VioStor NVR and QNAP NAS RCE Vulnerability
VioStor NVR firmware version 4.0.3 and possibly earlier versions and QNAP NAS with the Surveillance Station Pro activated contains scripts which could allow any user e.g. guest users to execute scripts which run with administrative privileges. It is possible to execute code on the webserver...
7.2AI Score
0.055EPSS
Exploit for Out-of-bounds Write in Kingsoft Internet Security 9 Plus
CVE-2022-25949 A years-old exploit of a local EoP...
7.8CVSS
7.7AI Score
0.001EPSS
WSO2 Identity Server CSRF And XXE Vulnerabilities
WSO2 Identity Server is prone to a XML external entity (XXE) ...
8.8CVSS
8AI Score
0.021EPSS
Intel Memory And Storage Tool Installed (Windows)
Intel Memory and Storage Tool is installed on the remote Windows...
7.5AI Score
Rockwell FactoryTalk Product and Version Enumeration (Windows)
Rockwell FactoryTalk products are the remote Windows host. This plugin provides a best guess at the software version. Note that the versions detected here do not necessarily indicate the actual installed version nor do they necessarily mean that the application is actually installed on the remote.....
7.3AI Score
Sophos Anti-Virus Detection and Status (Linux)
Sophos Anti-Virus for Linux, a commercial antivirus software package, is installed on the remote host. However, there is a problem with the installation; either its services are not running or its engine and/or virus definitions are out of...
2.5AI Score
ocPortal Arbitrary File Disclosure and XSS Vulnerabilities
ocPortal is prone to multiple cross-site scripting vulnerabilities and an arbitrary file-disclosure vulnerability because the application fails to sufficiently sanitize user-supplied...
6.2AI Score
0.007EPSS
Description The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file uploading feature in all versions up to, and including, 4.1.1 due to insufficient input sanitization and output escaping. This makes.....
6.4CVSS
5.7AI Score
0.001EPSS
libvirt security and bug fix update
[10.0.0-6.2.0.1] - Set SOURCE_DATE_EPOCH from changelog [Orabug: 32019554] [10.0.0-6.2.el9_4] - qemu: Fix migration with custom XML (RHEL-32654) [10.0.0-6.1.el9_4] - Fix off-by-one error in udevListInterfacesByStatus (CVE-2024-1441, RHEL-25081) - remote: check for negative array lengths before...
6.2CVSS
8.3AI Score
0.001EPSS
WeBid Remote File Include and SQLi Vulnerabilities
WeBid to a remote file-include issue and an SQL injection (SQLi) ...
8.4AI Score
Summary A vulnerability in IBM® Runtime Environment Java™ Technology Edition affects the product's management GUI. The Command Line Interface is unaffected. Vulnerability Details ** CVEID: CVE-2023-30441 DESCRIPTION: **IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0...
7.5CVSS
5.8AI Score
0.002EPSS
Attackers in Profile: menuPass and ALPHV/BlackCat
To test the effectiveness of managed services like our Trend Micro managed detection and response offering, MITRE Engenuity™ combined the tools, techniques, and practices of two globally notorious bad actors: menuPass and ALPHV/BlackCat. This blog tells the story of why they were chosen and what...
7.3AI Score
Unrestricted file upload in /main/inc/ajax/work.ajax.php in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP...
8.8CVSS
9AI Score
0.002EPSS
Summary A vulnerability in netty-codec-http affects the Transparent Cloud Tiering function in IBM Storage Virtualize products. Most systems do not have Transparent Cloud Tiering configured. You can confirm by running the lsvolumebackup CLI command - if there is no output, then this feature is not.....
5.3CVSS
6AI Score
0.0004EPSS
IBM MQ Server and Client Installed (Linux)
IBM MQ (formerly IBM WebSphere MQ) message queuing server or related client software is installed on the remote Linux...
1.1AI Score
Joomla! JooProperty Component SQLi and XSS Vulnerabilities
The JooProperty component for Joomla! is prone to an SQL injection (SQLi) vulnerability and a cross-site scripting (XSS) vulnerability because it fails to properly sanitize user-supplied...
6.4AI Score
Joomla Jomdirectory and Advert Components SQLi Vulnerabilities
Joomla with Jomdirectory and/or Advert components is prone to SQL injection...
8.4AI Score
User enumeration is possible by performing a timing attack on the login or password reset pages with user...
7.3AI Score
Consul JWT Auth in L7 Intentions Allow for Mismatched Service Identity and JWT Providers in...
7.4CVSS
6.3AI Score
0.0005EPSS
Moderate: mod_jk and mod_proxy_cluster security update
The mod_jk module is a plugin for the Apache HTTP Server to connect it with the Apache Tomcat servlet engine. The mod_proxy_cluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fix(es): httpd: Apache Tomcat Connectors (mod_jk) Information...
7.5CVSS
9.2AI Score
0.001EPSS
SCG Policy Manager, all versions, contains an overly permissive Cross-Origin Resource Policy (CORP) vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious actions on the application in the context of the authenticated...
7.5CVSS
0.0004EPSS
Grafana Data source and plugin proxy endpoints could leak the authentication cookie to some destination plugins in...
7.5CVSS
7.5AI Score
0.001EPSS
User enumeration is possible by performing a timing attack on the login or password reset pages with user...
7.3AI Score
CVE-2023-45195 Adminer and AdminerEvo SSRF
Adminer and AdminerEvo are vulnerable to SSRF via database connection fields. This could allow an unauthenticated remote attacker to enumerate or access systems the attacker would not otherwise have access to. Adminer is no longer supported, but this issue was fixed in AdminerEvo version...
0.0004EPSS
IBM DB2 and DB2 Connect Detection (credentialed)
IBM DB2 or DB2 Connect, an enterprise database solution, is installed on the remote...
1.3AI Score
CactuShop XSS and SQL injection flaws
The remote host runs CactuShop, an e-commerce web application written in ASP. The remote version of this software is vulnerable to cross-site scripting due to a lack of sanitization of user-supplied data in the...
6.4AI Score
0.011EPSS
SCG Policy Manager, all versions, contains an overly permissive Cross-Origin Resource Policy (CORP) vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious actions on the application in the context of the authenticated...
7.5CVSS
7.1AI Score
0.0004EPSS
Description The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.7.1 via the 'attempt_delete' function due to missing validation on a user controlled key. This makes it possible for...
4.3CVSS
6.6AI Score
0.001EPSS
Oracle RDBMS Host Name and Patch Info
Nessus was able, using the supplied credentials, to query the remote Oracle RDBMS and determine the system hostname and database patch...
1.4AI Score
(RHSA-2024:3316) Important: Migration Toolkit for Applications security and bug fix update
Migration Toolkit for Applications 7.0.3 Images Security Fix(es) from Bugzilla: golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288) webpack-dev-middleware: lack of URL validation may lead to file leak (CVE-2024-29180) axios: exposure of...
7.4AI Score
EPSS
Exploit for Reliance on Cookies without Validation and Integrity Checking in Mgt-Commerce Cloudpanel
CVE-2023-35885 Cloudpanel 0-day Exploit Author: @EagleTube,...
9.8CVSS
9.2AI Score
0.431EPSS
Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that...
7.6AI Score
0.05EPSS
Description The Timetics- AI-powered Appointment Booking with Visual Seat Plan and ultimate Calendar Scheduling plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the make_staff() function in all versions up to, and including, 1.0.21. This.....
7.3CVSS
6.6AI Score
0.0005EPSS
Description The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'postx_presets_callback' function in all versions up to, and including, 4.1.2. This makes it possible for...
8.8CVSS
6.4AI Score
0.001EPSS
Panic in certificate parsing in crypto/x509 and golang.org/x/crypto/cryptobyte
On 32-bit architectures, a malformed input to crypto/x509 or the ASN.1 parsing functions of golang.org/x/crypto/cryptobyte can lead to a panic. The malformed certificate can be delivered via a crypto/tls connection to a client, or to a server that accepts client certificates. net/http clients can.....
7.5CVSS
7.4AI Score
0.02EPSS
Panic on unconsidered isindex and template combination in golang.org/x/net/html
The Parse function can panic on some invalid inputs. For example, the Parse function panics on the input "This is a searchable index. Enter search keywords:...
7.5CVSS
7.5AI Score
0.006EPSS
Description The Responsive Addons – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme. plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file uploader in all versions up to, and including, 3.0.5 due to insufficient input sanitization....
6.4CVSS
5.8AI Score
0.001EPSS
Important: bind and dhcp security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. The...
7.5CVSS
7.8AI Score
0.05EPSS
Unsanitized NUL in environment variables on Windows in syscall and os/exec
Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this...
7.5CVSS
7.3AI Score
0.001EPSS
Summary IBM Event Streams are vulnerable in terms of both confidentiality and integrity. Multiple Java components within IBM Event Streams are susceptible to these vulnerabilities, enabling remote attackers to execute malicious actions through these components. Vulnerability Details ** CVEID:...
7.4CVSS
7.1AI Score
0.001EPSS
DoS (Denial of Service) org.eclipse.jetty:jetty-io Dependency in Crowd Data Center and Server
This High severity org.eclipse.jetty:jetty-io Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This org.eclipse.jetty:jetty-io Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
7.5CVSS
7.1AI Score
0.802EPSS
DoS (Denial of Service) org.apache.struts:struts2-core Dependency in Crowd Data Center and Server
This High severity org.apache.struts:struts2-core Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This org.apache.struts:struts2-core Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
7.5CVSS
7.2AI Score
0.023EPSS
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.3 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
7.5CVSS
7.1AI Score
0.003EPSS
Summary IBM MQ Appliance has addressed XML External Entity (XXE) injection and server-side request forgery vulnerabilities. Vulnerability Details CVEID: CVE-2024-22354 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.5 are.....
7CVSS
7.8AI Score
0.0004EPSS
Unrestricted file upload in /main/inc/ajax/exercise.ajax.php in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP...
8.8CVSS
9AI Score
0.002EPSS
Description The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Back to Top widget in all versions up to, and including, 1.3.975 due to insufficient input sanitization and output escaping on user supplied attributes. This...
6.4CVSS
5.8AI Score
0.0004EPSS
Memory exhaustion in multipart form parsing in net/textproto and net/http
When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a...
7.1AI Score
0.0004EPSS
Worldwide 2023 Email Phishing Statistics and Examples
Explore the need for going beyond built-in Microsoft 365 and Google Workspace™ security based on email threats detected in...
7.4AI Score
Worldwide 2023 Email Phishing Statistics and Examples
Explore the need for going beyond built-in Microsoft 365 and Google Workspace™ security based on email threats detected in...
7.4AI Score
Improper sanitisation in main/inc/lib/fileUpload.lib.php in Chamilo LMS <= v1.11.20 on Windows and Apache installations allows unauthenticated attackers to bypass file upload security protections and obtain remote code execution via uploading of .htaccess file. This vulnerability may be exploite...
9.8CVSS
10AI Score
0.004EPSS