CVE-2022-31625 affecting package php 7.4.14-3
CVE-2022-31625 affecting package php 7.4.14-3. This CVE either no longer is or was never...
8.1CVSS
9.8AI Score
0.004EPSS
CVE-2021-21708 affecting package php 7.4.14-3
CVE-2021-21708 affecting package php 7.4.14-3. This CVE either no longer is or was never...
9.8CVSS
9.9AI Score
0.003EPSS
Releases Ubuntu 24.04 LTS Ubuntu 23.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages mysql-8.0 - MySQL database Details Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.37 in Ubuntu 20.04...
5.3CVSS
7.5AI Score
0.001EPSS
CVE-2021-21707 affecting package php 7.4.14-3
CVE-2021-21707 affecting package php 7.4.14-3. This CVE either no longer is or was never...
5.3CVSS
9.6AI Score
0.001EPSS
CVE-2007-3205 affecting package php 8.1.29-1
CVE-2007-3205 affecting package php 8.1.29-1. No patch is available...
6.7AI Score
0.065EPSS
CVE-2021-21705 affecting package php 7.4.14-3
CVE-2021-21705 affecting package php 7.4.14-3. This CVE either no longer is or was never...
5.3CVSS
6.6AI Score
0.001EPSS
CVE-2021-21703 affecting package php 7.4.14-3
CVE-2021-21703 affecting package php 7.4.14-3. This CVE either no longer is or was never...
7.8CVSS
9.6AI Score
0.001EPSS
CVE-2022-31626 affecting package php 7.4.14-3
CVE-2022-31626 affecting package php 7.4.14-3. This CVE either no longer is or was never...
8.8CVSS
9.8AI Score
0.008EPSS
Exploit for Out-of-bounds Write in Polkit Project Polkit
██████╗ ██╗ ██╗██╗ ██╗███╗ ██╗███████╗██████╗ ██╔══██...
8AI Score
CVE-2020-7071 affecting package php 7.4.14-3
CVE-2020-7071 affecting package php 7.4.14-3. This CVE either no longer is or was never...
5.3CVSS
6.6AI Score
0.006EPSS
CVE-2022-31628 affecting package php 7.4.14-3
CVE-2022-31628 affecting package php 7.4.14-3. This CVE either no longer is or was never...
5.5CVSS
9.9AI Score
0.0005EPSS
CVE-2017-9118 affecting package php 7.4.14-3
CVE-2017-9118 affecting package php 7.4.14-3. This CVE either no longer is or was never...
7.5CVSS
7.5AI Score
0.002EPSS
io. strimzi, strimzi is vulnerable to Missing Authentication. The vulnerability is due to improper access control implementation in the Kafka Connect REST API within the STRIMZI Project. The vulnerability allows attackers to exploit the API to potentially deny service for Kafka Mirroring, mirror...
6.7AI Score
0.0004EPSS
Exploit for Out-of-bounds Write in Polkit Project Polkit
CVE-2021-4034 Precompiled builds for CVE-2021-4034. Of...
7.8CVSS
8.5AI Score
0.001EPSS
Summary IBM® Db2® is vulnerable to a denial of service with a specially crafted query under certain conditions. Vulnerability Details ** CVEID: CVE-2024-28762 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) is vulnerable to denial of service with a specially...
5.3CVSS
6.5AI Score
0.0004EPSS
Exploit for Server-Side Request Forgery in Fusion Builder Project Fusion Builder
Fubucker | CVE-2022-1386 - Fusion Builder Automatic Mass Tool...
9.6AI Score
Summary IBM® Db2® is vulnerable to a denial of service, under specific configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. Vulnerability Details ** CVEID: CVE-2024-31880 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2...
7AI Score
EPSS
Cross-Site Scripting (XSS) in TYPO3 component CSS styled content
Failing to properly encode user input, the CSS styled content component is susceptible to Cross-Site Scripting, allowing authenticated editors to inject arbitrary HTML or...
6.8AI Score
Cross-Site Scripting (XSS) in TYPO3 component CSS styled content
Failing to properly encode user input, the CSS styled content component is susceptible to Cross-Site Scripting, allowing authenticated editors to inject arbitrary HTML or...
6.8AI Score
7.1AI Score
Exploit for Off-by-one Error in Sudo Project Sudo
CVE-2021-3156 [toc] 漏洞简介 漏洞编号: CVE-2021-3156...
7.8CVSS
7.9AI Score
0.97EPSS
New php packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: extra/php81/php81-8.1.29-i586-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: Bypass of CVE-2012-1823, Argument Injection in...
9.8CVSS
7.7AI Score
0.973EPSS
Summary IBM® Db2® is vulnerable to a denial of service as the server may crash when using a specially crafted query on certain columnar tables by an authenticated user. Vulnerability Details ** CVEID: CVE-2024-31881 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server)...
6.5CVSS
6.5AI Score
0.0004EPSS
Summary IBM® Db2® is affected by a vulnerability in the open source zlib library. Vulnerability Details ** CVEID: CVE-2023-45853 DESCRIPTION: **MiniZip is vulnerable to a denial of service, caused by an integer overflow and resultant heap-based buffer overflow in the zipOpenNewFileInZip4_64...
9.8CVSS
7.2AI Score
0.001EPSS
CVE-2024-4577 affecting package php for versions less than 8.1.29-1
CVE-2024-4577 affecting package php for versions less than 8.1.29-1. An upgraded version of the package is available that resolves this...
9.8CVSS
7AI Score
0.967EPSS
7.1AI Score
CVE-2024-5458 affecting package php for versions less than 8.1.29-1
CVE-2024-5458 affecting package php for versions less than 8.1.29-1. An upgraded version of the package is available that resolves this...
5.3CVSS
6.9AI Score
0.001EPSS
CVE-2024-5585 affecting package php for versions less than 8.1.29-1
CVE-2024-5585 affecting package php for versions less than 8.1.29-1. An upgraded version of the package is available that resolves this...
8.8CVSS
6.9AI Score
0.001EPSS
CVE-2024-2408 affecting package php for versions less than 8.1.29-1
CVE-2024-2408 affecting package php for versions less than 8.1.29-1. An upgraded version of the package is available that resolves this...
5.9CVSS
6.9AI Score
0.001EPSS
7.4AI Score
AMD SPI Lock Bypass June 2024 Security Update
AMD has informed HP of a potential weakness in AMD SPI protection features, which might allow arbitrary code execution. AMD is releasing firmware updates and HP is enabling AMD ROM Armor to mitigate these vulnerabilities. AMD has released updates to mitigate the potential vulnerability. HP has...
8.2CVSS
8AI Score
0.0004EPSS
Summary IBM® Db2® federated server is affected by vulnerabilities in the open source commons-configuration2 library when using the NoSQL Hadoop wrapper. Vulnerability Details ** CVEID: CVE-2024-29131 DESCRIPTION: **Apache Commons Configuration could allow a remote attacker to execute arbitrary...
7.7AI Score
0.0004EPSS
K000138460: Multiple MySQL vulnerabilities
Security Advisory Description CVE-2024-20960 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: RAPID). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access...
6.5CVSS
6.1AI Score
0.001EPSS
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.37 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10, and Ubuntu 24.04 LTS. In addition to security fixes, the updated packages contain bug...
5.3CVSS
7.1AI Score
0.001EPSS
Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about an identity spoofing vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...
8.8CVSS
6.5AI Score
0.0004EPSS
ua-parser/uap-php ReDoS vulnerability
A regex expression in ua-parser/uap-php could lead to a ReDoS vulnerability in versions prior to...
6.9AI Score
Intel Chipset Device Software May 2024 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Chipset Device Software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...
6.7CVSS
7.1AI Score
0.0004EPSS
Summary IBM® Db2® is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables. Vulnerability Details ** CVEID: CVE-2023-29267 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as a trap...
5.3CVSS
6.7AI Score
0.0004EPSS
[SECURITY] Fedora 39 Update: php-8.2.20-1.fc39
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
9.8CVSS
7.3AI Score
0.973EPSS
Summary IBM® Db2® NSE (Net Search Extender) is affected by a vulnerability in the open source Expat library. Vulnerability Details ** CVEID: CVE-2024-28757 DESCRIPTION: **libexpat could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external entity...
6.1AI Score
0.0004EPSS
Bouncy Castle Java Cryptography APIs are vulnerable to improper SSL/TLS hostname verification. The vulnerability is due to hostname verification potentially being performed against a DNS-resolved IP address when no explicit hostname is provided, which could lead to DNS poisoning...
6.7AI Score
0.0004EPSS
In onSaveRingtone of DefaultRingtonePreference.java, there is a possible inappropriate file read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
6.1AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: php-8.3.8-1.fc40
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
9.8CVSS
7.3AI Score
0.973EPSS
9.8CVSS
6.9AI Score
0.967EPSS
Releases Ubuntu 24.04 LTS Ubuntu 23.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages php7.4 - HTML-embedded scripting language interpreter php8.1 - HTML-embedded scripting language interpreter php8.2 - server-side, HTML-embedded scripting language (metapackage) php8.3 - server-side, HTML-embedded...
6.8AI Score
Releases Ubuntu 23.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 ESM Ubuntu 16.04 ESM Packages roundcube - skinnable AJAX based webmail solution for IMAP servers - metapack Details Matthieu Faou and Denys Klymenko discovered that Roundcube incorrectly handled certain SVG images. A remote...
6.1CVSS
7.7AI Score
0.007EPSS
All-In-One Video Gallery <=2.6.0 - Server-Side Request Forgery
WordPress All-in-One Video Gallery plugin through 2.6.0 is susceptible to arbitrary file download and server-side request forgery (SSRF) via the 'dl' parameter found in the ~/public/video.php file. An attacker can download sensitive files hosted on the affected server and forge requests to the...
8.2CVSS
7.9AI Score
0.032EPSS
Album and Image Gallery plus Lightbox < 2.1 - Unauthenticated Arbitrary Shortcode Execution
Description The The Album and Image Gallery plus Lightbox plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0. This is due to the software allowing users to execute an action that does not properly validate a value before running...
6.5CVSS
7.5AI Score
0.001EPSS
Summary Security vulnerabilities have been identified in Java that affect Tivoli System Automation for Multiplatforms (TSAMP) shipped as a component of IBM Db2. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions TSAMP...
7.5CVSS
6.8AI Score
0.001EPSS
Exploit for Out-of-bounds Write in Polkit Project Polkit
CVE-2021-4034-PwnKit PwnKit PoC for Polkit pkexec...
7.8CVSS
8.6AI Score
0.001EPSS