Lucene search
K

4755 matches found

OSV
OSV
added 2024/11/22 2:23 p.m.3 views

OESA-2024-2453 openjdk-11 security update

The OpenJDK runtime environment. Security Fixes: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23...

4.8CVSS5.7AI score0.01157EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2024/11/21 11:0 a.m.9 views

Over 145,000 Industrial Control Systems Across 175 Countries Found Exposed Online

New research has uncovered more than 145,000 internet-exposed Industrial Control Systems ICS across 175 countries, with the U.S. alone accounting for over one-third of the total exposures. The analysis, which comes from attack surface management company Censys, found that 38% of the devices are...

7.6AI score
Exploits0
CNVD
CNVD
added 2024/11/21 12:0 a.m.6 views

GNU Wget Code Problem Vulnerability

GNU Wget is a set of free software from the American GNU community for downloading over the Internet, which supports downloading over the three most common TCP/IP protocols: HTTP, HTTPS, and FTP. A code issue vulnerability exists in GNU Wget that stems from an application using Wget to access...

6.5CVSS7AI score0.0111EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/11/20 6:58 a.m.7 views

China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks

A new China-linked cyber espionage group has been attributed as behind a series of targeted cyber attacks targeting telecommunications entities in South Asia and Africa since at least 2020 with the goal of enabling intelligence collection. Cybersecurity company CrowdStrike is tracking the adversa...

7.2AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2024/11/17 12:0 a.m.6 views

GnuTLS: Multiple Vulnerabilities

Background GnuTLS is a secure communications library implementing the SSL, TLS, and DTLS protocols Description Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

7.5CVSS10AI score0.01614EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2024/11/13 12:0 a.m.12 views

IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7175229)

The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 7175229 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of...

7.4CVSS6.6AI score0.01257EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/11/12 9:5 a.m.30 views

Moderate: Red Hat Security Advisory: lldpd security update

An update for lldpd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS7.1AI score0.03235EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/11/05 12:0 a.m.7 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure of the net: fec module to properly handle PTP state saving when dealing with unsupported PTPs,...

5.5CVSS6.5AI score0.00229EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/10/30 12:0 a.m.6 views

The vulnerability of the BaseBindToMachine() function in the advapi32.dll library of the WinReg client on Windows operating systems allows a perpetrator to escalate their privileges.

The vulnerability of the BaseBindToMachine function in the advapi32.dll library of the WinReg client on Windows operating systems is related to the transfer of NTLM authentication data to the Active Directory Certificate Services ADCS service due to the use of outdated transport protocols...

9CVSS5.8AI score0.11709EPSS
Exploits0References8
F5 Networks
F5 Networks
added 2024/10/29 7:8 p.m.16 views

K000148311: MySQL vulnerabilities CVE-2024-21201, CVE-2024-21230, and CVE-2024-21200

Security Advisory Description CVE-2024-21201 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker wit...

6.5CVSS5.9AI score0.00936EPSS
Exploits0
Packet Storm
Packet Storm
added 2024/10/29 12:0 a.m.219 views

ABB Cylon Aspect 3.08.01 Active Debug Data Exposure

ABB Cylon Aspect 3.08.01 auth/ Active Debug Code Vulnerability Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: 3.08.01 Summary: ASPECT is an award-winning scalable building energy management and...

7.4AI score
Exploits0
OSV
OSV
added 2024/10/24 5:15 p.m.3 views

CVE-2024-44206

An issue in the handling of URL protocols was addressed with improved logic. This issue is fixed in tvOS 17.6, visionOS 1.3, Safari 17.6, watchOS 10.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. A user may be able to bypass some web content restrictions...

9.3CVSS5.7AI score0.00468EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/10/24 4:40 p.m.18 views

CVE-2024-44206

An issue in the handling of URL protocols was addressed with improved logic. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. A user may be able to bypass some web content restrictions...

5.8AI score0.00468EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2024/10/23 7:0 a.m.7 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L).

...

3.1CVSS6.7AI score0.00879EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/10/23 7:0 a.m.5 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS6.7AI score0.00856EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/10/23 7:0 a.m.2 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H).

...

5.9CVSS6.5AI score0.00728EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/10/23 7:0 a.m.3 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS6.6AI score0.0085EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/10/23 7:0 a.m.2 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.38 and prior 8.4.1 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS6.1AI score0.00852EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/10/23 7:0 a.m.3 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS6.7AI score0.00873EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/10/23 7:0 a.m.4 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS6.7AI score0.00949EPSS
Exploits0
Rows per page
Query Builder