Lucene search
K

6348 matches found

Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.28 views

Mitsubishi Electric MELSEC iQ-R Series Exposure of Sensitive Information to an Unauthorized Actor (CVE-2021-20594)

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules R08/16/32/120SFCPU all versions, R08/16/32/120PSFCPU all versions allows a remote unauthenticated attacker to acquire legitimate user names registered in the module via...

9.1CVSS7.9AI score0.0237EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.21 views

Schneider Electric Modicon Cleartext Transmission of Sensitive Information (CVE-2019-6846)

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules all firmware versions, which could cause information disclosure when using the FTP protocol. This plugin only works with Tenable.ot. Please visit...

6.5CVSS6.5AI score0.00981EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.24 views

Mitsubishi Electric MELSEC-Q QJ71E71 series Improper Synchronization (CVE-2016-8368)

An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. The affected Ethernet interface module is connected to a MELSEC-Q PLC, which may allow a remote attacker to conne...

8.6CVSS7.9AI score0.02615EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.19 views

Schneider Electric Modicon Cross-Site Request Forgery (CVE-2013-0663)

Cross-site request forgery CSRF vulnerability on the Schneider Electric Quantum 140NOE77111, 140NOE77101, and 140NWM10000; M340 BMXNOC0401, BMXNOE0100x, and BMXNOE011xx; and Premium TSXETY4103, TSXETY5103, and TSXWMY100 PLC modules allows remote attackers to hijack the authentication of arbitrary...

6.8CVSS6AI score0.0596EPSS
Exploits4References5
vulnersOsv
vulnersOsv
added 2022/02/04 11:15 p.m.6 views

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +170 more potentially affected by CVE-2022-23576 via tensorflow-gpu (>=1.10.1 <=2.5.1)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 and more Source cves: CVE-2022-23576 Source advisory: OSV:PYSEC-2022-140...

6.5CVSS6.5AI score0.00783EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/04 11:15 p.m.4 views

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +170 more potentially affected by CVE-2022-23557 via tensorflow-gpu (>=1.10.1 <=2.5.1)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 and more Source cves: CVE-2022-23557 Source advisory: OSV:PYSEC-2022-121...

6.5CVSS6.5AI score0.00757EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/02/04 11:15 p.m.4 views

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +170 more potentially affected by CVE-2022-23582 via tensorflow-gpu (>=1.10.1 <=2.5.1)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 and more Source cves: CVE-2022-23582 Source advisory: OSV:PYSEC-2022-146...

6.5CVSS6.5AI score0.00783EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2022/02/03 4:10 p.m.2 views

golang: Command-line arguments may overwrite global data

A flaw was found in golang. This vulnerability can only be triggered when invoking functions from vulnerable WASM WebAssembly Modules. Go can be compiled to WASM. If the product or service doesn't use WASM functions, it is not affected, although it uses golang...

9.8CVSS7.1AI score0.10299EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2022/02/03 1:15 p.m.6 views

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +170 more potentially affected by CVE-2022-21729 via tensorflow-gpu (>=1.10.1 <=2.5.1)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 and more Source cves: CVE-2022-21729 Source advisory: OSV:PYSEC-2022-108...

6.5CVSS6.5AI score0.00783EPSS
Exploits1
Rockylinux
Rockylinux
added 2022/02/03 9:29 a.m.27 views

varnish:6 security update

An update is available for varnish, varnish-modules. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Varnish Cache is a high-performance HTTP accelerator. It...

9.1CVSS9AI score0.01957EPSS
Exploits0
Oracle linux
Oracle linux
added 2022/02/03 12:0 a.m.29 views

varnish:6 security update

varnish 6.0.8-1.1 - Resolves: 2047648 - CVE-2022-23959 varnish:6/varnish: Varnish HTTP/1 Request Smuggling Vulnerability varnish-modules 0.15.0-6 - Related: 1982862 - rebuild for new varnish version...

9.1CVSS2.5AI score0.01957EPSS
Exploits0
OSV
OSV
added 2022/02/02 12:46 p.m.5 views

OPENSUSE-SU-2022:0024-1 Security update for lighttpd

This update for lighttpd fixes the following issues: lighttpd was updated to 1.4.64: CVE-2022-22707: off-by-one stack overflow in the modextforward plugin boo1194376 graceful restart/shutdown timeout changed from 0 disabled to 8 seconds. configure an alternative with: server.feature-flags +=...

5.9CVSS6.8AI score0.08969EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.24 views

Mageia: Security Advisory (MGASA-2019-0328)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.08042EPSS
Exploits0References7
hivepro
hivepro
added 2022/01/26 5:39 a.m.14 views

MoonBounce: New malware deployed by APT41 in UEFI firmware

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. MoonBounce is a new type of malware that hides in the most complex part of an Operating System OS, the Basic Input Output System BIOS chip, and thus persists even after reinstalling your OS or formatting your hard drive...

0.5AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/20 10:43 p.m.137 views

Security Bulletin: IBM MaaS360 Cloud Extender and Modules have various vulnerabilities (CVE-2021-22924, CVE-2021-3712)

Summary A vulnerability contained within a 3rd party component was identified and remediated in the IBM MaaS360 Cloud Extender Agent V2.106.100.008 and Modules. Vulnerability Details CVEID: CVE-2021-22924 DESCRIPTION: An unspecified error with bad connection reused due to improper path name...

7.4CVSS6.4AI score0.50445EPSS
Exploits1Affected Software1
Huntr
Huntr
added 2022/01/17 4:52 a.m.9 views

Cross-site Scripting (XSS) - Stored in zikula/core

Description In zikula/core cross site scripting vulnerability is present in block modules block list description field. This commit e453ad not properly santize the input. Proof of Concept login to the demo account go to blocks https://demo.ziku.la/blocks/admin/view Add payload in block list...

6.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/01/17 12:0 a.m.4 views

The vulnerability of WebKitGTK and WPE WebKit’s display modules, related to memory management after memory is freed, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of Web page rendering modules in WebKitGTK and WPE WebKit relates to the use of memory after it is released. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service failures due to malicious web content...

9.3CVSS6.9AI score0.02095EPSS
Exploits2References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/01/17 12:0 a.m.5 views

The vulnerability of WebKitGTK and WPE WebKit’s display modules is related to authentication procedures that allow attackers to access confidential data and compromise its integrity.

The vulnerability of Web page rendering modules in WebKitGTK and WPE WebKit is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data and compromise its integrity through a malicious website...

5.8CVSS6.5AI score0.01238EPSS
Exploits0References8Affected Software5
OSV
OSV
added 2022/01/11 12:15 p.m.6 views

CVE-2021-45033

A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C All versions V16.20, CP-8000 MASTER MODULE WITH I/O -40/+70°C All versions V16.20, CP-8021 MASTER MODULE All versions V16.20, CP-8022 MASTER MODULE WITH GPRS All versions V16.20. An undocumented debug port uses...

8.8CVSS7.2AI score
Exploits0References1
Gitee
Gitee
added 2022/01/09 4:18 p.m.5 views

vulhub

This is an open-source collection of vulnerable systems and applications for educational purposes. The repository is maintained by phith0n and is available on GitHub. It contains a variety of vulnerable systems and applications, including web applications, databases, and operating systems. The...

8AI score
Exploits0
Rows per page
Query Builder