In the Linux kernel, the following vulnerability has been resolved: RDMA/ipoib: Fix warning caused by destroying non-initial netns After the commit 5ce2dced8e95 ("RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces"), if the IPoIB device is moved to non-initial netns, destroying that netns lets the....
6.4AI Score
0.0004EPSS
GeniXCMS SQL injection vulnerability
SQL injection vulnerability in inc/lib/Control/Backend/posts.control.php in GeniXCMS 0.0.8 allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter to...
7.2CVSS
8.3AI Score
0.002EPSS
An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
7.8CVSS
7.2AI Score
0.0005EPSS
Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected...
6.1CVSS
6.6AI Score
0.0004EPSS
A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian, caused by improper input validation in certain fields used in the Radius parsing functionality of our IDS, allows an unauthenticated attacker sending specially crafted malformed network packets to cause the IDS module to stop...
7.5CVSS
7.5AI Score
0.0004EPSS
HP Advance Mobile Applications for iOS and Android are potentially vulnerable to information disclosure when using an outdated version of the application via mobile...
6AI Score
0.0004EPSS
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
7.8CVSS
7.2AI Score
0.0005EPSS
A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, allows an unauthenticated attacker to crash the IDS module by sending specially crafted malformed network...
7.5CVSS
7.7AI Score
0.001EPSS
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
7.8CVSS
7.2AI Score
0.0005EPSS
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order...
7.8CVSS
7.2AI Score
0.0005EPSS
The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siteorigin_widget' shortcode in all versions up to, and including, 2.29.15 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
6.4CVSS
5.9AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson Nascimento reported a use-after-free splat in tcp_twsk_unique() with nice analysis. Since commit ec94c2696f0b ("tcp/dccp: avoid one atomic operation for timewait...
6.7AI Score
0.0004EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:.....
7.2CVSS
7.2AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson Nascimento reported a use-after-free splat in tcp_twsk_unique() with nice analysis. Since commit ec94c2696f0b ("tcp/dccp: avoid one atomic operation for timewait...
7AI Score
0.0004EPSS
The remote host is running a protocol used for building automation and control...
1.5AI Score
Cisco TelePresence Management Suite Simple Object Access Protocol Vulnerability
A vulnerability in the Simple Object Access Protocol (SOAP) of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. The vulnerability is due to a lack of proper access and authentication controls on...
5.3CVSS
5.7AI Score
0.001EPSS
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.0. If this vulnerability is exploited, unintended data may be left in forwarded...
6.4AI Score
0.0004EPSS
A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the...
4.7CVSS
6.5AI Score
0.0005EPSS
Unrestricted Upload of File with Dangerous Type vulnerability in JumpDEMAND Inc. ActiveDEMAND allows Using Malicious Files.This issue affects ActiveDEMAND: from n/a through...
10CVSS
9.6AI Score
0.0004EPSS
Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script on the web browser of the user who is logging in to the...
6.4AI Score
0.0004EPSS
Barracuda Networks Launches Bug Bounty Program for Security Products
Barracuda Networks announced on Tuesday that it will pay over $3,100 to anyone who can hack into its security products. This bug bounty program is the first of its kind from a pure-play security vendor. “This initiative reflects our commitment to our customers and the security community at large,”....
7.8AI Score
[SECURITY] Fedora 40 Update: libcoap-4.3.4a-2.fc40
The Constrained Application Protocol (CoAP) is a specialized web transfer protocol for use with constrained nodes and constrained networks in the Inter net of Things. The protocol is designed for machine-to-machine (M2M) applications such as smart energy and building automation. libcoap...
6.5AI Score
0.0004EPSS
[SECURITY] Fedora 39 Update: libcoap-4.3.4a-2.fc39
The Constrained Application Protocol (CoAP) is a specialized web transfer protocol for use with constrained nodes and constrained networks in the Inter net of Things. The protocol is designed for machine-to-machine (M2M) applications such as smart energy and building automation. libcoap...
6.5AI Score
0.0004EPSS
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product may obtain information on the list of...
6.6AI Score
0.0004EPSS
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0, which may allow a user who can log in to the product to view the data of...
6.4AI Score
0.0004EPSS
Excessive platform resource consumption within a loop issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, processing a crafted mail may cause a denial-of-service (DoS)...
6.7AI Score
0.0004EPSS
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker to delete the data of Shared...
6.8AI Score
0.0004EPSS
An update is available for libreswan. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the...
7.4AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in GhozyLab, Inc. Popup Builder allows Stored XSS.This issue affects Popup Builder: from n/a through...
5.9CVSS
6.1AI Score
0.0004EPSS
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
7.8CVSS
7.2AI Score
0.0005EPSS
A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the...
6.1CVSS
7AI Score
0.0005EPSS
A Stack-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) component of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an rpd crash, leading to Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, when EVPN is...
7.5CVSS
6.7AI Score
0.0005EPSS
RHEL 7 : perl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl: segmentation fault in S_regmatch on negative backreference (CVE-2013-7422) perl: XSLoader loads...
7.8CVSS
8AI Score
0.035EPSS
An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon (fibtd) to crash, leading to a limited Denial of...
5.3CVSS
6.4AI Score
0.0005EPSS
Moxa MXsecurity Series Detection
The Moxa MXsecurity Series, an industrial network security management software designed for OT networks, is running on the remote...
7.1AI Score
Schneider Electric C-Gate Detection
The Schneider Electric C-Gate, an application to control and monitor C-Bus networks, is running on the remote...
1.3AI Score
Improper handling of extra values issue exists in Cybozu Garoon 5.0.0 to 5.15.2. If this vulnerability is exploited, a user who can log in to the product with the administrative privilege may be able to cause a denial-of-service (DoS)...
6.8AI Score
0.0004EPSS
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 6.0.0 allows a remote authenticated attacker to alter and/or obtain the data of...
6.6AI Score
0.0004EPSS
Potential vulnerabilities have been identified in the system BIOS for certain HP PC products, which might allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential...
7.8AI Score
0.0004EPSS
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in W3 Eden Inc. Download Manager allows Functionality Bypass.This issue affects Download Manager: from n/a through...
5.3CVSS
5.2AI Score
0.0004EPSS
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). When telemetry requests are sent to the...
5.9CVSS
6.8AI Score
0.0005EPSS
An Access of Memory Location After End of Buffer vulnerability in the Layer-2 Control Protocols Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, when LLDP.....
6.5CVSS
6.8AI Score
0.001EPSS
Memcyco Report: Just 6% of Brands Guard Against Digital Impersonation Fraud
By Waqas Memcyco Inc., a provider of digital trust technology designed to protect companies and their customers from digital impersonation… This is a post from HackRead.com Read the original post: Memcyco Report: Just 6% of Brands Guard Against Digital Impersonation...
7.3AI Score
An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to access confidential information on the system. On all Junos OS and Junos OS Evolved platforms, when NETCONF traceoptions are configured, and a super-user...
5CVSS
6.3AI Score
0.0004EPSS
An Improper Validation of Syntactic Correctness of Input vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). If a BGP update is received over an established BGP...
7.5CVSS
6.8AI Score
0.0004EPSS
Exploit for Insufficient Verification of Data Authenticity in Postfix
CVE-2023-51764 Postfix SMTP Smuggling - Expect Script POC...
5.3CVSS
5.3AI Score
0.003EPSS
CVE-2024-30401 Junos OS: MX Series and EX9200-15C: Stack-based buffer overflow in aftman
An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line cards, MX304, and EX9200-15C, may allow an attacker to exploit a stack-based buffer overflow, leading to a reboot of the FPC....
5.9CVSS
6.1AI Score
0.0005EPSS
9.3CVSS
7AI Score
0.001EPSS
An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon (fibtd) to crash, leading to a limited Denial of...
5.3CVSS
5.2AI Score
0.0005EPSS
Potential vulnerabilities have been identified in the system BIOS for certain HP PC products which may allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential...
7.7AI Score
0.0004EPSS