CVE-2024-33621 ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound
In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound Raw packet from PF_PACKET socket ontop of an IPv6-backed ipvlan device will hit WARN_ON_ONCE() in sk_mc_loop() through sch_direct_xmit() path. WARNING: CPU: 2 PID: 0 at....
0.0004EPSS
CVE-2024-33619 efi: libstub: only free priv.runtime_map when allocated
In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtime_map when allocated priv.runtime_map is only allocated when efi_novamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...
0.0004EPSS
CVE-2024-31076 genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline
In the Linux kernel, the following vulnerability has been resolved: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline The absence of IRQD_MOVE_PCNTXT prevents immediate effectiveness of interrupt affinity reconfiguration via procfs. Instead, the change is deferred until the...
0.0004EPSS
CVE-2023-52884 Input: cyapa - add missing input core locking to suspend/resume functions
In the Linux kernel, the following vulnerability has been resolved: Input: cyapa - add missing input core locking to suspend/resume functions Grab input->mutex during suspend/resume functions like it is done in other input drivers. This fixes the following warning during system suspend/resume...
0.0004EPSS
silverstripe/framework is vulnerable to Cross Site Scripting (XSS). The vulnerability is due to improper input validation of HTML content, which allows authenticated users with page edit permission to perform...
6.3AI Score
typo3/cms is vulnerable to Insecure Deserialization. The vulnerability is due to the execution of source code from Phar files when they are invoked. Due to missing sanitization of user input, attackers can upload obfuscated Phar files ("bundle.txt") and manipulate URLs in TYPO3 backend forms to...
7.6AI Score
Oyster Backdoor Spreading via Trojanized Popular Software Downloads
A malvertising campaign is leveraging trojanized installers for popular software such as Google Chrome and Microsoft Teams to drop a backdoor called Oyster (aka Broomstick and CleanUpLoader). That's according to findings from Rapid7, which identified lookalike websites hosting the malicious...
7.5AI Score
silverstripe/framework is vulnerable to Account Takeover. The vulnerability is due to plain text storage of user login attempts, which may include sensitive data like passwords mistyped into the username field. The vulnerability allows an attacker could gain unauthorized access to user credentials....
7AI Score
typo3/cms is vulnerable to Authentication Bypass. The vulnerability is due to late TCA initialization, which fails to restrict frontend users according to the validation rules, allowing attackers to authenticate restricted (e.g., disabled) frontend...
7.1AI Score
CVE-2024-33873 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-33873 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-32615 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32615 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2023-49568 affecting package cri-o for versions less than 1.30.1-1
CVE-2023-49568 affecting package cri-o for versions less than 1.30.1-1. An upgraded version of the package is available that resolves this...
7.5CVSS
6.9AI Score
0.0005EPSS
CVE-2024-28182 affecting package nodejs for versions less than 20.14.0-1
CVE-2024-28182 affecting package nodejs for versions less than 20.14.0-1. An upgraded version of the package is available that resolves this...
5.3CVSS
7.1AI Score
0.0004EPSS
CVE-2024-32621 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32621 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2022-23639 affecting package librsvg2 for versions less than 2.58.1-1
CVE-2022-23639 affecting package librsvg2 for versions less than 2.58.1-1. An upgraded version of the package is available that resolves this...
8.1CVSS
6.9AI Score
0.003EPSS
CVE-2022-2879 affecting package cri-o for versions less than 1.30.1-1
CVE-2022-2879 affecting package cri-o for versions less than 1.30.1-1. An upgraded version of the package is available that resolves this...
7.5CVSS
7.8AI Score
0.002EPSS
CVE-2024-28863 affecting package nodejs for versions less than 20.14.0-1
CVE-2024-28863 affecting package nodejs for versions less than 20.14.0-1. An upgraded version of the package is available that resolves this...
6.5CVSS
6.9AI Score
0.0004EPSS
CVE-2023-45288 affecting package cri-o for versions less than 1.30.1-1
CVE-2023-45288 affecting package cri-o for versions less than 1.30.1-1. An upgraded version of the package is available that resolves this...
6.9AI Score
0.0004EPSS
CVE-2024-29160 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-29160 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-29161 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-29161 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-31852 affecting package llvm for versions less than 18.1.2-3
CVE-2024-31852 affecting package llvm for versions less than 18.1.2-3. A patched version of the package is...
7AI Score
0.0004EPSS
CVE-2019-11835 affecting package libglvnd for versions less than 1.7.0-2
CVE-2019-11835 affecting package libglvnd for versions less than 1.7.0-2. A patched version of the package is...
9.8CVSS
7AI Score
0.005EPSS
CVE-2024-32619 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32619 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-32611 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32611 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-32620 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32620 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-29164 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-29164 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-0553 affecting package gnutls for versions less than 3.8.3-1
CVE-2024-0553 affecting package gnutls for versions less than 3.8.3-1. An upgraded version of the package is available that resolves this...
7.5CVSS
7.1AI Score
0.008EPSS
CVE-2013-6381 affecting package kernel for versions less than 6.6.29.1-4
CVE-2013-6381 affecting package kernel for versions less than 6.6.29.1-4. An upgraded version of the package is available that resolves this...
6.8AI Score
0.0004EPSS
CVE-2014-0069 affecting package kernel for versions less than 6.6.29.1-4
CVE-2014-0069 affecting package kernel for versions less than 6.6.29.1-4. A patched version of the package is...
7.1AI Score
0.0004EPSS
CVE-2023-46853 affecting package memcached for versions less than 1.6.27-1
CVE-2023-46853 affecting package memcached for versions less than 1.6.27-1. An upgraded version of the package is available that resolves this...
9.8CVSS
6.9AI Score
0.001EPSS
CVE-2022-29526 affecting package sriov-network-device-plugin for versions less than 3.7.0-1
CVE-2022-29526 affecting package sriov-network-device-plugin for versions less than 3.7.0-1. An upgraded version of the package is available that resolves this...
5.3CVSS
6.2AI Score
0.002EPSS
CVE-2024-24786 affecting package kubernetes for versions less than 1.30.1-1
CVE-2024-24786 affecting package kubernetes for versions less than 1.30.1-1. An upgraded version of the package is available that resolves this...
6.7AI Score
0.0004EPSS
CVE-2024-22025 affecting package nodejs for versions less than 20.14.0-1
CVE-2024-22025 affecting package nodejs for versions less than 20.14.0-1. An upgraded version of the package is available that resolves this...
6.5CVSS
7AI Score
0.0004EPSS
CVE-2024-22017 affecting package nodejs for versions less than 20.14.0-1
CVE-2024-22017 affecting package nodejs for versions less than 20.14.0-1. An upgraded version of the package is available that resolves this...
7.3CVSS
6.9AI Score
0.0004EPSS
CVE-2024-4603 affecting package nodejs for versions less than 20.14.0-1
CVE-2024-4603 affecting package nodejs for versions less than 20.14.0-1. An upgraded version of the package is available that resolves this...
6.9AI Score
0.0004EPSS
CVE-2024-26908 affecting package kernel for versions less than 6.6.29.1-4
CVE-2024-26908 affecting package kernel for versions less than 6.6.29.1-4. An upgraded version of the package is available that resolves this...
6.9AI Score
0.0004EPSS
CVE-2024-0607 affecting package kernel for versions less than 6.6.29.1-4
CVE-2024-0607 affecting package kernel for versions less than 6.6.29.1-4. A patched version of the package is...
6.6CVSS
6.9AI Score
0.0004EPSS
CVE-2023-42282 affecting package nodejs for versions less than 20.14.0-1
CVE-2023-42282 affecting package nodejs for versions less than 20.14.0-1. An upgraded version of the package is available that resolves this...
9.8CVSS
6.9AI Score
0.001EPSS
CVE-2024-3727 affecting package ig for versions less than 0.29.0-1
CVE-2024-3727 affecting package ig for versions less than 0.29.0-1. An upgraded version of the package is available that resolves this...
8.3CVSS
6.9AI Score
0.0004EPSS
CVE-2021-21334 affecting package cri-o for versions less than 1.30.1-1
CVE-2021-21334 affecting package cri-o for versions less than 1.30.1-1. An upgraded version of the package is available that resolves this...
6.3CVSS
6.9AI Score
0.001EPSS
CVE-2021-38190 affecting package librsvg2 for versions less than 2.58.1-1
CVE-2021-38190 affecting package librsvg2 for versions less than 2.58.1-1. An upgraded version of the package is available that resolves this...
9.8CVSS
7AI Score
0.002EPSS
CVE-2024-33874 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-33874 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-32622 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32622 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-32607 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32607 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-29158 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-29158 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-32610 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32610 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-29166 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-29166 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-32609 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32609 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-32614 affecting package hdf5 for versions less than 1.14.4.3-1
CVE-2024-32614 affecting package hdf5 for versions less than 1.14.4.3-1. An upgraded version of the package is available that resolves this...
7AI Score
EPSS
CVE-2024-28757 affecting package expat for versions less than 2.6.2-1
CVE-2024-28757 affecting package expat for versions less than 2.6.2-1. An upgraded version of the package is available that resolves this...
6.9AI Score
0.0004EPSS