CVE-2021-47342 ext4: fix possible UAF when remounting r/o a mmp-protected file system
In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible UAF when remounting r/o a mmp-protected file system After commit 618f003199c6 ("ext4: fix memory leak in ext4_fill_super"), after the file system is remounted read-only, there is a race where the kmmpd thread...
6.8AI Score
0.0004EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
Log4jCenter Exploiting CVE-2021-44228 in vCenter for remote...
9.2AI Score
Amcrest IP Camera Web Management - Data Exposure
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative...
9.8CVSS
9.6AI Score
0.934EPSS
CVE-2024-29269 An issue discovered in Telesquare TLR-2005Ksh...
7AI Score
0.001EPSS
(RHSA-2024:3422) Important: linux-firmware security update
The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): linux-firmware: hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi (CVE-2022-27635) linux-firmware: hw: intel: Improper access control for...
7AI Score
0.0004EPSS
org.eclipse.jgit is vulnerable to Arbitrary File Overwrite. The vulnerability is due to a symbolic link present in a specially crafted git repository which can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensitive filesystem...
8.8CVSS
6.8AI Score
0.001EPSS
CrushFTP VFS - Sandbox Escape LFR
VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS...
10CVSS
9.2AI Score
0.966EPSS
An issue was discovered in the CampaignEvents extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. The Special:EventDetails page allows XSS via the x-xss language setting for internationalization...
5.4CVSS
5.3AI Score
0.0004EPSS
Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local...
6CVSS
6AI Score
0.0004EPSS
Summary There are multiple vulnerabilities in Open JDK Version 8, OpenJ9 used by Rational Functional Tester (RFT) / DevOps Test UI. RFT has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2024-21085 DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM...
3.7CVSS
7.2AI Score
0.001EPSS
Exploit for Inadequate Encryption Strength in Alpha-Innotec Heat Pumps Firmware
CVE-2024-22894 Downloaded the latest heatpump firmware...
6.8CVSS
7AI Score
0.001EPSS
Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable denial of service via local...
6.4CVSS
6.3AI Score
0.0004EPSS
Exploit for Untrusted Pointer Dereference in Microsoft
CVE-2023-21768 Local Privilege Escalation POC authors:...
7.8CVSS
8.2AI Score
0.003EPSS
CVE-2024-24919-Sniper ![CVE-2024-24919 Sniper...
8.6CVSS
6.2AI Score
0.945EPSS
Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local...
6CVSS
4.7AI Score
0.0004EPSS
Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local...
2.8CVSS
5AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: qt5-qtwebsockets-5.15.14-1.fc40
The QtWebSockets module implements the WebSocket protocol as specified in R FC 6455. It solely depends on Qt (no external...
6.5AI Score
0.0004EPSS
A Header Injection vulnerability in the JFrog platform in versions below 7.85.0 (SaaS) and 7.84.7 (Self-Hosted) may allow threat actors to take over the end user's account when clicking on a specially crafted URL sent to the victim’s user...
6.4CVSS
7.1AI Score
0.0004EPSS
Open-School 3.0/Community Edition 2.3 - Cross-Site Scripting
Open-School 3.0, and Community Edition 2.3, allows cross-site scripting via the osv/index.php?r=students/guardians/create id...
6.1CVSS
6AI Score
0.004EPSS
An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is no rate limit for merging...
7.5CVSS
7.2AI Score
0.0005EPSS
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local...
7.9CVSS
7.8AI Score
0.0004EPSS
Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network...
6.5CVSS
6.6AI Score
0.001EPSS
An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. Usernames of hidden users are...
4.3CVSS
7.2AI Score
0.0004EPSS
Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local...
4.7CVSS
5.7AI Score
0.0004EPSS
An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It does not check for the anti-CSRF edit token in Special:SportsTeamsManager and...
5.3CVSS
7.2AI Score
0.0005EPSS
An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. During item merging, ItemMergeInteractor does not have an edit filter running (e.g.,...
5.3CVSS
7.2AI Score
0.0005EPSS
An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. SportsTeams: Special:SportsManagerLogo and Special:SportsTeamsManagerLogo do not check for the sportsteamsmanager user right, and thus an attacker may...
5.3CVSS
7AI Score
0.0005EPSS
Uncontrolled resource consumption in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a priviledged user to potentially enable denial of service via local...
4.4CVSS
6.8AI Score
0.0004EPSS
Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable denial of service via local access. Bugs https://bugzilla.redhat.com/show_bug.cgi?id=2278989...
6.4CVSS
6.4AI Score
0.0004EPSS
An issue was discovered in the Cargo extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. The Special:Drilldown page allows XSS via artist, album, and position parameters because of applied filter values in...
6.1CVSS
6AI Score
0.0005EPSS
An issue was discovered in the ProofreadPage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. XSS can occur via...
6.1CVSS
6.2AI Score
0.0005EPSS
pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if __parse_content_stream is executed. That is, for example, the case if the user extracted text from such a PDF. This issue was introduced in pull request #969 and...
6.2CVSS
7AI Score
0.0004EPSS
In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the...
7.5CVSS
7.3AI Score
0.002EPSS
guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline (\n) into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many.....
7.5CVSS
6.9AI Score
0.003EPSS
An issue was discovered in the CheckUser extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. XSS can occur via message definitions. e.g., in...
5.4CVSS
5.3AI Score
0.0004EPSS
An issue was discovered in the PageTriage extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. XSS can occur via the rev-deleted-user, pagetriage-tags-quickfilter-label, pagetriage-triage, pagetriage-filter-date-range-format-placeholder,...
5.4CVSS
5.3AI Score
0.0004EPSS
Tornado has a CRLF injection in CurlAsyncHTTPClient headers
Summary Tornado’s curl_httpclient.CurlAsyncHTTPClient class is vulnerable to CRLF (carriage return/line feed) injection in the request headers. Details When an HTTP request is sent using CurlAsyncHTTPClient, Tornado does not reject carriage return (\r) or line feed (\n) characters in the request...
7.5AI Score
WAVLINK WN530HG4 - Improper Access Control
WAVLINK WN530HG4 M30HG4.V5030.191116 is susceptible to improper access control. An attacker can obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd] and thereby possibly obtain sensitive information, modify data, and/or execute....
7.5CVSS
7.7AI Score
0.143EPSS
OpenZeppelin Contracts is a library for secure smart contract development. The functions ECDSA.recover and ECDSA.tryRecover are vulnerable to a kind of signature malleability due to accepting EIP-2098 compact signatures in addition to the traditional 65 byte signature format. This is only an issue....
7.9CVSS
6.5AI Score
0.001EPSS
Tornado has a CRLF injection in CurlAsyncHTTPClient headers
Summary Tornado’s curl_httpclient.CurlAsyncHTTPClient class is vulnerable to CRLF (carriage return/line feed) injection in the request headers. Details When an HTTP request is sent using CurlAsyncHTTPClient, Tornado does not reject carriage return (\r) or line feed (\n) characters in the request...
7.5AI Score
WAVLINK WN533A8 - Improper Access Control
WAVLINK WN533A8 M33A8.V5030.190716 is susceptible to improper access control. An attacker can obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);] and thereby possibly obtain sensitive information, modify data, and/or execute.....
7.5CVSS
7.7AI Score
0.143EPSS
[SECURITY] Fedora 40 Update: qt6-qtwebsockets-6.7.1-1.fc40
The QtWebSockets module implements the WebSocket protocol as specified in R FC 6455. It solely depends on Qt (no external...
6.2AI Score
0.0004EPSS
phpShowtime 2.0 - Directory Traversal
A directory traversal vulnerability in phpShowtime 2.0 allows remote attackers to list arbitrary directories and image files via a .. (dot dot) in the r parameter to...
6.7AI Score
0.013EPSS
Exploit for Improper Initialization in Linux Linux Kernel
CVE-2022-0847 The Dirty Pipe Vulnerability For educational...
7.8CVSS
8.2AI Score
0.076EPSS
Exploit for Exposure of Resource to Wrong Sphere in Microsoft
Blank Space Blank Space is a refactoring of James Forshaw's...
8.6AI Score
CVE-2024-24919 Exploit CVE Identifier: CVE-2024-24919...
8.6CVSS
6.2AI Score
0.945EPSS
An issue was discovered in the GlobalWatchlist extension in MediaWiki through 1.36.2. The rev-deleted-user and ntimes messages were not properly escaped and allowed for users to inject HTML and...
6.1CVSS
6.6AI Score
0.001EPSS
An Improper input validation vulnerability that could potentially lead to privilege escalation was discovered in JFrog Artifactory.Due to this vulnerability, users with low privileges may gain administrative access to the system.This issue can also be exploited in Artifactory platforms with...
9CVSS
7AI Score
0.0004EPSS
CrateDB has a Client initialized Session-Renegotiation DoS
Summary Client-Initiated TLS Renegotiation Denial of Service (DoS) Vulnerability at Port 4200 Details A high-risk vulnerability has been identified where the TLS endpoint (port 4200) permits client-initiated renegotiation. In this scenario, an attacker can exploit this feature to repeatedly...
5.3CVSS
6.9AI Score
0.0004EPSS
CrateDB has a Client initialized Session-Renegotiation DoS
Summary Client-Initiated TLS Renegotiation Denial of Service (DoS) Vulnerability at Port 4200 Details A high-risk vulnerability has been identified where the TLS endpoint (port 4200) permits client-initiated renegotiation. In this scenario, an attacker can exploit this feature to repeatedly...
5.3CVSS
6.9AI Score
0.0004EPSS