Summary IBM Storage Defender – Resiliency Service is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilities have been addressed. CVE-2023-45288, CVE-2024-25031, CVE-2024-38322, CVE-2024-33883. Vulnerability Details ** CVEID: CVE-2023-45288 ...
6.5CVSS
7.5AI Score
0.0004EPSS
CVE-2021-38314 Python Exploit Detail The Gutenberg...
5.3CVSS
5.5AI Score
0.002EPSS
Security Bulletin: IBM MQ is vulnerable to a denial of service attack (CVE-2024-35116)
Summary IBM MQ has addressed a denial of service vulnerability. Vulnerability Details CVEID: CVE-2024-35116 DESCRIPTION: IBM MQ is vulnerable to a denial of service attack caused by an error applying configuration changes. CVSS Base score: 5.9 CVSS Temporal Score: See: ...
5.9CVSS
6.1AI Score
0.0005EPSS
Apache Tomcat Denial of Service due to improper input validation vulnerability for HTTP/2 requests
Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been...
7.2AI Score
0.0004EPSS
Summary IBM® Db2® is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables. Vulnerability Details ** CVEID: CVE-2023-29267 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as a trap...
5.3CVSS
6.7AI Score
0.0004EPSS
A vulnerability in the Object Groups for Access Control Lists (ACLs) feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass configured access controls on managed devices that are running Cisco Firepower Threat Defense (FTD) Software....
5.8CVSS
7.2AI Score
0.0004EPSS
7.1AI Score
7.1AI Score
Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 8.0 . This advisory also provides guidance on what developers can do to update their...
7.5CVSS
7.5AI Score
0.0005EPSS
Exploit for Out-of-bounds Write in Live2D Cubism Editor
MOC3ingbird DoS 日本語版:README_JA.md This...
8.4AI Score
Summary Security vulnerabilities may affect IBM WebSphere Liberty shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the issue. Vulnerability Details ** CVEID: CVE-2024-25026 DESCRIPTION: **IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty...
7.5CVSS
7.5AI Score
0.0004EPSS
Microsoft Security Advisory CVE-2023-36799: .NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2023-36799: .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their...
6.5CVSS
6AI Score
0.001EPSS
Exploit for Out-of-bounds Write in Polkit Project Polkit
CVE-2021-4034-CTF-writeup This is a CTF pwn challenge that I...
7.8CVSS
8.6AI Score
0.001EPSS
ZendFramework SQL injection due to execution of platform-specific SQL containing interpolations
The Zend\Db component in Zend Framework 2 provides platform abstraction, which is used in particular for SQL abstraction. Two methods defined in the platform interface, quoteValue() and quoteValueList(), allow users to manually quote values for creating SQL statements; these are in turn consumed...
7.7AI Score
A vulnerability in the Object Groups for Access Control Lists (ACLs) feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass configured access controls on managed devices that are running Cisco Firepower Threat Defense (FTD) Software....
5.8CVSS
5.8AI Score
0.0004EPSS
Takes in a ip list and you...
8.6CVSS
6.2AI Score
0.945EPSS
CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN...
8.6CVSS
6.3AI Score
0.945EPSS
Exploit for Use After Free in Microsoft
POC Recreating CVE 2023-36802 Microsoft Streaming...
7.8CVSS
8.6AI Score
0.001EPSS
Security Bulletin: IBM DataPower Gateway is vulnerable to denial of service due to Golang Go
Summary IBM DataPower Gateway is vulnerable to denial of service due to use of Golang Go in DataPower Operator and Prometheus Metrics . (CVE-2024-24783) Vulnerability Details ** CVEID: CVE-2024-24783 DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a flaw in the...
7AI Score
0.0004EPSS
7.1AI Score
Denial of Service (DoS) attack possibility in TYPO3 component Indexed Search
Due to an oversized maximum result limit, TYPO3 component Indexed Search is susceptible to a Denial of Service...
7AI Score
CVE-2024-24919-Sniper ![CVE-2024-24919 Sniper...
8.6CVSS
6.2AI Score
0.945EPSS
Denial of service of Minder Server with attacker-controlled REST endpoint in...
5.3CVSS
6.5AI Score
0.0004EPSS
Microsoft Security Advisory CVE-2023-36049: .NET Elevation of Privilege Vulnerability
Microsoft Security Advisory CVE-2023-36049: .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 7.0 and .NET 8.0 RC2. This advisory also provides guidance on what developers can do.....
9.8CVSS
6.7AI Score
0.001EPSS
ZendFramework Potential Information Disclosure and Insufficient Entropy vulnerabilities
In Zend Framework 2, the Zend\Math\Rand component generates random bytes using the OpenSSL or Mcrypt extensions when available but will otherwise use PHP's mt_rand() function as a fallback. All outputs from mt_rand() are predictable for the same PHP process if an attacker can brute force the seed.....
7.3AI Score
Summary Security vulnerabilities may affect IBM WebSphere Liberty shipped with IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable issue. Vulnerability Details ** CVEID: CVE-2024-22353 DESCRIPTION: **IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 is...
7.5CVSS
7.5AI Score
0.0004EPSS
Microsoft Security Advisory CVE-2024-30046 | .NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2024-30046 | .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 8.0. This advisory also provides guidance on what developers can do to update their...
5.9CVSS
6AI Score
0.0004EPSS
Missing Authorization vulnerability in Brainstorm Force Premium Starter Templates, Brainstorm Force Starter Templates astra-sites.This issue affects Premium Starter Templates: from n/a through 3.2.5; Starter Templates: from n/a through...
6.5CVSS
6.5AI Score
0.0004EPSS
7.1AI Score
7.1AI Score
Malicious code in pipcryptographylibraryv2 (PyPI)
-= Per source details. Do not edit below this...
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
Important: ipa security update
AlmaLinux Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): freeipa: delegation rules allow a proxy service to impersonate any user to access another target...
8.1CVSS
6.9AI Score
0.0005EPSS
Important: idm:DL1 security update
AlmaLinux Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): CVE-2024-2698 freeipa: delegation rules allow a proxy service to impersonate any user to access...
8.1CVSS
6.8AI Score
0.0005EPSS
Summary Vulnerabilities in Curl could allow a remote attacker to bypass security restrictions (CVE-2024-2466, CVE-2024-2004, CVE-2024-2379) or cause a denial of service (CVE-2024-2398). PowerSC uses Curl as part of PowerSC Trusted Network Connect (TNC). Vulnerability Details ** CVEID:...
7.5AI Score
0.0004EPSS
libfrr.so is vulnerable to Denial Of Service (DoS). The vulnerability is due to insufficient handling of NULL return values when calling functions in the get_edge() function within ospf_te.c in the OSPF daemon, resulting in a crash of the daemon and subsequent denial of...
7AI Score
0.0004EPSS
A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected...
5.8CVSS
6.9AI Score
0.0004EPSS
7.1AI Score
7.1AI Score
Man-in-the-middle attacker can compromise integrity of secure channel in golang.org/x/crypto
A protocol weakness allows a MITM attacker to compromise the integrity of the secure channel before it is established, allowing the attacker to prevent transmission of a number of messages immediately after the secure channel is established without either side being aware. The impact of this...
5.9CVSS
7AI Score
0.963EPSS
Denial of Service Vulnerability in Rustls Library
Summary rustls::ConnectionCommon::complete_io could fall into an infinite loop based on network input. Details Verified at 0.22 and 0.23 rustls, but 0.21 and 0.20 release lines are also affected. tokio-rustls and rustls-ffi do not call complete_io and are not affected. rustls::Stream and...
7.5CVSS
7.3AI Score
0.0004EPSS
Denial of Service Vulnerability in Rustls Library
Summary rustls::ConnectionCommon::complete_io could fall into an infinite loop based on network input. Details Verified at 0.22 and 0.23 rustls, but 0.21 and 0.20 release lines are also affected. tokio-rustls and rustls-ffi do not call complete_io and are not affected. rustls::Stream and...
7.5CVSS
7.3AI Score
0.0004EPSS
Mattermost Desktop App Remote Code Execution
Mattermost Desktop App versions <=5.7.0 fail to correctly prompt for permission when opening external URLs which allows a remote attacker to force a victim over the Internet to run arbitrary programs on the victim's system via custom URI...
4.7CVSS
7AI Score
0.0004EPSS
CVE_2024_24919 Vulnerability Scanner This Java tool scans a...
8.6CVSS
6.1AI Score
0.945EPSS
CVE_2024_24919 Vulnerability Scanner This Java tool scans a...
8.6CVSS
6.1AI Score
0.945EPSS
Nextcloud server is an open source personal cloud implementation. Missing brute-force protection on the WebDAV endpoints via the basic auth header allowed to brute-force user credentials when the provided user name was not an email address. Users from version 24.0.0 onward are affected. This issue....
8.1CVSS
7AI Score
0.001EPSS
Microsoft Security Advisory CVE-2023-36799: .NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2023-36799: .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their...
6.5CVSS
6.5AI Score
0.001EPSS