CVE-2024-24919-Exploit Overview This repository contains...
8.6CVSS
6.1AI Score
0.945EPSS
9.8CVSS
7AI Score
0.001EPSS
vyper performs multiple eval of `sqrt()` argument built in
Summary Using the sqrt builtin can result in multiple eval evaluation of side effects when the argument has side-effects. The bug is more difficult (but not impossible!) to trigger as of 0.3.4, when the unique symbol fence was introduced (https://github.com/vyperlang/vyper/pull/2914). A contract...
5.3CVSS
5.4AI Score
0.0004EPSS
An Insecure Direct Object Reference (IDOR) vulnerability was identified in lunary-ai/lunary, affecting versions up to and including 1.2.2. This vulnerability allows unauthorized users to view, update, or delete any dataset_prompt or dataset_prompt_variation within any dataset or project. The issue....
9.4CVSS
6.7AI Score
0.0004EPSS
In lunary-ai/lunary versions 1.2.2 through 1.2.25, an improper access control vulnerability allows users on the Free plan to invite other members and assign them any role, including those intended for Paid and Enterprise plans only. This issue arises due to insufficient backend validation of roles....
5.4CVSS
6.7AI Score
0.0004EPSS
Quarkus-core is vulnerable to Information Exposure. The vulnerability is due to the capture of local environment variables from the Quarkus namespace during the build process, leading to applications inheriting potentially sensitive or test-specific settings at...
7CVSS
6.8AI Score
0.0004EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
log4j-scan-turbo (Multi-threaded scanner) Test for the log4j...
10CVSS
10AI Score
0.976EPSS
An improper access control vulnerability exists in the lunary-ai/lunary repository, specifically within the versions.patch functionality for updating prompts. Affected versions include 1.2.2 up to but not including 1.2.25. The vulnerability allows unauthorized users to update prompt details due to....
7.6CVSS
6.6AI Score
0.0004EPSS
Ollama does not validate the format of the digest (sha256 with 64 hex digits)
Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 hex digits) when getting the model path, and thus mishandles the TestGetBlobsPath test cases such as fewer than 64 hex digits, more than 64 hex digits, or an initial ../...
6.6AI Score
EPSS
CVE-2024-24919-POC A Simple tool to Automate CVE-2024-24919...
8.6CVSS
8.7AI Score
0.945EPSS
In the Linux kernel, the following vulnerability has been resolved: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' Writing 'power' and 'submit_queues' concurrently will trigger kernel panic: Test script: modprobe null_blk nr_devices=0 mkdir -p...
6.9AI Score
0.0004EPSS
Exploit for Improper Authentication in Redhat Keycloak
PoC for CVE-2023-0264 _Keycloak vulnerability that allows...
5CVSS
7.9AI Score
0.001EPSS
(RHSA-2024:2987) Moderate: python27:2.7 security update
Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for.....
7AI Score
0.005EPSS
CVE-2024-26850 mm/debug_vm_pgtable: fix BUG_ON with pud advanced test
In the Linux kernel, the following vulnerability has been resolved: mm/debug_vm_pgtable: fix BUG_ON with pud advanced test Architectures like powerpc add debug checks to ensure we find only devmap PUD pte entries. These debug checks are only done with CONFIG_DEBUG_VM. This patch marks the ptes...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' Writing 'power' and 'submit_queues' concurrently will trigger kernel panic: Test script: modprobe null_blk nr_devices=0 mkdir -p...
6.9AI Score
0.0004EPSS
An privilege escalation issue was discovered in Scada-LTS 2.7.1.1 build 2948559113 allows remote attackers, authenticated in the application as a low-privileged user to change role (e.g., to administrator) by updating their user...
9.9CVSS
9AI Score
0.004EPSS
An Improper Access Control vulnerability exists in the lunary-ai/lunary repository, affecting versions up to and including 1.2.2. The vulnerability allows unauthorized users to view any prompts in any projects by supplying a specific prompt ID to an endpoint that does not adequately verify the...
7.5CVSS
6.6AI Score
0.0004EPSS
PDF Generator for WordPress < 1.1.2 - Cross Site Scripting
The plugin includes a vendored dompdf example file which is susceptible to Reflected Cross-Site Scripting and could be used against high privilege users such as...
6.1CVSS
6AI Score
0.001EPSS
9.9AI Score
An update is available for module.rubygem-abrt, rubygem-mysql2, module.rubygem-pg, ruby, module.rubygem-mysql2, rubygem-abrt, module.ruby, rubygem-pg. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available...
6.8AI Score
CVE-2024-20356 This is a proof of concept for CVE-2024-20356,...
8.7CVSS
7.5AI Score
0.0004EPSS
An issue was discovered in Scada-LTS v2.7.5.2 build 4551883606 and before, allows remote attackers with low-level authentication to escalate privileges, execute arbitrary code, and obtain sensitive information via Event Handlers...
8.8CVSS
7.7AI Score
0.002EPSS
Brocade Enable Login Check Scanner
This module will test a range of Brocade network devices for a privileged logins and report successes. The device authentication mode must be set as 'aaa authentication enable default local'. Telnet authentication, e.g. 'enable telnet authentication', should not be enabled in the device...
7.5AI Score
Exploit for Improper Check for Unusual or Exceptional Conditions in Polkit Project Polkit
Polkit Vulnerability - CVE-2021-3560 :closed_book: ...
7.8CVSS
8.6AI Score
0.012EPSS
A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such...
4.3CVSS
6.7AI Score
0.001EPSS
CVE-2024-21477 Buffer Over-read in WLAN Firmware
Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM)...
7.5CVSS
7AI Score
0.0004EPSS
An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. It was possible for an attacker to cause a denial of service using malicious crafted content in a junit test report...
4.3CVSS
4.3AI Score
0.0004EPSS
Ollama does not validate the format of the digest (sha256 with 64 hex digits)
Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 hex digits) when getting the model path, and thus mishandles the TestGetBlobsPath test cases such as fewer than 64 hex digits, more than 64 hex digits, or an initial ../...
6.6AI Score
EPSS
Exploit for OS Command Injection in Php
PHP RCE PoC CVE-2024-4577: Argument Injection in PHP-CGI...
9.8CVSS
9.8AI Score
0.967EPSS
Exploit for OS Command Injection in Php
PHP RCE PoC CVE-2024-4577: Argument Injection in PHP-CGI...
9.8CVSS
9.8AI Score
0.967EPSS
Exploit for Path Traversal in Microsoft
Fully Weaponized CVE-2021-40444 Malicious docx generator to...
8.8CVSS
7.8AI Score
0.969EPSS
CVE-2024-26661 drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()'
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg is not...
6.8AI Score
0.0004EPSS
9.8CVSS
0.1AI Score
0.972EPSS
7.5CVSS
6.8AI Score
0.0004EPSS
CVE-2024-21477 Buffer Over-read in WLAN Firmware
Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM)...
7.5CVSS
7.7AI Score
0.0004EPSS
Exploit for Command Injection in Apache Airflow
Apache Airflow SQL injection PoC (CVE-2023-22884) **PoC for...
9.8CVSS
10.5AI Score
0.008EPSS
Exploit for Command Injection in Apache Airflow
Apache Airflow SQL injection PoC (CVE-2023-22884) **PoC for...
9.8CVSS
10.5AI Score
0.008EPSS
Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft
Follina Proof of Concept (CVE-2022-30190) Quick and easy...
7.8CVSS
8.6AI Score
0.961EPSS
Exploit for Race Condition in Solarwinds Solarwinds Platform
CVE-2024-28999 Exploit for CVE-2024-28999 SolarWinds Platform...
8.1CVSS
7.1AI Score
0.017EPSS
Exploit for Authentication Bypass by Capture-replay in Microsoft
CVE-2023-23397-POC-Powershell Script functions to either...
9.8CVSS
10AI Score
0.902EPSS
CVE-2021-47565 scsi: mpt3sas: Fix kernel panic during drive powercycle test
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix kernel panic during drive powercycle test While looping over shost's sdev list it is possible that one of the drives is getting removed and its sas_target object is freed but its sdev object remains intact....
6.3AI Score
0.0004EPSS
CVE-2021-46916 ixgbe: Fix NULL pointer dereference in ethtool loopback test
In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix NULL pointer dereference in ethtool loopback test The ixgbe driver currently generates a NULL pointer dereference when performing the ethtool loopback test. This is due to the fact that there isn't a q_vector associated....
5.6AI Score
0.0004EPSS
Recon Tool Installation git clone...
8.6CVSS
8.6AI Score
0.945EPSS
CVE-2024-26661 drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()'
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;" pipe_ctx->stream_res.tg could be NULL, it is relying on the caller to ensure the tg is not...
6.7AI Score
0.0004EPSS
8.8CVSS
6.8AI Score
0.511EPSS
python39:3.9 and python39-devel:3.9 security update
mod_wsgi [4.7.1-7] - Bump release for rebuild Resolves: rhbz#2213595 [4.7.1-6] - Remove rpath Resolves: rhbz#2213837 [4.7.1-5] - Core dumped upon file upload >= 1GB Resolves: rhbz#2125172 [4.7.1-4] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [4.7.1-3] - Rebuilt...
8.1CVSS
6.7AI Score
0.005EPSS
Denial of service in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
The otelhttp package of opentelemetry-go-contrib is vulnerable to a denial-of-service attack. The otelhttp package uses the httpconv.ServerRequest function to annotate metric measurements for the http.server.request_content_length, http.server.response_content_length, and http.server.duration...
7.5CVSS
8.5AI Score
0.005EPSS
buildah security and bug fix update
[1.33.7-2.0.1] - Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117178] [2:1.33.7-2] - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 (https://github.com/containers/buildah/commit/997beea) - Resolves:...
4.9CVSS
7.3AI Score
0.0005EPSS
PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode <= 1.7 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC [paypal_button...
5.6AI Score
0.0004EPSS
Sending an unauthenticated request to the Synchrony allows writing to the logs
h3. Issue Summary It is possible to write log entries via Synchrony API without authentication. h3. Steps to Reproduce To do this, you have to enter the target URL in Postman:, copy the GET or POST request and send the http request. For all POST requests, you must ensure that the content length...
-0.5AI Score