Lucene search
K

4419 matches found

Circl
Circl
added 2024/01/26 2:26 a.m.11 views

CVE-2024-0402

creationtimestamp| type| source ---|---|--- 2024-01-26 02:26:35+00:00| seen| https://t.me/ctinow/173953 2024-01-26 11:56:47+00:00| seen| https://t.me/ctinow/174171 2024-01-26 12:46:40+00:00| published-proof-of-concept| https://t.me/techb0ltGenona/4239 2024-01-28 13:16:07+00:00| seen|...

9.9CVSS8.9AI score0.03302EPSS
Exploits0References25
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/24 10:2 a.m.35 views

Security Bulletin: IBM Event Processing is vulnerable to Improper Input Validation due to the PostCSS (CVE-2023-44270).

Summary Operator of IBM Event Processing is vulnerable to Improper Input Validation due to the postcss-8.4.21.tgz before 8.4.31. PostCSS is a tool for transforming CSS with JavaScript plugins and this is a dev dependency used by Event Processing Team. CVE-2023-44270. Vulnerability Details...

5.3CVSS5.5AI score0.00822EPSS
Exploits0Affected Software1
Citrix
Citrix
added 2024/01/22 12:0 a.m.7 views

How to start to use device certificate check in Device Posture

In the following Citrix document, Device Certificate check in Device Postureone part of SPA Service has been introduced. This article is about how to submit a request to start to use it. Device certificate check with Device Posture service - Preview...

6.9AI score
Exploits0
OSV
OSV
added 2024/01/21 12:0 p.m.21 views

RUSTSEC-2024-0006 Multiple issues involving quote API

Issue 1: Failure to quote characters Affected versions of this crate allowed the bytes and \xa0 to appear unquoted and unescaped in command arguments. If the output of quote or join is passed to a shell, then what should be a single command argument could be interpreted as multiple arguments. Thi...

9.8CVSS7.3AI score0.0078EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2024/01/18 12:34 p.m.34 views

TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks

Continuous integration and continuous delivery CI/CD misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to orchestrate supply chain attacks. The misconfigurations could be abused by an attacker to "conduct a supply chain compromise of...

8.9AI score
Exploits0
OpenVAS
OpenVAS
added 2024/01/18 12:0 a.m.15 views

Fedora: Security Advisory for python3-docs (FEDORA-2023-0583eedde7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6AI score0.02507EPSS
Exploits1References2
OSV
OSV
added 2024/01/16 12:32 p.m.12 views

SUSE-SU-2024:0120-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-26555: Fixed Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B that may permit an unauthenticated nearby device to spoof the...

7.8CVSS7.1AI score0.12746EPSS
Exploits11References18
OpenVAS
OpenVAS
added 2024/01/16 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2024:0106-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.4AI score0.04322EPSS
Exploits0References16
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/15 11:33 a.m.41 views

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to denial of service due to Node.js

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to denial of service due to Node.js CVE-2023-44487. Vulnerability Details CVEID:CVE-2023-44487 DESCRIPTION: Multiple vendors are vulnerable to a denial of service, caused by a flaw in handling...

7.5CVSS7.7AI score0.99999EPSS
Exploits19Affected Software2
Prion
Prion
added 2024/01/15 7:15 a.m.14 views

Design/Logic Flaw

Insufficient technical documentation issue exists in thermal camera TMC series all firmware versions. The user of the affected product is not aware of the internally saved data. By accessing the affected product physically, an attacker may retrieve the internal data...

2.1CVSS7.2AI score0.00238EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/01/15 6:53 a.m.5 views

CVE-2024-22028

Insufficient technical documentation issue exists in thermal camera TMC series all firmware versions. The user of the affected product is not aware of the internally saved data. By accessing the affected product physically, an attacker may retrieve the internal data...

4.7AI score0.00238EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/01/15 6:53 a.m.20 views

CVE-2024-22028

Insufficient technical documentation issue exists in thermal camera TMC series all firmware versions. The user of the affected product is not aware of the internally saved data. By accessing the affected product physically, an attacker may retrieve the internal data...

5AI score0.00238EPSS
Exploits0References2
CVE
CVE
added 2024/01/15 6:53 a.m.55 views

CVE-2024-22028

Thermal camera TMC series from 3R SOLUTION JAPAN is affected across all firmware versions due to insufficient technical documentation (CWE-1059). The documentation fails to describe network interface presence and internal storage of pictures/measurements, enabling physical access to reveal stored...

4.6CVSS4.8AI score0.00238EPSS
Exploits0References2Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/01/15 6:19 a.m.2 views

Thermal camera TMC series vulnerable to insufficient technical documentation

Overview Thermal camera TMC series provided by THREE R SOLUTION CORP. JAPAN are vulnerable to insufficient technical documentation CWE-1059. The related documentation does not describe the existence of the network interface, nor the internal storage for pictures and measurement data. Hiroyuki...

4.6CVSS6.5AI score0.00238EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/01/15 12:0 a.m.3 views

3R SOLUTION Thermal camera TMC series Security Vulnerability

The 3R SOLUTION Thermal camera TMC series is a series of thermal cameras from 3R SOLUTION, Japan. A security vulnerability exists in 3R SOLUTION Thermal camera TMC series, which is caused due to insufficient technical documentation, where the user is unaware of the internally stored data and an...

4.6CVSS6.6AI score0.00238EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/01/15 12:0 a.m.26 views

JVN#96240417: Thermal camera TMC series vulnerable to insufficient technical documentation

Thermal camera TMC series provided by THREE R SOLUTION CORP. JAPAN are vulnerable to insufficient technical documentation CWE-1059. The related documentation does not describe the existence of the network interface, nor the internal storage for pictures and measurement data. Impact The user of th...

4.6CVSS4.6AI score0.00238EPSS
Exploits0
Fedora
Fedora
added 2024/01/13 6:13 p.m.17 views

[SECURITY] Fedora 38 Update: ppp-2.4.9-10.fc38

The ppp package contains the PPP Point-to-Point Protocol daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an ISP Internet Service Provider or other organization over a modem...

6.5CVSS7.3AI score0.00821EPSS
Exploits0
OSV
OSV
added 2024/01/11 3:1 p.m.7 views

OPENSUSE-SU-2024:0017-1 Security update for python-django-grappelli

This update for python-django-grappelli fixes the following issues: Update to 2.14.4: - CVE-2021-46898: Fixed views/switch.py vulnerable to protocol-relative URL attacks boo1216481 - Fixed: Redirect with switch user. - Improved: Remove extra filtering in AutocompleteLookup. - Improved: Added impo...

6.1CVSS6.2AI score0.0047EPSS
Exploits1References3
Wallarm Lab
Wallarm Lab
added 2024/01/10 2:44 p.m.10 views

What Is Policy-as-Code

Decoding the Enigma: Policy-as-Code Explained The Information Technology IT sector can often feel like a maze of intricate jargon and theories. A phrase gaining traction in this field is Policy-as-Code PaC. However, what does Policy-as-Code entail? Let's demystify this enigma. Policy-as-Code...

6.8AI score
Exploits0
Fedora
Fedora
added 2024/01/04 1:38 a.m.20 views

[SECURITY] Fedora 38 Update: python3-docs-3.11.7-1.fc38

The python3-docs package contains documentation on the Python 3 programming language and interpreter...

5.3CVSS5.3AI score0.02507EPSS
Exploits1
Rows per page
Query Builder