Unbreakable Enterprise kernel security update
[4.1.12-124.84.2] - netfilter: nf_tables: reject QUEUE/DROP verdict parameters (Florian Westphal) [Orabug: 36251327] {CVE-2024-1086} [4.1.12-124.84.1] - mm: avoid conflict between MADV_DOEXEC and upstream advice values (Anthony Yznaga) [Orabug: 36334311] - kobject: Fix slab-out-of-bounds in...
7.8CVSS
7.2AI Score
0.002EPSS
7.4AI Score
Teleport: SSRF in region parameter that leads to AWS Teleport role AWS account takeover
You have an Integration page in Teleport where one of the options is AWS OIDC which will allow people in Teleport to add resources fluently without actually having initial access to these resources or installing any agents on them. You will need to have connected and ready OIDC integration with...
7.3AI Score
[SECURITY] Fedora 38 Update: suricata-6.0.17-1.fc38
The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...
7.2AI Score
[SECURITY] Fedora 39 Update: suricata-6.0.17-1.fc39
The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...
7.2AI Score
[SECURITY] Fedora 40 Update: suricata-7.0.4-1.fc40
The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...
7.2AI Score
R2Frida - Radare2 And Frida Better Together
This is a self-contained plugin for radare2 that allows to instrument remote processes using frida. The radare project brings a complete toolchain for reverse engineering, providing well maintained functionalities and extend its features with other programming languages and tools. Frida is a...
7.4AI Score
SUSE SLES15 Security Update : kernel (Live Patch 11 for SLE 15 SP4) (SUSE-SU-2024:1063-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1063-1 advisory. An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect...
7CVSS
6.9AI Score
0.001EPSS
Exploit for Embedded Malicious Code in Tukaani Xz
CVE-2024-3094 XZ-Utils Vulnerability Checker and Fixer...
10CVSS
9.6AI Score
0.133EPSS
Un-sanitized metric name or labels can be used to take over exported metrics
Impact In code which applies un-sanitized string values into metric names or labels, like this: swift let lang = try? request.query-get(String.self, at: "lang") Counter ( label: "language", dimensions: [("lang", lang ?? "unknown" )] ) an attacker could make use of this and send a ?lang query...
5.9CVSS
6.9AI Score
0.0004EPSS
Un-sanitized metric name or labels can be used to take over exported metrics
Impact In code which applies un-sanitized string values into metric names or labels, like this: swift let lang = try? request.query-get(String.self, at: "lang") Counter ( label: "language", dimensions: [("lang", lang ?? "unknown" )] ) an attacker could make use of this and send a ?lang query...
5.9CVSS
6.9AI Score
0.0004EPSS
[slackware-security] coreutils
New coreutils packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/coreutils-9.5-i586-1_slack15.0.txz: Upgraded. chmod -R now avoids a race where an attacker may replace a traversed file with a...
5.5CVSS
7AI Score
0.0004EPSS
5.5CVSS
5.7AI Score
0.0004EPSS
7.8CVSS
7.1AI Score
0.0004EPSS
SUSE SLES15 Security Update : kernel (Live Patch 5 for SLE 15 SP5) (SUSE-SU-2024:1045-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1045-1 advisory. An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation...
8.2CVSS
8AI Score
0.001EPSS
SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP5) (SUSE-SU-2024:1039-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1039-1 advisory. There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the...
8.2CVSS
7.8AI Score
0.001EPSS
PanelSwWix4.Sdk is vulnerable to Untrusted Search Path. The vulnerability is due to Burn's practice of copying binaries to the unprotected C:\Windows\Temp directory and running them from that unprotected location. This directory is not adequately protected against low privilege user modifications,....
7AI Score
SUSE SLES15 Security Update : kernel (Live Patch 2 for SLE 15 SP5) (SUSE-SU-2024:1023-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1023-1 advisory. An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation...
8.2CVSS
7.4AI Score
0.001EPSS
7.8CVSS
7.2AI Score
0.0004EPSS
SUSE SLES15 Security Update : kernel RT (Live Patch 1 for SLE 15 SP5) (SUSE-SU-2024:0995-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0995-1 advisory. An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation...
8.2CVSS
7.4AI Score
0.001EPSS
7.8CVSS
7.4AI Score
0.0004EPSS
SUSE SLES15 Security Update : kernel RT (Live Patch 5 for SLE 15 SP5) (SUSE-SU-2024:0986-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0986-1 advisory. An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation...
8.2CVSS
7.6AI Score
0.001EPSS
libreoffice security fix update
[6.4.7.2-16.0.1] - Replace colors with Oracle colors [Orabug: 32120093] - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. [1:6.4.7.2-16] - Fix CVE-2023-6185 escape url passed to gstreamer - Fix CVE-2023-6186 check link target...
8.8CVSS
6.6AI Score
0.001EPSS
Summary APM WebSphere Application Server Agent, APM Tomcat Agent, APM SAP NetWeaver Java Stack Agent, APM WebLogic Agent and APM Data Collector for J2SE are vulnerable to okio-1.13.0.jar CVE-2023-3635. The workaround includes okio-1.13.0.jar upgraded to okio-3.5.0.jar . Vulnerability Details **...
7.5CVSS
7.4AI Score
0.001EPSS
Security Vulnerability in Saflok’s RFID-Based Keycard Locks
It's pretty devastating: Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security vulnerabilities that would allow a hacker to almost instantly open several models of.....
7.7AI Score
Exploit for Out-of-bounds Write in Google Android
Fluoride Bluetooth stack Building and running on AOSP...
9.8CVSS
7.4AI Score
0.001EPSS
Sharepoint Dynamic Proxy Generator Remote Command Execution Exploit
This Metasploit module exploits two vulnerabilities in Sharepoint 2019 - an authentication bypass as noted in CVE-2023-29357 which was patched in June of 2023 and CVE-2023-24955 which was a remote command execution vulnerability patched in May of 2023. The authentication bypass allows attackers to....
9.8CVSS
8.1AI Score
0.89EPSS
10CVSS
7.4AI Score
0.873EPSS
9.8CVSS
7.4AI Score
0.89EPSS
Internet Bug Bounty: Path traversal by monkey-patching Buffer internals
Summary: In Node.js 20 and Node.js 21, the permission model protects itself against path traversal attacks by calling path.resolve() on any paths given by the user. If the path is to be treated as a Buffer, the implementation uses Buffer.from() to obtain a Buffer from the result of path.resolve().....
9.8CVSS
7AI Score
EPSS
getgrav/grav is vulnerable to Path Traversal. The vulnerability is due to missing .. sanitization of upload file paths, which allows an attacker to replace or create files with specific extensions such as .json, .zip, .css, .gif,...
8.8CVSS
6.8AI Score
0.0004EPSS
Snowflake Hive MetaStore Connector is vulnerable to Improper Privilege Management. The vulnerability is caused due to improper content validation within the add_snowflake_hive_metastore_connector_script_action.sh script, allowing a malicious actor to replace the valid content with malicious code,.....
4CVSS
6.6AI Score
0.0004EPSS
9.8CVSS
7AI Score
0.873EPSS
Simple Buttons Creator <= 1.04 - Unauthenticated Stored XSS
Description The plugin does not have any authorisation as well as CSRF in its add button function, allowing unauthenticated users to call them either directly or via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping, it could also allow them to perform Stored Cross-Site...
8.3AI Score
0.0004EPSS
Advance Search <= 1.1.6 - Shortcode Deletion via CSRF
Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF...
6.8AI Score
0.0004EPSS
Simple Buttons Creator <= 1.04 - Unauthenticated Stored XSS
Description The plugin does not have any authorisation as well as CSRF in its add button function, allowing unauthenticated users to call them either directly or via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping, it could also allow them to perform Stored Cross-Site...
8.4AI Score
0.0004EPSS
10CVSS
7.4AI Score
0.873EPSS
Advance Search <= 1.1.6 - Shortcode Deletion via CSRF
Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks PoC Make a logged in admin open the following HTML (replace FORM_ID with a valid ID): The security field isn't validated and the...
6.4AI Score
0.0004EPSS
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:0976-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0976-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after...
7.8CVSS
7.6AI Score
EPSS
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:0925-1)
The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0925-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free ...
7.8CVSS
7.7AI Score
EPSS
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:0926-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0926-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap...
7.8CVSS
7.4AI Score
EPSS
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:0977-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0977-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after...
7.8CVSS
8.3AI Score
EPSS
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:0975-1)
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0975-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap...
7.8CVSS
8.1AI Score
EPSS
Grav File Upload Path Traversal
Summary Grav is vulnerable to a file upload path traversal vulnerability, that can allow an adversary to replace or create files with extensions such as .json, .zip, .css, .gif, etc. This vulnerabiltiy can allow attackers to inject arbitrary code on the server, undermine integrity of backup files.....
8.8CVSS
9.4AI Score
0.0004EPSS
Grav File Upload Path Traversal
Summary Grav is vulnerable to a file upload path traversal vulnerability, that can allow an adversary to replace or create files with extensions such as .json, .zip, .css, .gif, etc. This vulnerabiltiy can allow attackers to inject arbitrary code on the server, undermine integrity of backup files.....
8.8CVSS
9.4AI Score
0.0004EPSS
Checkmk < 2.1.0p41, 2.2.x < 2.2.0p24, 2.3.x < 2.3.0b4 Multiple Privilege Escalation Vulnerabilities
Checkmk is prone to multiple privilege escalation ...
8.8CVSS
7.2AI Score
0.0004EPSS
Grav is an open-source, flat-file content management system. A file upload path traversal vulnerability has been identified in the application prior to version 1.7.45, enabling attackers to replace or create files with extensions like .json, .zip, .css, .gif, etc. This critical security flaw poses....
8.8CVSS
7.3AI Score
0.0004EPSS
Grav is an open-source, flat-file content management system. A file upload path traversal vulnerability has been identified in the application prior to version 1.7.45, enabling attackers to replace or create files with extensions like .json, .zip, .css, .gif, etc. This critical security flaw poses....
8.8CVSS
8.9AI Score
0.0004EPSS
Grav is an open-source, flat-file content management system. A file upload path traversal vulnerability has been identified in the application prior to version 1.7.45, enabling attackers to replace or create files with extensions like .json, .zip, .css, .gif, etc. This critical security flaw poses....
8.8CVSS
8.9AI Score
0.0004EPSS
CVE-2024-27921 Grav File Upload Path Traversal vulnerability
Grav is an open-source, flat-file content management system. A file upload path traversal vulnerability has been identified in the application prior to version 1.7.45, enabling attackers to replace or create files with extensions like .json, .zip, .css, .gif, etc. This critical security flaw poses....
8.8CVSS
9.1AI Score
0.0004EPSS