Important: ipa security update
AlmaLinux Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): freeipa: delegation rules allow a proxy service to impersonate any user to access another target...
8.1CVSS
7.2AI Score
0.0005EPSS
Important: idm:DL1 security update
AlmaLinux Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): CVE-2024-2698 freeipa: delegation rules allow a proxy service to impersonate any user to access...
8.1CVSS
6.9AI Score
0.0005EPSS
A vulnerability was found in quarkus-core. This vulnerability occurs because the TLS protocol configured with quarkus.http.ssl.protocols is not enforced, and the client can force the selection of the weaker supported TLS...
8.1CVSS
7.9AI Score
0.001EPSS
7.5AI Score
EPSS
Inappropriate implementation in in Permission prompts in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to force acceptance of a permission prompt via a crafted HTML page. (Chromium security severity:...
6.5CVSS
5.2AI Score
0.002EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
log4shell-finder - Fastest file system scanner for log4j...
8AI Score
Exploit for Deserialization of Untrusted Data in Apache Log4J
Log4jShell_1.x Log4j RCE 1.x Poc Attack...
1.7AI Score
Denial of service in github.com/openfga/openfga
OpenFGA is vulnerable to a denial of service attack when certain Check and ListObjects calls are executed against authorization models that contain circular relationship...
7.5CVSS
6.7AI Score
0.001EPSS
Improper handling of keyspaces in vitess.io/vitess
Users can create a keyspace containing '/'. Future attempts to view keyspaces from some tools (including VTAdmin and "vtctldclient GetKeyspaces") receive an...
4.1CVSS
3.6AI Score
0.001EPSS
CVE-2024-24919 Exploit CVE Identifier: CVE-2024-24919...
8.6CVSS
6.2AI Score
0.945EPSS
golang.org/x/net/html has Improper Restriction of Operations within the Bounds of a Memory Buffer
The html package (aka x/net/html) through 2018-09-17 in Go mishandles This is a searchable index. Enter search keywords: , leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse...
7.5CVSS
7.3AI Score
0.006EPSS
Denial of service in Open Policy Agent
An issue in the AST parser (ast/compile.go) of Open Policy Agent v0.10.2 allows attackers to cause a Denial of Service (DoS) via a crafted...
7.5CVSS
4.9AI Score
0.001EPSS
Aimeos denial of service vulnerability in SaaS and marketplace setups
All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service...
7.1AI Score
CVE-2023-52463 efivarfs: force RO when remounting if SetVariable is not supported
In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as RO so no one can...
6.7AI Score
0.0004EPSS
Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress. This issue affects Apache Commons Compress: from 1.3 through 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the...
8.1CVSS
7AI Score
0.001EPSS
CVE-2024-24919-POC Read about it -...
8.6CVSS
6.5AI Score
0.945EPSS
A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are...
6.8AI Score
An issue has been discovered in GitLab EE affecting all versions from 16.7 before 16.9.7, all versions starting from 16.10 before 16.10.5, all versions starting from 16.11 before 16.11.2. An attacker could force a user with an active SAML session to approve an MR via...
5.7CVSS
6AI Score
0.0004EPSS
Exploit for CVE-2024-24919 Description This Python...
8.6CVSS
6.1AI Score
0.945EPSS
CRI-O's pods can break out of resource confinement on cgroupv2 in github.com/cri-o/cri-o
CRI-O's pods can break out of resource confinement on cgroupv2 in...
7.5CVSS
6.7AI Score
0.001EPSS
OpenStack Glance Denial of service by creating a large number of images
OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting them before the...
6.8AI Score
0.007EPSS
Exploit for Use of Hard-coded Credentials in Dlink Dns-320L Firmware
Unauthenticated RCE Backdoor authentication...
8.2AI Score
Use Of A Broken Or Risky Cryptographic Algorithm
asymmetricrypt/asymmetricrypt is vulnerable to Use Of A Broken Or Risky Cryptographic Algorithm. The vulnerability is due to insecure padding within PKCS v1.5, which allows an attacker to brute force the encrypted...
7AI Score
[4.11.0-15.0.1] - Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674] - Add bind to ipa-server-common Requires [Orabug: 36518596] [4.11.0-15] - Resolves: RHEL-32231 CVE-2024-3183 ipa: freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute...
8.1CVSS
6.5AI Score
0.0005EPSS
Regular Expression Denial Of Service (ReDoS)
mathjax is vulnerable to Regular Expression Denial of Service (ReDoS). The vulnerability exists due to inefficient regular expression complexity in the components and markdown patterns, which allows an attacker to slow down the application if they can control the input to the MathJax.Message.Set()....
7.5CVSS
6.8AI Score
0.0005EPSS
In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a (different) attacker-controlled executable file. It.....
9.8CVSS
9AI Score
0.003EPSS
In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a (different) attacker-controlled executable file. It.....
9.8CVSS
8.7AI Score
0.003EPSS
In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a (different) attacker-controlled executable file. It.....
7AI Score
0.003EPSS
7.1AI Score
7.1AI Score
Denial of Service in rack-contrib via "profiler_runs" parameter
rack-contrib prior to version 2.5.0 is vulnerable to a Denial of Service via the profiler_runs HTTP request parameter. Versions Affected: < 2.5.0 Fixed Versions: >= 2.5.0 Impact An attacker can trigger a Denial of Service by sending an HTTP request with an overly large profiler_runs parameter...
6.9AI Score
EPSS
Etcd auth Inaccurate logging of authentication attempts for users with CN-based auth only in...
7.4AI Score
Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC
An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory...
8.2CVSS
8.1AI Score
0.001EPSS
Improper Neutralization of Special Elements in Output in helm.sh/helm/v3
Since Helm 2 was released, a well-documented aspect of Helm is that the Helm chart's version number MUST follow the SemVer2 specification. In the past, Helm would not permit charts with malformed versions. At some point, a patch was merged that changed this - On a version parse error, the version.....
6.8CVSS
0.3AI Score
0.001EPSS
In CreateAudioBroadcast of broadcaster.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.2AI Score
0.0004EPSS
Django Regex Algorithmic Complexity Causes Denial of Service
Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a crafted (1) EmailField (email address) or (2) URLField (URL) that triggers a large amount of backtracking in a...
6.1AI Score
0.061EPSS
CVE-2024-24919 Usage Usage: ./CVE-2024-24919.sh -i ...
8.6CVSS
6.3AI Score
0.945EPSS
CVE-2024-24919 Usage Usage: ./CVE-2024-24919.sh -i ...
8.6CVSS
6.3AI Score
0.945EPSS
OpenStack Glance Denial of service by creating a large number of images
OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting them, a different...
6.8AI Score
0.007EPSS
Mattermost fails to properly restrict the access of files attached to posts in...
3.1CVSS
6.6AI Score
0.0004EPSS
Minio unsafe default: Access keys inherit admin of root user, allowing privilege escalation in...
8.8CVSS
7AI Score
0.002EPSS
A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.....
8.6CVSS
8.7AI Score
0.002EPSS
A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.....
8.6CVSS
7.2AI Score
0.002EPSS
Precor touchscreen console P82 contains a private SSH key that corresponds to a default public key. A remote attacker could exploit this to gain root...
0.0004EPSS
CVE-2024-24919 Checker A simple bash script to check for the...
8.6CVSS
6.2AI Score
0.945EPSS
Summary A sensitive information disclosure vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2024-35119 DESCRIPTION: **IBM InfoSphere Information Server could allow a remote attacker to obtain sensitive information when a detailed technical...
5.3CVSS
6AI Score
0.0004EPSS
In CreateAudioBroadcast of broadcaster.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.2AI Score
0.0004EPSS
In acc_ctrlrequest_composite of f_accessory.c, there is a possible out of bounds write due to a missing bounds check. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is needed for...
6.6CVSS
6.9AI Score
0.0005EPSS
CVE-2024-24919 Exploit script for...
8.6CVSS
6.3AI Score
0.945EPSS
A JSON Injection vulnerability exists in the mintplex-labs/anything-llm application, specifically within the username parameter during the login process at the /api/request-token endpoint. The vulnerability arises from improper handling of values, allowing attackers to perform brute force attacks.....
5.3CVSS
7.3AI Score
0.0004EPSS