.7AI Score
Remote Root Hole in FreeBSD Ports
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++GOBBLES+SECURITY+RESEARCH+TEAM+INCORPORATED+++++++++++++++++ ALERT! ALERT! MULTIPLATFORM REMOTE ROOT! ALERT! ALERT! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ include...
-0.8AI Score
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++GOBBLES+SECURITY+RESEARCH+TEAM+INCORPORATED+++++++++++++++++ ALERT! ALERT! FREEBSD LOCAL ROOT VULNERABILITY! ALERT! ALERT! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ...
-0.4AI Score