libmodbus is vulnerable to Denial of Service (DoS). The vulnerability is due to an invalid pointer in the modbus_receive() function, triggered by a crafted message sent to the unit-test-server, which results in Denial of Service...
6.3AI Score
EPSS
OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the joborderID...
6.1CVSS
6.1AI Score
0.001EPSS
Oracle Application Testing Suite Detection
Oracle Application Testing suite, an integrated testing solution, is installed on the remote...
1.1AI Score
8.1CVSS
8.2AI Score
0.001EPSS
Exploit for Command Injection in Ivanti Connect Secure
🚨 CVE-2024-21887 Exploit Tool 🛠️ A robust tool for detecting...
9.1CVSS
8.2AI Score
0.969EPSS
An issue was discovered in drivers/media/test-drivers/vidtv/vidtv_bridge.c in the Linux kernel 6.2. There is a NULL pointer dereference in vidtv_mux_stop_thread. In vidtv_stop_streaming, after dvb->mux=NULL occurs, it executes...
5.5CVSS
6.3AI Score
0.0004EPSS
Opencats v0.9.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component...
6.1CVSS
6.1AI Score
0.001EPSS
OpenCATS v0.9.6 was discovered to contain a remote code execution (RCE) vulnerability via the getDataGridPager's ajax...
9.8CVSS
8.3AI Score
0.004EPSS
OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the email parameter in the Check Email...
6.1CVSS
6.1AI Score
0.001EPSS
OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the indexFile...
6.1CVSS
6.1AI Score
0.001EPSS
Galaxy is an open-source platform for data analysis. An arbitrary file read exists in Galaxy 22.01 and Galaxy 22.05 due to the switch to Gunicorn, which can be used to read any file accessible to the operating system user under which Galaxy is running. This vulnerability affects Galaxy 22.01 and...
8.6CVSS
6.9AI Score
0.001EPSS
This repository hosts source code implementing the Trusted Computing Group's (TCG) TPM2 Software Stack (TSS). The JSON Quote Info returned by Fapi_Quote has to be deserialized by Fapi_VerifyQuote to the TPM Structure TPMS_ATTEST. For the field TPM2_GENERATED magic of this structure any number can.....
4.3CVSS
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use access_width over bit_width for system memory accesses To align with ACPI 6.3+, since bit_width can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was uncovered on the Cobalt....
6.8AI Score
0.0004EPSS
I take no Liability & Warranty on this script please fully test...
4.6CVSS
4.7AI Score
0.001EPSS
A stored cross-site scripting (XSS) vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the state parameter at...
5.4CVSS
5.7AI Score
0.001EPSS
A Cross-Site Request Forgery (CSRF) in OpenCATS 0.9.7 allows attackers to force users into submitting web requests via unspecified...
4.3CVSS
7.2AI Score
0.001EPSS
A stored cross-site scripting (XSS) vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the city parameter at...
5.4CVSS
5.7AI Score
0.001EPSS
Opencats v0.9.7 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /opencats/index.php?m=calendar. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description or Title text...
5.4CVSS
5.3AI Score
0.001EPSS
Opencats v0.9.7 was discovered to contain a SQL injection vulnerability via the importID parameter in the Import viewerrors...
9.8CVSS
9.8AI Score
0.001EPSS
CVE-2024-24919 Exploit CVE Identifier: CVE-2024-24919...
8.6CVSS
6.2AI Score
0.945EPSS
Exploit for Improper Initialization in Linux Linux Kernel
CVE-2022-0847 my personal poc and exploit of...
7.8CVSS
8.1AI Score
0.076EPSS
Exploit for Out-of-bounds Write in Google Chrome
CVE-2023-4863 ```bash # checkout webp git clone...
8.8CVSS
8.7AI Score
0.609EPSS
(RHSA-2024:2619) Moderate: rh-mysql80-mysql security update
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql80-mysql (8.0.36) Security fixes: mysql: Client programs unspecified vulnerability...
8.1AI Score
0.002EPSS
AjaxDomainServlet in Zoho ManageEngine ServiceDesk Plus 10 allows User Enumeration. NOTE: the vendor's position is that this is intended...
5.3CVSS
5.3AI Score
0.03EPSS
AjaxDomainServlet in Zoho ManageEngine ServiceDesk Plus 10 allows User Enumeration. NOTE: the vendor's position is that this is intended...
6.8AI Score
0.03EPSS
Nginx-UI vulnerable to arbitrary file write through the Import Certificate feature
Summary The Import Certificate feature allows arbitrary write into the system. The feature does not check if the provided user input is a certification/key and allows to write into arbitrary paths in the system....
9.8CVSS
7.9AI Score
0.002EPSS
A denial of service issue was discovered in GitLab CE/EE affecting all versions starting from 13.2.4 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2 which allows an attacker to cause high resource consumption using malicious test...
7.5CVSS
6.7AI Score
0.001EPSS
ruby:3.1 security, bug fix, and enhancement update
An update is available for rubygem-mysql2, module.rubygem-pg, ruby, module.rubygem-mysql2, rubygem-pg, module.ruby. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
6.5AI Score
EPSS
In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in...
5.5CVSS
6.6AI Score
0.0004EPSS
perl-Algorithm-Diff perl-Archive-Tar perl-Archive-Zip perl-autodie perl-bignum perl-Carp perl-Compress-Bzip2 perl-Compress-Raw-Bzip2 perl-Compress-Raw-Lzma perl-Compress-Raw-Zlib [2.096-2] - Fix test broken by update in zlib on s390x - Related: RHEL-16371 perl-Config-Perl-V perl-constant...
7.8CVSS
6.8AI Score
0.0004EPSS
podman security and bug fix update
[4.9.4-4.0.1] - Improved saving remote build context to tarfile in Podman daemon [Orabug: 36495655] - Add devices on container startup, not on creation - Backport fast gzip for compression [Orabug: 36420418] - overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694] - Drop nmap-ncat...
4.9CVSS
7.5AI Score
0.0005EPSS
AjaxDomainServlet in Zoho ManageEngine ServiceDesk Plus 10 allows User Enumeration. NOTE: the vendor's position is that this is intended...
5.3CVSS
5.3AI Score
0.03EPSS
6.9AI Score
0.001EPSS
Uncontrolled search path element in the PresentMon software maintained by Intel(R) before version 1.7.1 may allow an authenticated user to potentially enable escalation of privilege via local...
7.3CVSS
7.1AI Score
0.0004EPSS
github.com/ollama/ollama is vulnerable to Improper Input Validation. The vulnerability is due to improper validation of the digest format sha256 with 64 hex digits) when getting the model path, which results in the mishandling of the TestGetBlobsPath test cases with fewer than 64 hex digits, more.....
6.4AI Score
EPSS
Exploit for Link Following in Git
CVE-2024-32002 RCE PoC Overview This repository contains...
9CVSS
9.4AI Score
0.002EPSS
ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests to web_shell_cmd.gch, as demonstrated by using "set TelnetCfg" commands to enable a TELNET service with specified...
6.6AI Score
0.956EPSS
8.8AI Score
Exploit for Code Injection in Exiftool Project Exiftool
Exploit for CVE-2021-22204 (ExifTool) - Arbitrary Code...
7.8CVSS
8.5AI Score
0.89EPSS
Improper input validation in some OpenVINO Model Server software before version 2022.3 for Intel Distribution of OpenVINO toolkit may allow an unauthenticated user to potentially enable denial of service via network...
7.5CVSS
6.9AI Score
0.001EPSS
Grafana is an open-source platform for monitoring and observability. The option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does not check access...
6.4CVSS
7.1AI Score
0.001EPSS
Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fix(es): keylime: Attestation failure when the quote's signature does not validate (CVE-2023-3674) For more details about the security issue(s), including the impact, a CVSS score,...
2.8CVSS
6.8AI Score
0.0004EPSS
Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management...
7.5CVSS
7.6AI Score
0.0005EPSS
An invalid pointer in the modbus_receive() function of libmodbus v3.1.6 allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the...
6.6AI Score
EPSS
10CVSS
7.5AI Score
0.001EPSS
Exploit for Path Traversal in Aiohttp
CVE-2024-23334 Exploit and PoC This repository contains a...
7.5CVSS
6.8AI Score
0.052EPSS
test files cause mpeg2 mediaextractor crash
In ElementaryStreamQueue::dequeueAccessUnitH264() of ESQueue.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for...
6.5CVSS
6.7AI Score
0.001EPSS
9.8CVSS
9.7AI Score
0.937EPSS
An invalid pointer in the modbus_receive() function of libmodbus v3.1.6 allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the...
6.5AI Score
EPSS
[SECURITY] Fedora 40 Update: rust-uu_test-0.0.23-3.fc40
test ~ (uutils) evaluate comparison and file type...
7.3AI Score