Unlimited number of NTS-KE connections can crash ntpd-rs server
Summary Missing limit for accepted NTS-KE connections allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such as the default ntpd-rs configuration, are unaffected. Details Operating systems have a limit for the number...
7.5CVSS
7AI Score
0.0004EPSS
Twig Path Traversal vulnerability in the filesystem loader
Twig is affected by path traversal vulnerability when used with Twig_Loader_Filesystem for loading Twig templates but only if the application is using non-trusted template names (names provided by a end-user for instance). When affected, it is possible to go up one directory for the paths...
6.8AI Score
eMerge E3 1.00-06 - Local File Inclusion
Linear eMerge E3-Series devices are vulnerable to local file...
7.5CVSS
7.4AI Score
0.808EPSS
Moderate: vorbis-tools security update
The vorbis-tools packages provide an encoder, a decoder, a playback tool, and a comment editor for Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed audio format. Security Fix(es): vorbis-tools: Buffer Overflow vulnerability...
7.8CVSS
6.5AI Score
0.001EPSS
RHEL 5 : bind97 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. bind: An error in TSIG authentication can permit unauthorized dynamic updates (CVE-2017-3143) named in...
7.5CVSS
7.3AI Score
0.944EPSS
Directus is soft-locked by providing a string value to random string util
Describe the Bug Providing a non-numeric length value to the random string generation utility will create a memory issue breaking the capability to generate random strings platform wide. This creates a denial of service situation where logged in sessions can no longer be refreshed as sessions...
7.5CVSS
6.7AI Score
0.0004EPSS
Sensitive Information Disclosure
github.com/goreleaser/goreleaser is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the change in log output level from DEBUG to INFO, which could allow an attacker with access to the build logs to view sensitive environment information when the go build output is...
6.6AI Score
In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Fix potential NULL dereference The bpf_jit_binary_free() function requires a non-NULL argument. When the RISC-V BPF JIT fails to converge in NR_JIT_ITERATIONS steps, jit_data->header will be NULL, which triggers a NU...
6.5AI Score
0.0004EPSS
Twig Path Traversal vulnerability in the filesystem loader
Twig is affected by path traversal vulnerability when used with Twig_Loader_Filesystem for loading Twig templates but only if the application is using non-trusted template names (names provided by a end-user for instance). When affected, it is possible to go up one directory for the paths...
6.8AI Score
Unlimited number of NTS-KE connections can crash ntpd-rs server
Summary Missing limit for accepted NTS-KE connections allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such as the default ntpd-rs configuration, are unaffected. Details Operating systems have a limit for the number...
7.5CVSS
7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net:sfc: fix non-freed irq in legacy irq mode SFC driver can be configured via modparam to work using MSI-X, MSI or legacy IRQ interrupts. In the last one, the interrupt was not properly released on module remove. It was not...
7AI Score
0.0004EPSS
An unauthenticated Time-Based SQL injection found in Webkul QloApps 1.6.0 via GET parameters date_from, date_to, and id_product allows a remote attacker to retrieve the contents of an entire...
7.5CVSS
7.9AI Score
0.009EPSS
PMB 7.3.10 - Cross-Site Scripting
PMB 7.3.10 contains a reflected cross-site scripting vulnerability via the id parameter in an lvl=author_see request to...
6.1CVSS
6AI Score
0.001EPSS
Traefik before 1.7.26, 2.2.8, and 2.3.0-rc3 contains an open redirect vulnerability in the X-Forwarded-Prefix header. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized...
6.1CVSS
5.1AI Score
0.011EPSS
Captcha verification bypass in github.com/mojocn/base64Captcha
When using the default implementation of Verify to check a Captcha, verification can be bypassed. For example, if the first parameter is a non-existent id, the second parameter is an empty string, and the third parameter is true, the function will always consider the Captcha to be...
5.3CVSS
7.1AI Score
0.001EPSS
A stored Cross-Site Scripting (XSS) vulnerability exists in the mintplex-labs/anything-llm application, affecting versions up to and including the latest before 1.0.0. The vulnerability arises from the application's failure to properly sanitize and validate user-supplied URLs before embedding them....
7.3CVSS
5.8AI Score
0.0004EPSS
NUUO NVRsolo Video Recorder 03.06.02 - Cross-Site Scripting
NUUO NVRsolo Video Recorder 03.06.02 contains a reflected cross-site scripting vulnerability via...
6.1CVSS
6.1AI Score
0.003EPSS
SugarCRM Enterprise 9.0.0 - Cross-Site Scripting
SugarCRM Enterprise 9.0.0 contains a cross-site scripting vulnerability via...
6.1CVSS
6AI Score
0.002EPSS
In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Don't offline the last non-isolated CPU If a system has isolated CPUs via the "isolcpus=" command line parameter, then an attempt to offline the last housekeeping CPU will result in a WARN_ON() when rebuilding the...
6.7AI Score
0.0004EPSS
PMB v7.4.6 - Cross-Site Scripting
PMB v7.4.6 allows an attacker to perform a reflected XSS on export_z3950.php via the 'query'...
6.1CVSS
6AI Score
0.001EPSS
Apache OFBiz 16.11.04 - XML Entity Injection
Apache OFBiz 16.11.04 is susceptible to XML external entity injection (XXE...
7.5CVSS
7.7AI Score
0.045EPSS
An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to.....
6.5CVSS
6.7AI Score
0.001EPSS
A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...
5.3CVSS
6AI Score
0.001EPSS
The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through...
The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through...
8.8CVSS
0.687EPSS
[SECURITY] Fedora 40 Update: python-jinja2-3.1.4-1.fc40
Jinja2 is a template engine written in pure Python. It provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. If you have any exposure to other text-based template languages, such as Smarty or Django, you should feel right at home with...
5.4CVSS
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Don't offline the last non-isolated CPU If a system has isolated CPUs via the "isolcpus=" command line parameter, then an attempt to offline the last housekeeping CPU will result in a WARN_ON() when rebuilding the...
6.6AI Score
0.0004EPSS
Reprise License Manager 14.2 - Information Disclosure
Reprise License Manager 14.2 is susceptible to information disclosure via a GET request to /goforms/rlminfo. No authentication is required. The information disclosed is associated with software versions, process IDs, network configuration, hostname(s), system architecture and file/directory...
5.3CVSS
5.4AI Score
0.053EPSS
Fortinet FortiMail 7.0.1 - Cross-Site Scripting
A cross-site scripting vulnerability in FortiMail may allow an unauthenticated attacker to perform an attack via specially crafted HTTP GET requests to the FortiGuard URI protection...
6.1CVSS
6AI Score
0.006EPSS
IceWarp WebMail 11.4.5.0 - Cross-Site Scripting
IceWarp WebMail 11.4.5.0 is vulnerable to cross-site scripting via the language...
6.1CVSS
6AI Score
0.003EPSS
Timing attack in github.com/runatlantis/atlantis
Validation of Gitlab requests can leak secrets. The package github.com/runatlantis/atlantis/server/controllers/events uses a non-constant time comparison for secrets while validating a Gitlab request. This allows for a timing attack where an attacker can recover a secret and then forge the...
7.5CVSS
7.5AI Score
0.002EPSS
Zulip is an open-source team collaboration tool. A vulnerability in version 8.0 is similar to CVE-2023-32677, but applies to multi-use invitations, not single-use invitation links as in the prior CVE. Specifically, it applies when the installation has configured non-admins to be able to invite...
4.3CVSS
6.7AI Score
0.001EPSS
Apache OFBiz 17.12.03 - Cross-Site Scripting
Apache OFBiz 17.12.03 contains cross-site scripting and unsafe deserialization vulnerabilities via an XML-RPC...
6.1CVSS
6.6AI Score
0.907EPSS
In the Linux kernel, the following vulnerability has been resolved: net:sfc: fix non-freed irq in legacy irq mode SFC driver can be configured via modparam to work using MSI-X, MSI or legacy IRQ interrupts. In the last one, the interrupt was not properly released on module remove. It was not freed....
6.6AI Score
0.0004EPSS
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. org.xwiki.platform:xwiki-platform-web starting in version 3.1-milestone-2 and prior to version 13.4-rc-1, as well as org.xwiki.platform:xwiki-platform-web-templates prior to versions 14.10.12...
9CVSS
6.9AI Score
0.001EPSS
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Improper escaping in the document SkinsCode.XWikiSkinsSheet leads to an injection vector from view right on that document to programming rights, or in other words, it is possible to execute...
9.9CVSS
8.8AI Score
0.523EPSS
Decompressors can crash the JVM and leak memory content in Aircompressor
Summary All decompressor implementations of Aircompressor (LZ4, LZO, Snappy, Zstandard) can crash the JVM for certain input, and in some cases also leak the content of other memory of the Java process (which could contain sensitive information). Details When decompressing certain data, the...
8.6CVSS
6.2AI Score
0.0004EPSS
Access control change may take longer than expected in github.com/authelia/authelia/v4
If the file authentication backend is being used, the ewatch option is set to true, the refresh interval is configured to a non-disabled value, and an administrator changes a user's groups, then that user may be able to access resources that their previous groups had access...
7.2AI Score
Debian Security Advisory DSA 231-1 (dhcp3)
The remote host is missing an update to dhcp3 announced via advisory DSA...
6.5AI Score
0.135EPSS
XWiki Platform Old Core is a core package for XWiki Platform, a generic wiki platform. Prior to versions 14.2 and 13.10.4, all rights checks that would normally prevent a user from viewing a document on a wiki can be bypassed using the login action and directly specified templates. This exposes...
7.5CVSS
8.6AI Score
0.001EPSS
Directus is soft-locked by providing a string value to random string util
Describe the Bug Providing a non-numeric length value to the random string generation utility will create a memory issue breaking the capability to generate random strings platform wide. This creates a denial of service situation where logged in sessions can no longer be refreshed as sessions...
7.5CVSS
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix NULL-deref on non-serdev suspend Qualcomm ROME controllers can be registered from the Bluetooth line discipline and in this case the HCI UART serdev pointer is NULL. Add the missing sanity check to prevent a...
6.6AI Score
0.0004EPSS
Hongdian H8922 3.0.5 - Remote Command Injection
Hongdian H8922 3.0.5 devices are susceptible to remote command injection via shell metacharacters into the ip-address (a/k/a Destination) field to the tools.cgi ping command, which is accessible with the username guest and password guest. An attacker can execute malware, obtain sensitive...
8.8CVSS
9.2AI Score
0.964EPSS
A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by querying a resolver...
7.5CVSS
1.2AI Score
0.004EPSS
[SECURITY] Fedora 40 Update: rust-sd-1.0.0-2.fc40
Intuitive find & replace CLI. * Painless regular expressions sd uses regex syntax that you already know from JavaScript and Python. Forget about dealing with quirks of sed or awk - get productive immediately. * String-literal mode Non-regex find & replace. No more backslashes or...
7.2AI Score
(RHSA-2024:2821) Important: bind and dhcp security update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. The...
8.1AI Score
0.05EPSS
activeadmin vulnerable to stored persistent cross-site scripting (XSS) in dynamic form legends
Users settings their active admin form legends dynamically may be vulnerable to stored XSS, as long as its value can be injected directly by a malicious user. For example: A public web application allows users to create entities with arbitrary names. Active Admin is used to administrate these...
6.5AI Score
EPSS
In the Linux kernel, the following vulnerability has been resolved: HID: betop: fix slab-out-of-bounds Write in betop_probe Syzbot reported slab-out-of-bounds Write bug in hid-betopff driver. The problem is the driver assumes the device must have an input report but some malicious devices...
7.1AI Score
0.0004EPSS
Nagios XI < 5.11.3 - SQL Injection
SQL injection vulnerability in Nagios XI before version 5.11.3 via the bulk modification...
9.8CVSS
9.9AI Score
0.081EPSS
Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting
Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Classic Web...
6.1CVSS
6.2AI Score
0.313EPSS