Lucene search

K

AVEVA Software, LLC. Security Vulnerabilities

ibm
ibm

Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities

Summary QRadar Suite Software includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability Details **...

8.7CVSS

9.7AI Score

0.008EPSS

2024-05-03 10:32 AM
6
githubexploit
githubexploit

Exploit for Uncontrolled Resource Consumption in Quic-Go Project Quic-Go

QUIC-attacks (CVE-2022-30591) The current repository serves...

7.5AI Score

2022-06-30 06:25 PM
439
veeam
veeam

Build Numbers and Versions of Veeam Agent for IBM AIX

This KB article lists all versions of Veeam Agent for IBM AIX and their respective build...

3.1AI Score

2022-09-22 12:00 AM
7
veeam
veeam

List of Security Fixes and Improvements in Veeam Agent for Microsoft Windows

This article describes all security-related fixes and improvements introduced in each release or update of Veeam Agent for Microsoft...

2.2AI Score

2020-03-02 12:00 AM
5
cvelist
cvelist

CVE-2020-3259 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential.....

7.5CVSS

7.7AI Score

0.027EPSS

2020-05-06 12:00 AM
githubexploit
githubexploit

Exploit for Improper Control of Interaction Frequency in Asus Gt-Axe11000 Firmware

easy-exploits The current repository contains exploits of...

7AI Score

2022-05-27 09:09 PM
5
cvelist
cvelist

CVE-2023-6173 SQLi in TeoSOFT Software TeoBASE

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeoSOFT Software TeoBASE allows SQL Injection.This issue affects TeoBASE: through 27032024. NOTE: The vendor was contacted early about this disclosure but did not respond in any...

9.8CVSS

9.9AI Score

0.001EPSS

2024-03-27 12:05 PM
githubexploit
githubexploit

Exploit for CVE-2024-25600

![GIF](https://64.media.tumblr.com/eca96708daac19f72edc9ee6c6fdf......

10CVSS

7.4AI Score

0.001EPSS

2024-02-29 08:53 PM
51
vulnrichment
vulnrichment

CVE-2020-3259 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential.....

7.5CVSS

7.1AI Score

0.027EPSS

2020-05-06 12:00 AM
githubexploit
githubexploit

Exploit for Off-by-one Error in F5 Nginx

CVE-2021-23017-PoC ``` pip install -r requirements.txt...

7.7CVSS

8.1AI Score

0.52EPSS

2022-06-30 04:39 AM
984
nessus
nessus

Malicious File Detection: Potentially Unwanted Software

The md5sum of one or more files on the remote Windows host matches software known to violate some corporate policies. Verify that the remote files are authorized in your...

2.4AI Score

2016-04-11 12:00 AM
7
ibm
ibm

Security Bulletin: IBM QRadar Suite software is vulnerable to injection attacks

Summary IBM QRadar Suite software is vulnerable to injection attacks through dashboard parameters. This has been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version....

4.3CVSS

7AI Score

0.0004EPSS

2024-05-01 01:12 PM
9
cve
cve

CVE-2023-52843

In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with eth_hdr without verifying that the skb has an Ethernet header. Syzbot was able to enter llc_rcv on a tun device. Tun can insert packets without mac len...

6.5AI Score

0.0004EPSS

2024-05-21 04:15 PM
27
nessus
nessus

Apple Boot Camp Support Software Installed

The remote Windows host has an install of Apple's Boot Camp Support Software. Apple Boot Camp is a utility included on Mac OS X computers to assist with virtualizing various Windows operating systems, and Boot Camp Support Software provides associated drivers for...

3.4AI Score

2014-02-20 12:00 AM
18
nessus
nessus

Malicious Process Detection: Potentially Unwanted Software

The md5sum of one or more running process on the remote Windows host matches software known to violate some corporate policies. Verify that the remote processes are authorized in your...

2.4AI Score

2012-06-21 12:00 AM
11
nessus
nessus

IBM Netezza Platform Software Detection (Linux)

Support software for IBM Netezza, a enterprise data warehousing suite, is installed on the remote Linux...

1.2AI Score

2018-02-09 12:00 AM
11
osv
osv

CVE-2023-25826

Due to insufficient validation of parameters passed to the legacy HTTP query API, it is possible to inject crafted OS commands into multiple parameters and execute malicious code on the OpenTSDB host system. This exploit exists due to an incomplete fix that was made when this vulnerability was...

9.8CVSS

9.9AI Score

0.962EPSS

2023-05-03 07:15 PM
2
nessus
nessus

Python Software Foundation Python Installed (Windows)

Python, a tool to locally create and run application in the python programming language, is installed on the remote Windows...

1.1AI Score

2020-07-31 12:00 AM
18
nessus
nessus

Malicious Process Detection: APT1 Software Running

The md5sum of one or more running processes on the remote Windows host matches the signature distributed by Mandiant of software known to be involved in corporate cyber espionage by a unit called APT1. Verify that the remote processes are legitimate and authorized in your...

2.4AI Score

2013-02-19 12:00 AM
10
cvelist
cvelist

CVE-2024-28782 IBM QRadar Suite Software information disclosure

IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: ...

6.3CVSS

6.1AI Score

0.0004EPSS

2024-04-03 12:00 PM
cvelist
cvelist

CVE-2023-6153 Authentication Bypass in TeoSOFT Software TeoBASE

Authentication Bypass by Primary Weakness vulnerability in TeoSOFT Software TeoBASE allows Authentication Bypass.This issue affects TeoBASE: through 20240327. NOTE: The vendor was contacted early about this disclosure but did not respond in any...

9.8CVSS

9.6AI Score

0.001EPSS

2024-03-27 12:09 PM
hp
hp

HP Software Packages (SoftPaqs) – Potential Escalation of Privilege

Certain HP software packages (SoftPaqs) are potentially vulnerable to arbitrary code execution when the SoftPaq configuration file has been modified after extraction. HP has released updated software packages (SoftPaqs). HP has provided updated software packages (SoftPaqs) available from our...

8AI Score

0.0004EPSS

2024-04-25 12:00 AM
12
githubexploit
githubexploit

Exploit for Path Traversal in Sysaid Sysaid On-Premises

Vulnerability Details fofa: ```text ...

9.8CVSS

9.6AI Score

0.935EPSS

2023-11-17 07:03 AM
313
cvelist
cvelist

CVE-2024-4538 IDOR vulnerability in Janto Ticketing Software

IDOR vulnerability in Janto Ticketing Software affecting version 4.3r10. This vulnerability could allow a remote user to obtain a user's event ticket by creating a specific request with the ticket reference ID, leading to the exposure of sensitive user...

7.5CVSS

7.6AI Score

0.0004EPSS

2024-05-07 11:35 AM
veeam
veeam

Quantum DXi Storage With Firmware 3.x Does Not Work with Veeam Backup & Replication 12

Veeam Backup & Replication cannot connect to the Quantum DXi storage because a secured TLS communication channel cannot be created. Starting in Veeam Backup & Replication 12, communication with deduplicating storage appliances is secured using a TLS connection. In order to create such a TLS...

1.7AI Score

2023-03-17 12:00 AM
7
veeam
veeam

Backup job reports Unfreeze Error (Over VIX)

Backup job returns an error:Unfreeze error (over VIX): [Backup job failed.]Running vssadmin list writers command may result in:Non-Retryable error for Volume Shadow Copy Service (VSS) of the...

2.8AI Score

2013-07-08 12:00 AM
6
cvelist
cvelist

CVE-2024-4537 IDOR vulnerability in Janto Ticketing Software

IDOR vulnerability in Janto Ticketing Software affecting version 4.3r10. This vulnerability could allow a remote user to obtain the download URL of another user to obtain the purchased...

7.5CVSS

7.6AI Score

0.0004EPSS

2024-05-07 11:35 AM
cvelist
cvelist

CVE-2023-47727 IBM QRadar Suite Software file manipulation

IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.20.0 could allow an authenticated user to modify dashboard parameters due to improper input validation. IBM X-Force ID: ...

4.3CVSS

4.6AI Score

0.0004EPSS

2024-05-02 02:43 PM
1
nessus
nessus

RHEL 8 : gnome-software and fwupd (RHSA-2020:4436)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4436 advisory. The gnome-software packages contain an application that makes it easy to add, remove, and update software in the GNOME desktop. The...

6CVSS

6.6AI Score

0.0005EPSS

2020-11-04 12:00 AM
14
nuclei
nuclei

Honeywell PM43 Printers - Command Injection

Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g....

9.9CVSS

9.8AI Score

0.71EPSS

2023-10-15 01:57 PM
4
oraclelinux
oraclelinux

perl:5.32 security update

perl-Algorithm-Diff perl-Archive-Tar perl-Archive-Zip perl-autodie perl-bignum perl-Carp perl-Compress-Bzip2 perl-Compress-Raw-Bzip2 perl-Compress-Raw-Lzma perl-Compress-Raw-Zlib [2.096-2] - Fix test broken by update in zlib on s390x - Related: RHEL-16371 perl-Config-Perl-V perl-constant...

7.8CVSS

6.8AI Score

0.0004EPSS

2024-05-24 12:00 AM
16
osv
osv

CVE-2022-40755

JasPer 3.0.6 allows denial of service via a reachable assertion in the function inttobits in...

5.5CVSS

9.1AI Score

0.001EPSS

2022-09-16 10:15 PM
1
hackread
hackread

Essential Features of Cybersecurity Management Software for MSPs

By Uzair Amir Protect your clients' businesses from cyber threats with Cybersecurity Management Software. Explore the unified control panel, real-time threat… This is a post from HackRead.com Read the original post: Essential Features of Cybersecurity Management Software for...

7.3AI Score

2024-05-27 12:42 PM
4
tibco
tibco

TIBCO Security Advisory: June 11, 2024 - TIBCO EBX - CVE-2024-4576

TIBCO EBX File Inclusion Vulnerability Original release date: June 11, 2024 Last revised: June 12, 2024 CVE-2024-4576 Source: TIBCO Software Inc. Products Affected TIBCO EBX versions 5.9.25 and below TIBCO EBX versions 6.1.3 HF2 and below Component affected: EBX Add-ons Description The...

6.9AI Score

0.0004EPSS

2024-06-11 04:55 PM
1
osv
osv

CVE-2022-24373

The package react-native-reanimated before 3.0.0-rc.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper usage of regular expression in the parser of...

7.5CVSS

7.5AI Score

0.002EPSS

2022-09-30 05:15 AM
5
osv
osv

CVE-2022-39063

When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the f_teid_len from incoming message, and then uses it to copy data from incoming message to struct f_teid without...

7.5CVSS

6.8AI Score

0.001EPSS

2022-09-16 07:15 PM
1
veeam
veeam

Console Error - Failed to connect to Veeam Backup & Replication Server

Console Error - Failed to connect to Veeam Backup & Replication...

1.9AI Score

2016-04-21 12:00 AM
4
veeam
veeam

Using Object Storage with Veeam Products

Support for S3 and S3-compatible, versioning is not required unless using object lock. With Azure Blob versioning, soft-delete, change feed, point in time restore, and immutability are not...

2.7AI Score

2021-11-18 12:00 AM
8
osv
osv

MunkiReport Software Update module is vulnerable to SQL injection

A SQL injection vulnerability in softwareupdate_controller.php in the Software Update module before 1.6 for MunkiReport allows attackers to execute arbitrary SQL commands via the last URL parameter of the /module/softwareupdate/get_tab_data/...

8.8CVSS

8.6AI Score

0.001EPSS

2022-05-24 05:24 PM
2
nvd
nvd

CVE-2024-23504

Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through...

5.3CVSS

0.0004EPSS

2024-06-14 06:15 AM
5
nuclei
nuclei

OpenCms 14 & 15 - Open Redirect

Open redirect vulnerability has been found in the Open CMS product affecting versions 14 and 15 of the 'Mercury'...

6.1CVSS

6.3AI Score

0.01EPSS

2023-12-06 06:11 AM
31
nessus
nessus

Cisco UCS Central Software Web UI Detection

The web user interface for Cisco Unified Computing System (UCS) Central Software, an infrastructure management system, was detected on the remote...

1.6AI Score

2016-08-25 12:00 AM
7
githubexploit
githubexploit

Exploit for CVE-2024-27697

FuguHub 8.4 Authenticated RCE Fuguhub is a Cloud Media...

8.8AI Score

EPSS

2024-03-09 10:24 PM
23
cve
cve

CVE-2024-26635

In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETH_P_TR_802_2. syzbot reported an uninit-value bug below. [0] llc supports ETH_P_802_2 (0x0004) and used to support ETH_P_TR_802_2 (0x0011), and syzbot abused the latter to trigger the bug. write$tun(r0,...

5.8AI Score

0.0004EPSS

2024-03-18 11:15 AM
48
cve
cve

CVE-2024-23503

Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through...

4.3CVSS

4.7AI Score

0.0004EPSS

2024-06-11 04:15 PM
35
github
github

MunkiReport Software Update module is vulnerable to SQL injection

A SQL injection vulnerability in softwareupdate_controller.php in the Software Update module before 1.6 for MunkiReport allows attackers to execute arbitrary SQL commands via the last URL parameter of the /module/softwareupdate/get_tab_data/...

8.8CVSS

8.6AI Score

0.001EPSS

2022-05-24 05:24 PM
9
cvelist
cvelist

CVE-2024-5176 Vulnerability in Welch Allyn Configuration Tool Software

Insufficiently Protected Credentials vulnerability in Baxter Welch Allyn Configuration Tool may allow Remote Services with Stolen Credentials.This issue affects Welch Allyn Configuration Tool: versions 1.9.4.1 and...

6.7AI Score

0.0004EPSS

2024-05-31 05:26 PM
1
atlassian
atlassian

XSRF Security Token Missing when clicking on Contact an administrator

h3. Summary Clicking on the "Contact an administrator to perform this action." results in XSRF Security Token Missing. Tested with : # Chrome Version 54.0.2840.59 (64-bit) # Firefox 49.0 h3. Steps to Reproduce # Configure Outgoing Mail # Enable Contact Administrators Form from General...

0.2AI Score

2016-10-25 07:44 AM
11
osv
osv

CVE-2023-25828

Pluck CMS is vulnerable to an authenticated remote code execution (RCE) vulnerability through its “albums” module. Albums are used to create collections of images that can be inserted into web pages across the site. Albums allow the upload of various filetypes, which undergo a normalization...

7.2CVSS

8AI Score

0.001EPSS

2023-03-27 05:15 PM
2
nessus
nessus

Malicious File Detection: APT1 Software on System

The md5sum of one or more files on the remote Windows host matches the signature distributed by Mandiant of software known to be involved in corporate espionage by a unit called APT1. Verify that the remote files are legitimate and authorized in your...

2.1AI Score

2016-04-11 12:00 AM
13
Total number of security vulnerabilities622541