CVE-2023-23916 affecting package rust 1.59.0-1
CVE-2023-23916 affecting package rust 1.59.0-1. No patch is available...
6.5CVSS
8.5AI Score
0.001EPSS
CVE-2023-23916 affecting package mysql 8.0.32-1
CVE-2023-23916 affecting package mysql 8.0.32-1. No patch is available...
6.5CVSS
8.5AI Score
0.001EPSS
CVE-2023-25136 affecting package openssh 8.9p1-3
CVE-2023-25136 affecting package openssh 8.9p1-3. This CVE either no longer is or was never...
6.5CVSS
8.4AI Score
0.009EPSS
CVE-2018-25078 affecting package man-db 2.8.4-5
CVE-2018-25078 affecting package man-db 2.8.4-5. This CVE either no longer is or was never...
7.8CVSS
7.5AI Score
0.0004EPSS
CVE-2022-41722 affecting package golang 1.17.13-2
CVE-2022-41722 affecting package golang 1.17.13-2. No patch is available...
7.5CVSS
8.7AI Score
0.001EPSS
CVE-2023-25193 affecting package qt5-qtbase 5.12.11-7
CVE-2023-25193 affecting package qt5-qtbase 5.12.11-7. This CVE either no longer is or was never...
7.5CVSS
8.2AI Score
0.002EPSS
CVE-2023-0468 affecting package kernel 5.10.189.1-1
CVE-2023-0468 affecting package kernel 5.10.189.1-1. No patch is available...
4.7CVSS
7.5AI Score
0.0004EPSS
CVE-2022-1941 affecting package protobuf 3.14.0-1
CVE-2022-1941 affecting package protobuf 3.14.0-1. No patch is available...
7.5CVSS
9.9AI Score
0.002EPSS
CVE-2022-3515 affecting package gnupg2 2.2.20-4
CVE-2022-3515 affecting package gnupg2 2.2.20-4. This CVE either no longer is or was never...
9.8CVSS
9.9AI Score
0.005EPSS
CVE-2022-4543 affecting package kernel 5.10.189.1-1
CVE-2022-4543 affecting package kernel 5.10.189.1-1. No patch is available...
5.5CVSS
7.5AI Score
0.0004EPSS
CVE-2022-46176 affecting package rust 1.59.0-1
CVE-2022-46176 affecting package rust 1.59.0-1. No patch is available...
5.9CVSS
7.5AI Score
0.001EPSS
CVE-2022-44792 affecting package net-snmp 5.9-4
CVE-2022-44792 affecting package net-snmp 5.9-4. No patch is available...
6.5CVSS
6.9AI Score
0.003EPSS
CVE-2022-43410 affecting package mercurial 5.4-2
CVE-2022-43410 affecting package mercurial 5.4-2. No patch is available...
5.3CVSS
7.5AI Score
0.001EPSS
CVE-2022-21626 affecting package openjdk8 1.8.0.332-2
CVE-2022-21626 affecting package openjdk8 1.8.0.332-2. No patch is available...
5.3CVSS
6.1AI Score
0.002EPSS
CVE-2020-0569 affecting package qt5-qtsvg 5.12.11-4
CVE-2020-0569 affecting package qt5-qtsvg 5.12.11-4. This CVE either no longer is or was never...
5.7CVSS
7.5AI Score
0.0004EPSS
CVE-2022-42969 affecting package python-py 1.10.0-1
CVE-2022-42969 affecting package python-py 1.10.0-1. No patch is available...
7.5CVSS
9.9AI Score
0.007EPSS
CVE-2021-3672 affecting package pgbouncer 1.16.1-1
CVE-2021-3672 affecting package pgbouncer 1.16.1-1. This CVE either no longer is or was never...
5.6CVSS
9.8AI Score
0.002EPSS
CVE-2022-36055 affecting package helm 3.4.1-17
CVE-2022-36055 affecting package helm 3.4.1-17. No patch is available...
6.5CVSS
9.9AI Score
0.001EPSS
CVE-2021-3995 affecting package util-linux 2.32.1-7
CVE-2021-3995 affecting package util-linux 2.32.1-7. This CVE either no longer is or was never...
5.5CVSS
5.9AI Score
0.0004EPSS
CVE-2021-33465 affecting package yasm 1.3.0-14
CVE-2021-33465 affecting package yasm 1.3.0-14. No patch is available...
5.5CVSS
7.5AI Score
0.001EPSS
CVE-2021-33464 affecting package yasm 1.3.0-14
CVE-2021-33464 affecting package yasm 1.3.0-14. No patch is available...
5.5CVSS
7.5AI Score
0.001EPSS
CVE-2021-33456 affecting package yasm 1.3.0-14
CVE-2021-33456 affecting package yasm 1.3.0-14. No patch is available...
5.5CVSS
7.5AI Score
0.001EPSS
CVE-2021-33454 affecting package yasm 1.3.0-14
CVE-2021-33454 affecting package yasm 1.3.0-14. No patch is available...
5.5CVSS
7.5AI Score
0.001EPSS
CVE-2021-3773 affecting package kernel 5.10.189.1-1
CVE-2021-3773 affecting package kernel 5.10.189.1-1. No patch is available...
9.8CVSS
9.7AI Score
0.008EPSS
platform-l.org Cross Site Scripting vulnerability OBB-3939546
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
bartlettltd.co.uk Cross Site Scripting vulnerability OBB-3939500
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
6.4AI Score
0.0004EPSS
6.4AI Score
0.0004EPSS
Summary There are multiple vulnerabilities in IBM® WebSphere Application Server Liberty that is used by IBM InfoSphere Information Server. These are addressed. Vulnerability Details ** CVEID: CVE-2024-27268 DESCRIPTION: **IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.4 is...
5.9CVSS
7.7AI Score
0.0004EPSS
Unlimited number of NTS-KE connections can crash ntpd-rs server
Summary Missing limit for accepted NTS-KE connections allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such as the default ntpd-rs configuration, are unaffected. Details Operating systems have a limit for the number...
7.5CVSS
7AI Score
0.0004EPSS
Unlimited number of NTS-KE connections can crash ntpd-rs server
Summary Missing limit for accepted NTS-KE connections allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such as the default ntpd-rs configuration, are unaffected. Details Operating systems have a limit for the number...
7.5CVSS
7AI Score
0.0004EPSS
Metasploit Weekly Wrap-Up 06/28/2024
Unauthenticated Command Injection in Netis Router This week's Metasploit release includes an exploit module for an unauthenticated command injection vulnerability in the Netis MW5360 router which is being tracked as CVE-2024-22729. The vulnerability stems from improper handling of the password...
9.8CVSS
9AI Score
0.005EPSS
nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. There is a missing limit for accepted NTS-KE connections. This allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such...
7.5CVSS
0.0004EPSS
nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. There is a missing limit for accepted NTS-KE connections. This allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such...
7.5CVSS
7.6AI Score
0.0004EPSS
TeamViewer Confirms Security Breach by Russian Midnight Blizzard
TeamViewer reassures users after a security breach targeted an employee account. The company claims no customer data...
7.4AI Score
Security Bulletin: IBM Cognos Transformer is affected by security vulnerabilities
Summary Vulnerabilities in IBM® Java™ Version 8 that is consumed by IBM Cognos Transformer have been addressed. Please refer to the table in the Related Information section for vulnerability impact. Vulnerability Details ** CVEID: CVE-2024-20952 DESCRIPTION: **An unspecified vulnerability in Java.....
7.5CVSS
7AI Score
0.001EPSS
CVE-2024-38528 Unlimited number of NTS-KE connections can crash ntpd-rs server
nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. There is a missing limit for accepted NTS-KE connections. This allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such...
7.5CVSS
0.0004EPSS
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack caused by an error applying configuration changes. IBM X-Force ID: ...
5.9CVSS
0.0005EPSS
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack caused by an error applying configuration changes. IBM X-Force ID: ...
5.9CVSS
5.6AI Score
0.0005EPSS
Summary Vulnerabilities in Curl could allow a remote attacker to bypass security restrictions (CVE-2024-2466, CVE-2024-2004, CVE-2024-2379) or cause a denial of service (CVE-2024-2398). PowerSC uses Curl as part of PowerSC Trusted Network Connect (TNC). Vulnerability Details ** CVEID:...
7.5AI Score
0.0004EPSS
Code Execution on Git update in github.com/hashicorp/go-getter
A crafted request can execute Git update on an existing maliciously modified Git Configuration. This can potentially lead to arbitrary code execution. When performing a Git operation, the library will try to clone the given repository to a specified destination. Cloning initializes a git config in....
8.4CVSS
8.5AI Score
0.0004EPSS
CVE-2024-35116 IBM MQ denial of service
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack caused by an error applying configuration changes. IBM X-Force ID: ...
5.9CVSS
0.0005EPSS
Exploit for SQL Injection in Progress Moveit Cloud
CVE-2023-34362: MOVEit Transfer Unauthenticated RCE For a...
9.8CVSS
7.3AI Score
0.969EPSS
Exploit for SQL Injection in Progress Moveit Cloud
CVE-2023-34362: MOVEit Transfer Unauthenticated RCE For a...
9.8CVSS
9.8AI Score
0.969EPSS
Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data
The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that's designed to steal sensitive information as part of an ongoing intelligence collection effort. Zscaler ThreatLabz, which observed the activity in early March 2024, has...
7.8CVSS
7.5AI Score
0.974EPSS
TEMU sued for being “dangerous malware” by Arkansas Attorney General
Chinese online shopping giant Temu is facing a lawsuit filed by State of Arkansas Attorney General Tim Griffin, alleging that the retailer's mobile app spies on users. “Temu purports to be an online shopping platform, but it is dangerous malware, surreptitiously granting itself access to...
7.5AI Score
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: ...
6.2CVSS
6AI Score
0.0004EPSS
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: ...
6.2CVSS
0.0004EPSS
CVE-2024-35137 IBM Security Access Manager Docker information disclosure
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: ...
6.2CVSS
0.0004EPSS
Security Bulletin: Vulnerability in tqdm affects IBM Process Mining CVE-2024-34062
Summary There is a vulnerability in tqdm that could allow an local authenticated attacker to execute arbitrary code on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details ** CVEID:...
4.8CVSS
5.9AI Score
0.0004EPSS