By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution...
5.3CVSS
6.5AI Score
0.002EPSS
7.5CVSS
7.4AI Score
0.004EPSS
Talkback reads notifications of non-current Android user
In buzzBeepBlinkLocked of NotificationManagerService.java, there is a possible way to share data across users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
6.7AI Score
0.0004EPSS
Non-runtime permission flags aren't preserved upon APK updates
In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an app to keep permissions that should be revoked due to incorrect permission flags cleared during an update. This could lead to local escalation of privilege with User execution privileges needed. User...
7.3AI Score
EPSS
GKI kernels contain broken non-upstream Speculative Page Faults MM code
In several functions of the Android Linux kernel, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.7AI Score
0.0004EPSS
Malicious code in @juiggitea/nemo-non-sit (npm)
-= Per source details. Do not edit below this line.=- Source: ghsa-malware (34313e69f7eab944c7cd563239a4fdc8adb6e2f0a7452d31c66703b4665dd02f) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
7AI Score
Malicious code in @juiggitea/libero-non-iste-ut (npm)
-= Per source details. Do not edit below this line.=- Source: ghsa-malware (98094e16fff3197dc2993de28d315c329956f79830ac9fed74a7efda129ff2c0) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
7AI Score
Missing security headers in Action Pack on non-HTML responses
Permissions-Policy is Only Served on HTML Content-Type The application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This has been assigned the CVE identifier CVE-2024-28103. Versions Affected: >= 6.1.0 Not affected: < 6.1.0 Fixed...
9.8CVSS
6.3AI Score
0.001EPSS
containerd started with non-empty inheritable Linux process capabilities
Impact A bug was found in containerd where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during...
7.4AI Score
Missing security headers in Action Pack on non-HTML responses
Permissions-Policy is Only Served on HTML Content-Type The application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This has been assigned the CVE identifier CVE-2024-28103. Versions Affected: >= 6.1.0 Not affected: < 6.1.0 Fixed...
9.8CVSS
6.3AI Score
0.001EPSS
AIX is vulnerable to denial of service due to ISC BIND
IBM SECURITY ADVISORY First Issued: Tue Jun 4 16:06:25 CDT 2024 |Updated: Wed Jun 5 08:17:08 CDT 2024 |Update: Corrected the affected fileset levels to reflect that | bind.rte 7.1.916.2604 and 7.3.916.2601 are vulnerable. The most recent version of this document is available here:...
7.5CVSS
8.1AI Score
0.05EPSS
wolfictl leaks GitHub tokens to remote non-GitHub git servers
Summary A git authentication issue allows a local user’s GitHub token to be sent to remote servers other than github.com. Details Most git-dependent functionality in wolfictl relies on its own git package, which contains centralized logic for implementing interactions with git repositories. Some...
4.4CVSS
7.7AI Score
0.0004EPSS
Missing security headers in Action Pack on non-HTML responses
Permissions-Policy is Only Served on HTML Content-Type The application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This has been assigned the CVE identifier CVE-2024-28103. Versions Affected: >= 6.1.0 Not affected: < 6.1.0 Fixed...
9.8CVSS
5.3AI Score
EPSS
Shopware Non-Persistent XSS in the Frontend
A non-persistent Cross-Site Scripting (XSS) vulnerability has been identified in the Shopware eCommerce platform within the frontend. This vulnerability may allow an attacker to inject and execute malicious scripts in the context of a victim's web...
5.9AI Score
Shopware Non-Persistent XSS in the Frontend
A non-persistent Cross-Site Scripting (XSS) vulnerability has been identified in the Shopware eCommerce platform within the frontend. This vulnerability may allow an attacker to inject and execute malicious scripts in the context of a victim's web...
5.9AI Score
Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND
Summary UPDATED: (Corrected the affected fileset levels to reflect that bind.rte 7.1.916.2604 and 7.3.916.2601 are vulnerable) Multiple vulnerabilities in ISC BIND could allow a remote attacker to cause a denial of service. AIX uses ISC BIND as part of its DNS functions. Vulnerability Details **...
7.5CVSS
8.1AI Score
0.05EPSS
In updateSettingsInternalLI of InstallPackageHelper.java, there is a possible way to sideload an app in the work profile due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.3AI Score
0.0004EPSS
containerd started with non-empty inheritable Linux process capabilities in...
7.1AI Score
Clorius Controls ISC SCADA Detection
Nessus detected the web interface for a Clorius Controls ISC SCADA...
2.1AI Score
h3. Issue Summary When anonymously accessed, the "Related Labels" section shows labels that are tagged on pages in non-anonymous spaces. This is reproducible on the Data Center: yes Pre-condition: Page accessible anonymously has been labelled - e.g. label1 and {}label2{}. Page that is not...
7AI Score
wolfictl leaks GitHub tokens to remote non-GitHub git servers in github.com/wolfi-dev/wolfictl
wolfictl leaks GitHub tokens to remote non-GitHub git servers in...
4.4CVSS
6.4AI Score
0.0004EPSS
Clorius Controls ISC SCADA Information Disclosure
Nessus was able to obtain the contents of '/html/info.htm' on the remote Clorius Contols ISC SCADA device. This page may contain sensitive information such as the firmware version of the device, internal IP address, and MAC...
2AI Score
containerd started with non-empty inheritable Linux process capabilities
Impact A bug was found in containerd where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during...
7.4AI Score
wolfictl leaks GitHub tokens to remote non-GitHub git servers
Summary A git authentication issue allows a local user’s GitHub token to be sent to remote servers other than github.com. Details Most git-dependent functionality in wolfictl relies on its own git package, which contains centralized logic for implementing interactions with git repositories. Some...
4.4CVSS
7.3AI Score
0.0004EPSS
Ant Media Server does not properly authorize non-administrative API calls
Ant Media Server Community Edition in a default configuration is vulnerable to an improper HTTP header based authorization, leading to a possible use of non-administrative API calls reserved only for authorized users. All versions up to 2.9.0 (tested) and possibly newer ones are believed to be...
6.5AI Score
0.0004EPSS
AD Starter Scan - Non-Expiring Account Password
Active Directory accounts can be configured to escape global password renewal policies. Accounts set up like this can be used indefinitely without ever changing their password. User and administrator accounts should never have this attribute set. By default, this check skips disabled accounts. To.....
AI Score
Unsoundness in variable comparison / non-unique binary decomposition in github.com/consensys/gnark
Unsoundness in variable comparison / non-unique binary decomposition in...
7.1CVSS
6.9AI Score
0.001EPSS
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in Uniview ISC 2500-S up to 20210930. Affected by this issue is the function setNatConfig of the file /Interface/DevManage/VM.php. The manipulation of the argument natAddress/natPort/natServerPort...
9.8CVSS
9.7AI Score
0.001EPSS
In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of...
6.5CVSS
2.3AI Score
0.001EPSS
SSL/TLS: Report Non Weak Cipher Suites
This routine reports all Non Weak SSL/TLS cipher suites accepted by a...
7.3AI Score
In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The functio...
6.5CVSS
2.6AI Score
0.001EPSS
Non-Existent Page Physical Path Disclosure Vulnerability
Your web server reveals the physical path of the webroot when asked for a non-existent page. Whilst printing errors to the output is useful for debugging applications, this feature should not be enabled on production...
9.3AI Score
0.109EPSS
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in ISC BIND, caused by an error when processing responses coming from specially crafted DNSSEC-signed zones [CVE-2023-50387]. ISC BIND is included as a Base OS package used by our Service...
7.5CVSS
7AI Score
0.05EPSS
non-solo.ch Cross Site Scripting vulnerability OBB-3914057
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Summary Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in ISC BIND, caused by an error when parsing large DNS messages [CVE-2023-4408]. ISC BIND is included as a Base OS package used by our Service Runtimes. This...
7.5CVSS
6.7AI Score
0.001EPSS
HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace. Fixed in...
5CVSS
4.6AI Score
0.001EPSS
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in ISC BIND, caused by an error when preparing an NSEC3 closest encloser proof. [CVE-2023-50868]. ISC BIND is included as a Base OS package used by our Service Runtimes. This vulnerabilitiy....
6.8AI Score
0.0005EPSS
Timing attack from non-constant time scalar multiplication in github.com/bnb-chain/tss-lib
Timing attack from non-constant time scalar multiplication in...
9.1CVSS
6.9AI Score
0.001EPSS
Ant Media Server does not properly authorize non-administrative API calls
Ant Media Server Community Edition in a default configuration is vulnerable to an improper HTTP header based authorization, leading to a possible use of non-administrative API calls reserved only for authorized users. All versions up to 2.9.0 (tested) and possibly newer ones are believed to be...
6.8AI Score
0.0004EPSS
Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "#cgo LDFLAGS" directive. The arguments for a....
9.8CVSS
9.7AI Score
0.005EPSS
Intel BIOS Guard and PPAM Firmware May 2024 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® BIOS Guard and Platform Properties Assessment Module (PPAM) firmware, which might allow escalation of privilege. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Intel has released updates...
7.2CVSS
7.6AI Score
0.0004EPSS
amphp/artax Cookie leakage to wrong origins and non-restricted cookie acceptance
In artax version before 1.0.6 and 2 before 2.0.6, cookies of foo.bar.example.com were leaked to foo.bar. Additionally, any site could set cookies for any other site. Artax fixed this issue by following newer browser implementations now. Cookies can only be set on domains higher or equal to the...
7AI Score
Exchange Backup Fails With: "Failed to get folder properties. Not allowed to access Non IPM folder"
Due to a recent change in Microsoft 365, the properties of the ‘TeamsMessagesData’ folder cannot be retrieved using the EWS APIs currently used by Veeam Backup for Microsoft...
7AI Score
Timing attack from non-constant time scalar arithmetic in github.com/bnb-chain/tss-lib
Timing attack from non-constant time scalar arithmetic in...
7.5CVSS
6.9AI Score
0.001EPSS
amphp/artax Cookie leakage to wrong origins and non-restricted cookie acceptance
In artax version before 1.0.6 and 2 before 2.0.6, cookies of foo.bar.example.com were leaked to foo.bar. Additionally, any site could set cookies for any other site. Artax fixed this issue by following newer browser implementations now. Cookies can only be set on domains higher or equal to the...
7AI Score
amphp/artax Cookie leakage to wrong origins and non-restricted cookie acceptance
In artax version before 1.0.6 and 2 before 2.0.6, cookies of foo.bar.example.com were leaked to foo.bar. Additionally, any site could set cookies for any other site. Artax fixed this issue by following newer browser implementations now. Cookies can only be set on domains higher or equal to the...
7AI Score
K11342432 : BIG-IP HTTP non-RFC-compliant security exposure
Security Advisory Description This issue occurs when a non-RFC-compliant HTTP request is received by a virtual server on a system matching one of the following conditions: BIG-IP 15.1.0 and later version with a virtual server with an HTTP profile with Enforce RFC Compliance enabled. All supported.....
7.2AI Score
CVE-2019-17567 mod_proxy_wstunnel tunneling of non Upgraded connections
Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation,...
7.4AI Score
0.003EPSS
A potential security vulnerability has been identified in certain HP PC products using HP Sure Admin, which might allow escalation of privilege. HP is releasing mitigation for the potential vulnerability. HP has identified affected platforms and corresponding SoftPaqs with minimum versions that...
7.5AI Score
EPSS
Vault and Vault Enterprise (“Vault”) TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as trusted certificate. In this configuration, an attacker may be able to craft a malicious certificate that could be used to bypass...
8.1CVSS
6.9AI Score
0.0004EPSS