Lucene search

K

SKYLARK HOLDINGS CO., LTD. Security Vulnerabilities

nvd
nvd

CVE-2024-36007

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix warning during rehash As previously explained, the rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with the same priority)...

6.3AI Score

0.0004EPSS

2024-05-20 10:15 AM
nvd
nvd

CVE-2023-4309

Election Services Co. (ESC) Internet Election Service is vulnerable to SQL injection in multiple pages and parameters. These vulnerabilities allow an unauthenticated, remote attacker to read or modify data for any elections that share the same backend database. ESC deactivated older and unused...

9.8CVSS

10AI Score

0.001EPSS

2023-10-10 06:15 PM
nessus
nessus

RHEL 9 : pcp (RHSA-2024:2213)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2213 advisory. Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...

6CVSS

6.4AI Score

0.0004EPSS

2024-04-30 12:00 AM
3
nessus
nessus

RHEL 7 : pcp (RHSA-2020:3869)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3869 advisory. Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level...

8.4CVSS

8.2AI Score

0.001EPSS

2020-09-29 12:00 AM
11
cve
cve

CVE-2023-4309

Election Services Co. (ESC) Internet Election Service is vulnerable to SQL injection in multiple pages and parameters. These vulnerabilities allow an unauthenticated, remote attacker to read or modify data for any elections that share the same backend database. ESC deactivated older and unused...

10CVSS

9.8AI Score

0.001EPSS

2023-10-10 06:15 PM
17
kitploit
kitploit

Hfinger - Fingerprinting HTTP Requests

Tool for Fingerprinting HTTP requests of malware. Based on Tshark and written in Python3. Working prototype stage :-) Its main objective is to provide unique representations (fingerprints) of malware requests, which help in their identification. Unique means here that each fingerprint should be...

7AI Score

2024-06-24 12:30 PM
4
cve
cve

CVE-2020-16163

An issue was discovered in RIPE NCC RPKI Validator 3.x before 3.1-2020.07.06.14.28. RRDP fetches proceed even with a lack of validation of a TLS HTTPS endpoint. This allows remote attackers to bypass intended access restrictions, or to trigger denial of service to traffic directed to co-dependent.....

9.1CVSS

8.9AI Score

0.003EPSS

2020-07-30 04:15 PM
25
nvd
nvd

CVE-2024-35853

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash The rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with the same priority) in the region and in...

6.6AI Score

0.0004EPSS

2024-05-17 03:15 PM
cve
cve

CVE-2024-35854

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash The rehash delayed work migrates filters from one region to another according to the number of available credits. The migrated from region is destroyed at the end....

6.7AI Score

0.0004EPSS

2024-05-17 03:15 PM
26
cve
cve

CVE-2024-35853

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash The rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with the same priority) in the region and in...

6.8AI Score

0.0004EPSS

2024-05-17 03:15 PM
29
ibm
ibm

Security Bulletin: A vulnerability exists in IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager.

Summary Java on z/OS properties files not read correctly under certain locales / codepages vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2 Vulnerability Details ** IBM X-Force ID: PSIRT-ADV0103951 ...

6.2AI Score

2024-05-13 03:07 PM
9
nvd
nvd

CVE-2020-16163

An issue was discovered in RIPE NCC RPKI Validator 3.x before 3.1-2020.07.06.14.28. RRDP fetches proceed even with a lack of validation of a TLS HTTPS endpoint. This allows remote attackers to bypass intended access restrictions, or to trigger denial of service to traffic directed to co-dependent.....

9.1CVSS

9.1AI Score

0.003EPSS

2020-07-30 04:15 PM
cve
cve

CVE-2022-28657

Apport does not disable python crash handler before entering...

7.8CVSS

6.6AI Score

0.0004EPSS

2024-06-04 10:15 PM
21
krebs
krebs

Treasury Sanctions Creators of 911 S5 Proxy Botnet

The U.S. Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5, an online anonymity service that for many years was the easiest and cheapest way to route one's Web traffic through malware-infected computers around the globe....

7.3AI Score

2024-05-28 08:38 PM
14
cve
cve

CVE-2022-28652

~/.config/apport/settings parsing is vulnerable to "billion laughs"...

5.5CVSS

6.6AI Score

0.0004EPSS

2024-06-04 10:15 PM
167
2
cve
cve

CVE-2022-28656

is_closing_session() allows users to consume RAM in the Apport...

5.5CVSS

6.5AI Score

0.0004EPSS

2024-06-04 10:15 PM
15
cve
cve

CVE-2022-28658

Apport argument parsing mishandles filename splitting on older kernels resulting in argument...

5.5CVSS

6.6AI Score

0.0004EPSS

2024-06-04 10:15 PM
35
debiancve
debiancve

CVE-2021-47441

In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: # cat /sys/class/thermal/thermal_zone2/cdev0/type mlxsw_fan # cat...

6.5AI Score

0.0004EPSS

2024-05-22 07:15 AM
4
nessus
nessus

RHEL 8 : pcp (RHSA-2024:3392)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3392 advisory. Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...

8.8CVSS

7.1AI Score

0.0004EPSS

2024-05-28 12:00 AM
cve
cve

CVE-2022-28654

is_closing_session() allows users to fill up...

5.5CVSS

6.5AI Score

0.0004EPSS

2024-06-04 10:15 PM
14
nvd
nvd

CVE-2024-1067

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. On Armv8.0 cores, there are certain combinations of the...

6.3AI Score

0.0004EPSS

2024-05-03 02:15 PM
1
cnvd
cnvd

Arbitrary File Download Vulnerability in Yonghong Z-Suite of Beijing Yonghong Business Intelligence Technology Co.

Yonghong Z-Suite is a one-stop big data analytics platform. Yonghong Z-Suite has an arbitrary file download vulnerability that can be exploited by attackers to obtain sensitive...

7AI Score

2024-04-02 12:00 AM
7
nvd
nvd

CVE-2024-31680

File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting system v.1.0 allows a local attacker to execute arbitrary code via the my_parser.php...

7.2AI Score

0.0004EPSS

2024-04-17 12:15 AM
cve
cve

CVE-2022-28655

is_closing_session() allows users to create arbitrary tcp dbus...

7.1CVSS

6.6AI Score

0.0004EPSS

2024-06-04 10:15 PM
20
cve
cve

CVE-2024-31680

File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting system v.1.0 allows a local attacker to execute arbitrary code via the my_parser.php...

7.5AI Score

0.0004EPSS

2024-04-17 12:15 AM
30
ubuntucve
ubuntucve

CVE-2021-47441

In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: # cat /sys/class/thermal/thermal_zone2/cdev0/type mlxsw_fan # cat...

6.5AI Score

0.0004EPSS

2024-05-22 12:00 AM
3
cve
cve

CVE-2014-125027

A vulnerability has been found in Yuna Scatari TBDev up to 2.1.17 and classified as problematic. Affected by this vulnerability is the function get_user_icons of the file usersearch.php. The manipulation of the argument n/r/r2/em/ip/co/ma/d/d2/ul/ul2/ls/ls2/dl/dl2 leads to cross site scripting....

6.1CVSS

6AI Score

0.001EPSS

2022-12-31 04:15 PM
52
cvelist
cvelist

CVE-2024-31680

File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting system v.1.0 allows a local attacker to execute arbitrary code via the my_parser.php...

7.4AI Score

0.0004EPSS

2024-04-16 12:00 AM
nvd
nvd

CVE-2014-125027

A vulnerability has been found in Yuna Scatari TBDev up to 2.1.17 and classified as problematic. Affected by this vulnerability is the function get_user_icons of the file usersearch.php. The manipulation of the argument n/r/r2/em/ip/co/ma/d/d2/ul/ul2/ls/ls2/dl/dl2 leads to cross site scripting....

6.1CVSS

0.001EPSS

2022-12-31 04:15 PM
cnvd
cnvd

File upload vulnerability in web-based network management system of Xinhua San Technologies Co.(CNVD-2024-18761)

Xinhua San Technology Co., Ltd. is a company that mainly provides research, development, production, sales and service of IT infrastructure products and solutions. A file upload vulnerability exists in the web-based network management system of Xinhua San Technologies Limited, which can be...

7.3AI Score

2024-03-11 12:00 AM
11
nessus
nessus

RHEL 8 : pcp (RHSA-2024:3323)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3323 advisory. Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...

8.8CVSS

7.5AI Score

0.0004EPSS

2024-05-23 12:00 AM
3
nvd
nvd

CVE-2023-6363

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them...

6.3AI Score

0.0004EPSS

2024-05-03 02:15 PM
1
githubexploit
githubexploit

Exploit for OS Command Injection in Contec Sv-Cpt-Mc310 Firmware

CVE-2022-29303-Exploit Exploit for CVE-2022-29303 Usage...

9.8CVSS

9.7AI Score

0.966EPSS

2022-05-31 10:55 PM
225
cve
cve

CVE-2024-3016

NEC Platforms DT900 and DT900S Series 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20 allows an attacker to access a non-documented the system settings to change settings via local network with unauthenticated...

6.7AI Score

0.0004EPSS

2024-05-14 03:39 PM
6
nessus
nessus

RHEL 9 : pcp (RHSA-2024:3321)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3321 advisory. Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...

8.8CVSS

7.5AI Score

0.0004EPSS

2024-05-23 12:00 AM
2
nessus
nessus

RHEL 8 : pcp (RHSA-2024:3324)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3324 advisory. Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...

8.8CVSS

7.5AI Score

0.0004EPSS

2024-05-23 12:00 AM
4
nessus
nessus

FreeBSD : mongodb -- Our init scripts check /proc/[pid]/stat should validate that `(${procname})` is the process' command name. (273c6c43-e3ad-11e9-8af7-08002720423d)

Sicheng Liu of Beijing DBSEC Technology Co., Ltd reports : Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV...

5.3CVSS

4.7AI Score

0.0004EPSS

2019-10-14 12:00 AM
15
nessus
nessus

RHEL 8 : pcp (RHSA-2024:3264)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3264 advisory. Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...

8.8CVSS

8.8AI Score

0.0004EPSS

2024-05-23 12:00 AM
5
nessus
nessus

RHEL 8 : pcp (RHSA-2024:3322)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3322 advisory. Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...

8.8CVSS

7.5AI Score

0.0004EPSS

2024-05-23 12:00 AM
2
nessus
nessus

RHEL 9 : pcp (RHSA-2024:3325)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3325 advisory. Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...

8.8CVSS

7.5AI Score

0.0004EPSS

2024-05-23 12:00 AM
3
nessus
nessus

Microsoft IIS Dangerous Sample Files Detection

Some of the IIS sample files are present. They all contain various security flaws which could allow an attacker to execute arbitrary commands, read arbitrary files or gain valuable information about the remote...

8AI Score

2000-04-15 12:00 AM
95
vulnrichment
vulnrichment

CVE-2024-36007 mlxsw: spectrum_acl_tcam: Fix warning during rehash

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix warning during rehash As previously explained, the rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with the same priority)...

6.7AI Score

0.0004EPSS

2024-05-20 09:48 AM
1
vulnrichment
vulnrichment

CVE-2024-35853 mlxsw: spectrum_acl_tcam: Fix memory leak during rehash

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash The rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with the same priority) in the region and in...

6.9AI Score

0.0004EPSS

2024-05-17 02:47 PM
2
vulnrichment
vulnrichment

CVE-2024-35855 mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update The rule activity update delayed work periodically traverses the list of configured rules and queries their activity from the device. As part of this...

6.8AI Score

0.0004EPSS

2024-05-17 02:47 PM
cvelist
cvelist

CVE-2024-35855 mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update The rule activity update delayed work periodically traverses the list of configured rules and queries their activity from the device. As part of this...

6.4AI Score

0.0004EPSS

2024-05-17 02:47 PM
redhat
redhat

(RHSA-2023:7370) Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags (CVE-2023-3812) kernel: net/sched: multiple vulnerabilities (CVE-2023-3609, CVE-2023-4128,...

8.4AI Score

0.024EPSS

2023-11-21 08:13 AM
21
cvelist
cvelist

CVE-2024-35854 mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash The rehash delayed work migrates filters from one region to another according to the number of available credits. The migrated from region is destroyed at the end....

6.4AI Score

0.0004EPSS

2024-05-17 02:47 PM
1
talosblog
talosblog

Operation Celestial Force employs mobile and desktop malware to target Indian entities

By Gi7w0rm, Asheer Malhotra and Vitor Ventura. Cisco Talos is disclosing a new malware campaign called "Operation Celestial Force" running since at least 2018. It is still active today, employing the use of GravityRAT, an Android-based malware, along with a Windows-based malware loader we track...

7.2AI Score

2024-06-13 10:00 AM
2
openbugbounty
openbugbounty

co-players.gr Improper Access Control vulnerability OBB-3832213

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

7AI Score

2024-01-11 06:30 PM
6
cve
cve

CVE-2023-34301

Ashlar-Vellum Cobalt CO File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the...

7.8CVSS

8AI Score

0.001EPSS

2024-05-03 02:15 AM
26
Total number of security vulnerabilities15475