Lucene search

K

AVEVA Software, LLC. Security Vulnerabilities

cvelist
cvelist

CVE-2024-26635 llc: Drop support for ETH_P_TR_802_2.

In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETH_P_TR_802_2. syzbot reported an uninit-value bug below. [0] llc supports ETH_P_802_2 (0x0004) and used to support ETH_P_TR_802_2 (0x0011), and syzbot abused the latter to trigger the bug. write$tun(r0,...

6.3AI Score

0.0004EPSS

2024-03-18 10:14 AM
1
cve
cve

CVE-2023-20598

An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code...

7.8CVSS

7.6AI Score

0.0004EPSS

2023-10-17 02:15 PM
36
nuclei
nuclei

Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect

Polarisft Intellect Core Banking Software Version 9.7.1 is susceptible to an open redirect issue in the Core and Portal modules via the /IntellectMain.jsp?IntellectSystem=...

6.1CVSS

6.2AI Score

0.001EPSS

2022-04-18 08:33 AM
3
cve
cve

CVE-2020-3259

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential.....

7.5CVSS

7.7AI Score

0.027EPSS

2020-05-06 05:15 PM
138
In Wild
vulnrichment
vulnrichment

CVE-2024-26625 llc: call sock_orphan() at release time

In the Linux kernel, the following vulnerability has been resolved: llc: call sock_orphan() at release time syzbot reported an interesting trace [1] caused by a stale sk->sk_wq pointer in a closed llc socket. In commit ff7b11aa481f ("net: socket: set sock->sk to NULL after calling...

6.4AI Score

0.0004EPSS

2024-03-06 06:45 AM
1
cvelist
cvelist

CVE-2024-26625 llc: call sock_orphan() at release time

In the Linux kernel, the following vulnerability has been resolved: llc: call sock_orphan() at release time syzbot reported an interesting trace [1] caused by a stale sk->sk_wq pointer in a closed llc socket. In commit ff7b11aa481f ("net: socket: set sock->sk to NULL after calling...

7.4AI Score

0.0004EPSS

2024-03-06 06:45 AM
1
nuclei
nuclei

Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion

Portal do Software Publico Brasileiro i3geo 7.0.5 is vulnerable to local file inclusion in the component codemirror.php, which allows attackers to execute arbitrary PHP code via a crafted HTTP...

9.8CVSS

9.4AI Score

0.473EPSS

2022-07-21 02:30 AM
4
ibm
ibm

Security Bulletin: IBM QRadar Suite software is vulnerable to injection attacks (CVE-2023-47726)

Summary IBM QRadar Suite software is vulnerable to injection attacks through dashboard input. This has been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability...

7.1CVSS

7.9AI Score

0.0004EPSS

2024-06-17 08:13 PM
2
ibm
ibm

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to protobuf-go, libcurl, libexpat, Java SE, IBM GSKit-Crypto, open redirect, buffer overflow condition and golang-fips/openssl vulnerabilities.

Summary IBM MQ Operator and Queue manager container images are vulnerable to protobuf-go, libcurl, libexpat, golang-fips/openssl which were identified in RedHat UBI. IBM MQ is vulnerable to a buffer overflow condition, phishing attacks in open redirect , Java SE, IBM GSKit-Crypto. This bulletin...

7.5CVSS

9AI Score

0.001EPSS

2024-04-30 07:19 AM
15
cve
cve

CVE-2019-17449

Avira Software Updater before 2.0.6.21094 allows a DLL side-loading attack. NOTE: The vendor thinks that this vulnerability is invalid because exploiting it would require at least administrator privileges and would gain only SYSTEM...

6.7CVSS

6.6AI Score

0.0004EPSS

2019-10-10 04:15 PM
29
cisco
cisco

Cisco Firepower Management Center Software SQL Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface does not adequately...

8.5AI Score

0.001EPSS

2024-05-22 04:00 PM
23
ubuntucve
ubuntucve

CVE-2023-52843

In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with eth_hdr without verifying that the skb has an Ethernet header. Syzbot was able to enter llc_rcv on a tun device. Tun can insert packets without mac len...

6.4AI Score

0.0004EPSS

2024-05-21 12:00 AM
4
cve
cve

CVE-2024-0496

A vulnerability was found in Kashipara Billing Software 1.0 and classified as critical. This issue affects some unknown processing of the file item_list_edit.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack may be initiated...

9.8CVSS

9.7AI Score

0.001EPSS

2024-01-13 05:15 PM
35
debiancve
debiancve

CVE-2023-52843

In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with eth_hdr without verifying that the skb has an Ethernet header. Syzbot was able to enter llc_rcv on a tun device. Tun can insert packets without mac len...

6.4AI Score

0.0004EPSS

2024-05-21 04:15 PM
3
debiancve
debiancve

CVE-2024-38390

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails Calling a6xx_destroy() before adreno_gpu_init() leads to a null pointer dereference on: msm_gpu_cleanup() : platform_set_drvdata(gpu->pdev, NULL); as...

7.1AI Score

0.0004EPSS

2024-06-21 11:15 AM
cve
cve

CVE-2023-29412

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote code execution when manipulating internal methods through Java RMI...

9.8CVSS

9.9AI Score

0.002EPSS

2023-04-18 09:15 PM
57
2
cvelist
cvelist

CVE-2024-26636 llc: make llc_ui_sendmsg() more robust against bonding changes

In the Linux kernel, the following vulnerability has been resolved: llc: make llc_ui_sendmsg() more robust against bonding changes syzbot was able to trick llc_ui_sendmsg(), allocating an skb with no headroom, but subsequently trying to push 14 bytes of Ethernet header [1] Like some others,...

7.5AI Score

0.0004EPSS

2024-03-18 10:14 AM
vulnrichment
vulnrichment

CVE-2024-26636 llc: make llc_ui_sendmsg() more robust against bonding changes

In the Linux kernel, the following vulnerability has been resolved: llc: make llc_ui_sendmsg() more robust against bonding changes syzbot was able to trick llc_ui_sendmsg(), allocating an skb with no headroom, but subsequently trying to push 14 bytes of Ethernet header [1] Like some others,...

6.7AI Score

0.0004EPSS

2024-03-18 10:14 AM
wired
wired

US Bans Kaspersky Software

Using a Trump-era authority, the US Commerce Department has banned the sale of Kaspersky’s antivirus tools to new customers in the US, citing alleged threats to national...

7.2AI Score

2024-06-20 08:15 PM
1
nessus
nessus

IBM Installed Software Enumeration

It was possible to enumerate installed IBM software on the remote...

1.1AI Score

2014-08-06 12:00 AM
14
ibm
ibm

Security Bulletin: A vulnerability in IBM Java affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in IBM® Runtime Environment Java™ Technology Edition affects the product's management GUI. The Command Line Interface is unaffected. Vulnerability Details ** CVEID: CVE-2023-30441 DESCRIPTION: **IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0...

7.5CVSS

5.8AI Score

0.002EPSS

2024-04-30 04:44 PM
28
nessus
nessus

AI/LLM Software Report

This plugin utilizes various Nessus detection methods and reports software identified by to Nessus and known to utilize "Artificial Intelligence" (AI) and Large Language Model (LLM) technology. Note that this plugin uses several detection methods. The products reported by this plugin will grow as.....

7.3AI Score

2024-05-29 12:00 AM
cisco
cisco

Cisco Firepower Management Center Software Object Group Access Control List Bypass Vulnerability

A vulnerability in the Object Groups for Access Control Lists (ACLs) feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass configured access controls on managed devices that are running Cisco Firepower Threat Defense (FTD) Software....

7.3AI Score

0.0004EPSS

2024-05-22 04:00 PM
3
ibm
ibm

Security Bulletin: A vulnerability in Apache Struts affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in Apache Struts affects the product's management GUI. The Command Line Interface is unaffected (CVE-2023-50164). This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-50164 DESCRIPTION: **Apache Struts could...

9.8CVSS

9.8AI Score

0.09EPSS

2024-05-01 09:28 AM
10
ibm
ibm

Security Bulletin: Multiple Vulnerabilities in IBM SDK Java affect IBM Cloud Pak System

Summary Multiple vulnerabilities found in IBM Java SDK reported in the IBM Java SDK CPU update October 2022 affect OS Image shipped with Cloud Pak System. Vulnerability Details ** CVEID: CVE-2022-21628 DESCRIPTION: **Java SE is vulnerable to a denial of service, caused by a flaw in the...

5.3CVSS

5.7AI Score

0.002EPSS

2024-04-29 10:37 AM
18
cve
cve

CVE-2021-43225

Bot Framework SDK Remote Code Execution...

9.8CVSS

9.6AI Score

0.028EPSS

2021-12-15 03:15 PM
57
cisco
cisco

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Command Injection Vulnerability

A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with...

7.4AI Score

0.0004EPSS

2024-04-24 04:00 PM
16
cve
cve

CVE-2023-21725

Windows Malicious Software Removal Tool Elevation of Privilege...

6.3CVSS

6.6AI Score

0.0004EPSS

2023-01-10 10:15 PM
170
veeam
veeam

How to Merge Veeam Data Platform Licenses

How to Merge Veeam Data Platform...

7.1AI Score

2020-02-25 12:00 AM
10
nessus
nessus

Oracle Installed Software Enumeration (Windows)

It was possible to enumerate installed Oracle software on the remote Windows...

1.8AI Score

2013-12-27 12:00 AM
21
veeam
veeam

Linux Hardened Repository Unable to Update Immutability or Remove Restore Points due to SGID

Due to the SGID bit, all files created within this directory inherit the directory's group ownership. This conflicts with the verification routine in VBR that ensures the .veeam.lock file belongs to the root user and root...

7.1AI Score

2024-06-21 12:00 AM
veeam
veeam

Unexpected Increase in Exchange Incremental Data Processed By Veeam Backup for Microsoft 365

Veeam Backup for Microsoft 365 backup jobs protecting exchange data had a sudden and substantial increase in the amount of change data being detected and processed during incremental job...

7.1AI Score

2023-08-18 12:00 AM
36
debiancve
debiancve

CVE-2023-52775

In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid data corruption caused by decline We found a data corruption issue during testing of SMC-R on Redis applications. The benchmark has a low probability of reporting a strange error as shown below. "Error: Protocol...

6.7AI Score

0.0004EPSS

2024-05-21 04:15 PM
2
veeam
veeam

Release Information for NEC Storage V Series Plug-In for Veeam Backup & Replication

Release Information for NEC Storage V Series Plug-In for Veeam Backup &...

2.1AI Score

2022-06-27 12:00 AM
9
veeam
veeam

Increase in API Calls when Performing Direct Backups to Immutable Object Storage

This situation is caused by the way in which backup file immutability is maintained when using Immutable Object Storage as a primary backup destination. Block Generations are used to extend the immutability of groups of backup files in periodic...

7AI Score

2023-07-11 12:00 AM
10
cisco
cisco

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Web Services Denial of Service Vulnerability

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.....

7.4AI Score

0.002EPSS

2024-04-24 04:00 PM
24
veeam
veeam

Veeam Data Cloud Release Information and Build Numbers

Veeam Data Cloud Release Information and Build...

7.1AI Score

2024-03-07 12:00 AM
1
veeam
veeam

Veeam Backup & Replication Upgrade Paths

Veeam Backup & Replication Upgrade...

1.8AI Score

2015-07-10 12:00 AM
3
veeam
veeam

Validator CLI Tool Fails to Process VMs in Per-machine backup with separate metadata files

Due to a known issue, the Veeam Backup Validator cannot identify the individual child backup IDs of a backup chain in the Per-machine backup with separate metadata files...

6.8AI Score

2023-09-08 12:00 AM
4
veeam
veeam

My Account Portal - Role Management FAQ

Only the License Administrator and designated Case Administrators can submit support cases. Please be sure to verify your License Administrator and define valid Case Administrators for your Veeam...

2.5AI Score

2016-12-28 12:00 AM
6
veeam
veeam

Release History for Veeam Service Provider Console 8

Release History for Veeam Service Provider Console...

7.2AI Score

2023-12-05 12:00 AM
4
veeam
veeam

How to Forcibly Stop Stuck Jobs

Occasionally, jobs can get stuck or appear to be hung. Such jobs may need to be stopped...

6.9AI Score

2013-03-01 12:00 AM
7
veeam
veeam

Shared Server Compatibility of Veeam Backup for Microsoft 365 and Veeam Backup & Replication

Veeam Support Knowledge Base answer to: Shared Server Compatibility of Veeam Backup for Microsoft 365 and Veeam Backup &...

2.5AI Score

2022-08-10 12:00 AM
6
veeam
veeam

Troubleshooting Signature-Based Firewalls

Troubleshooting-Signature-Based-Firewalls...

1.9AI Score

2016-07-12 12:00 AM
9
veeam
veeam

Error "Unable to communicate with the remote host, since it is disconnected." with replication or restore

Host Disconnected errors when restoring or replicating VMs to a new...

2.2AI Score

2014-04-21 12:00 AM
6
cisco
cisco

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Persistent Local Code Execution Vulnerability

A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary...

7.5AI Score

0.001EPSS

2024-04-24 04:00 PM
23
veeam
veeam

Considerations and Limitation - Live Resizing VHDX Disk

Live resizing of Hyper-V VHDX disks does not flush metadata information, causing issue with jobs. This article documents post-resize actions that must be taken to ensure Veeam can continue to protect the...

7AI Score

2018-02-26 12:00 AM
7
cve
cve

CVE-2023-35625

Azure Machine Learning Compute Instance for SDK Users Information Disclosure...

4.7CVSS

5.4AI Score

0.001EPSS

2023-12-12 06:15 PM
23
githubexploit
githubexploit

Exploit for Code Injection in Cisco Adaptive Security Appliance Software

CVE-2024-20359-CiscoASA-FTD-exploit Exploit for Cisco ASA and...

6CVSS

7.5AI Score

0.001EPSS

2024-05-04 10:40 AM
197
veeam
veeam

Application Migration - Best Practices and Prerequisites

This article explains the prerequisites and best practices that must be considered for successful import during application...

7.1AI Score

2024-06-14 12:00 AM
Total number of security vulnerabilities624176