CVE-2024-24919 Usage Usage: ./CVE-2024-24919.sh -i ...
8.6CVSS
6.3AI Score
0.945EPSS
CVE-2024-24919 Usage Usage: ./CVE-2024-24919.sh -i ...
8.6CVSS
6.3AI Score
0.945EPSS
7.4AI Score
HP LaserJet Printers XSS (HPSBPI03940)
Certain HP LaserJet Pro devices are potentially vulnerable to a Cross-Site Scripting (XSS) attack via the web management interface of the device. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
6.1AI Score
0.0004EPSS
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:1870-1)
The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1870-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following...
7.8CVSS
8.9AI Score
EPSS
Rockwell Studio 5000 Logix Designer < V34 Code Hiding
The version of Rockwell Studio 5000 Logix Designer installed on the remote Windows host is prior to V34. It is, therefore, affected by a vulnerability. An attacker who achieves administrator access on a workstation running Studio 5000 Logix Designer could inject controller code undetectable...
7.7CVSS
7.4AI Score
0.001EPSS
Lexmark CX331adwe Firmware Downgrade Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /usr/bin/hydra service, which listens on TCP port 9100 by...
7.3AI Score
EPSS
K000139859: Envoy vulnerability CVE-2024-30255
Security Advisory Description Envoy is a cloud-native, open source edge and service proxy. The HTTP/2 protocol stack in Envoy versions prior to 1.29.3, 1.28.2, 1.27.4, and 1.26.8 are vulnerable to CPU exhaustion due to flood of CONTINUATION frames. Envoy's HTTP/2 codec allows the client to send an....
5.3CVSS
6.7AI Score
0.0004EPSS
CVE-2024-24919 Quick and simple script that takes as input a...
8.6CVSS
6.2AI Score
0.945EPSS
Summary Node.js is used as runtime and SDK for Apache Cordova applications within IBM Rational Developer for i RPG and COBOL + Modernization Tools, Java Edition. Information about security vulnerabilities affecting Node.js has been published in a security bulletin. This bulletin identifies the...
8.2CVSS
6.6AI Score
0.0004EPSS
Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices. Internet-exposed OT equipment in water and wastewater systems (WWS) in the US were targeted in multiple attacks over the past months by...
9.8CVSS
8.7AI Score
0.039EPSS
Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices. Internet-exposed OT equipment in water and wastewater systems (WWS) in the US were targeted in multiple attacks over the past months by...
9.8CVSS
7.2AI Score
0.039EPSS
Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices. Internet-exposed OT equipment in water and wastewater systems (WWS) in the US were targeted in multiple attacks over the past months by...
9.8CVSS
9.5AI Score
0.039EPSS
CVE-2024-24919......
8.6CVSS
6.3AI Score
0.945EPSS
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix firmware check error path A recent commit fixed the code that parses the firmware files before downloading them to the controller but introduced a memory leak in case the sanity checks ever fail. Make sure to...
7.1AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix firmware check error path A recent commit fixed the code that parses the firmware files before downloading them to the controller but introduced a memory leak in case the sanity checks ever fail. Make sure to...
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix firmware check error path A recent commit fixed the code that parses the firmware files before downloading them to the controller but introduced a memory leak in case the sanity checks ever fail. Make sure...
7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE At the time of LPAR boot up, partition firmware provides Open Firmware property ibm,dma-window for the PE. This property is provided on the PCI bus the PE is...
5.5CVSS
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE At the time of LPAR boot up, partition firmware provides Open Firmware property ibm,dma-window for the PE. This property is provided on the PCI bus the PE is...
5.5CVSS
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE At the time of LPAR boot up, partition firmware provides Open Firmware property ibm,dma-window for the PE. This property is provided on the PCI bus the PE is...
5.5CVSS
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() Currently, enabling SG_DEBUG in the kernel will cause nouveau to hit a BUG() on startup: kernel BUG at include/linux/scatterlist.h:187! invalid opcode: 0000 [#1]...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() Currently, enabling SG_DEBUG in the kernel will cause nouveau to hit a BUG() on startup: kernel BUG at include/linux/scatterlist.h:187! invalid opcode: 0000...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() Currently, enabling SG_DEBUG in the kernel will cause nouveau to hit a BUG() on startup: kernel BUG at include/linux/scatterlist.h:187! invalid opcode: 0000 [#1]...
6.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloading them to avoid accessing and corrupting memory beyond the vmalloced...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloading them to avoid accessing and corrupting memory beyond the vmalloced...
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloading them to avoid accessing and corrupting memory beyond the vmalloced...
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching board id Add the missing sanity check when fetching the board id to avoid leaking slab data when later requesting the...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching board id Add the missing sanity check when fetching the board id to avoid leaking slab data when later requesting the...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching board id Add the missing sanity check when fetching the board id to avoid leaking slab data when later requesting the...
6.7AI Score
0.0004EPSS
CVE-2024-36942 Bluetooth: qca: fix firmware check error path
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix firmware check error path A recent commit fixed the code that parses the firmware files before downloading them to the controller but introduced a memory leak in case the sanity checks ever fail. Make sure to...
6.8AI Score
0.0004EPSS
CVE-2024-36942 Bluetooth: qca: fix firmware check error path
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix firmware check error path A recent commit fixed the code that parses the firmware files before downloading them to the controller but introduced a memory leak in case the sanity checks ever fail. Make sure to...
7.2AI Score
0.0004EPSS
CVE-2024-36926 powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE At the time of LPAR boot up, partition firmware provides Open Firmware property ibm,dma-window for the PE. This property is provided on the PCI bus the PE is...
6.8AI Score
0.0004EPSS
CVE-2024-36926 powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE At the time of LPAR boot up, partition firmware provides Open Firmware property ibm,dma-window for the PE. This property is provided on the PCI bus the PE is...
6.3AI Score
0.0004EPSS
CVE-2024-36885 drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor()
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() Currently, enabling SG_DEBUG in the kernel will cause nouveau to hit a BUG() on startup: kernel BUG at include/linux/scatterlist.h:187! invalid opcode: 0000 [#1]...
6.3AI Score
0.0004EPSS
CVE-2024-36885 drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor()
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() Currently, enabling SG_DEBUG in the kernel will cause nouveau to hit a BUG() on startup: kernel BUG at include/linux/scatterlist.h:187! invalid opcode: 0000 [#1]...
6.7AI Score
0.0004EPSS
CVE-2024-36880 Bluetooth: qca: add missing firmware sanity checks
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloading them to avoid accessing and corrupting memory beyond the vmalloced...
6.6AI Score
0.0004EPSS
CVE-2024-36880 Bluetooth: qca: add missing firmware sanity checks
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloading them to avoid accessing and corrupting memory beyond the vmalloced...
7AI Score
0.0004EPSS
CVE-2024-36033 Bluetooth: qca: fix info leak when fetching board id
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching board id Add the missing sanity check when fetching the board id to avoid leaking slab data when later requesting the...
6.4AI Score
0.0004EPSS
CVE-2024-36033 Bluetooth: qca: fix info leak when fetching board id
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching board id Add the missing sanity check when fetching the board id to avoid leaking slab data when later requesting the...
6.8AI Score
0.0004EPSS
Checkpoint POC Exploit for testing purposes to retrieve...
8.6CVSS
6.2AI Score
0.945EPSS
RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability
The threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal. The addition of the PAN-OS vulnerability to its toolkit has been complemented by updates to the malware, which now...
10CVSS
10AI Score
0.976EPSS
(RHSA-2024:3497) Important: edk2 security update
EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es): edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message (CVE-2023-45234) edk2: Buffer...
7.4AI Score
0.001EPSS
LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader
By Anna Bennett, Nicole Hoffman, Asheer Malhotra, Sean Taylor and Brandon White. Cisco Talos is disclosing a new suspected data theft campaign, active since at least 2021, we attribute to an advanced persistent threat actor (APT) we're calling "LilacSquid." LilacSquid's victimology includes a...
7.8AI Score
Mitsubishi Electric MELSEC iQ-R, iQ-L Series and MELIPC Series (Update C)
EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R, iQ-L Series and MELIPC Series Vulnerability: Improper Resource Shutdown or Release 2. RISK EVALUATION Successful exploitation of this vulnerability could...
7.5CVSS
7.7AI Score
0.002EPSS
Baxter Welch Allyn Connex Spot Monitor
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.1 ATTENTION: Exploitable remotely Vendor: Baxter Equipment: Welch Allyn Connex Spot Monitor (CSM) Vulnerability: Use of Default Cryptographic Key 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to modify device...
7AI Score
0.0004EPSS
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Westermo Equipment: EDW-100 Vulnerabilities: Use of Hard-coded Password, Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow...
9.8CVSS
7.7AI Score
EPSS
7.4AI Score
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE At the time of LPAR boot up, partition firmware provides Open Firmware property ibm,dma-window for the PE. This property is provided on the PCI bus the PE is...
5.5CVSS
7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix firmware check error path A recent commit fixed the code that parses the firmware files before downloading them to the controller but introduced a memory leak in case the sanity checks ever fail. Make sure to...
7.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloading them to avoid accessing and corrupting memory beyond the vmalloced...
7.4AI Score
0.0004EPSS