2024-06 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB5039214)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article.....
7.2AI Score
2024-06 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB5039225)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article.....
7.2AI Score
2024-06 Cumulative Update for Windows 10 Version 1507 for x64-based Systems (KB5039225)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article.....
7.2AI Score
2024-06 Dynamic Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems (KB5039211)
ComponentUpdate: A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft...
7.2AI Score
2024-06 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5039214)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article.....
7.2AI Score
2024-06 Cumulative Update for Windows Server 2016 for x64-based Systems (KB5039214)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article.....
7.2AI Score
2024-06 Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5039211)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your...
7.1AI Score
2024-06 Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems (KB5039211)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your...
7.1AI Score
2024-06 Cumulative Update for Windows 10 Version 22H2 for x86-based Systems (KB5039211)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your...
7.1AI Score
2024-06 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5039211)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your...
7.1AI Score
2024-06 Dynamic Cumulative Update for Windows 10 Version 22H2 for ARM64-based Systems (KB5039211)
ComponentUpdate: A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft...
7.2AI Score
2024-06 Dynamic Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5039211)
ComponentUpdate: A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft...
7.2AI Score
2024-06 Dynamic Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5039211)
ComponentUpdate: A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft...
7.2AI Score
2024-06 Cumulative Update for Windows 10 Version 22H2 for ARM64-based Systems (KB5039211)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your...
7.1AI Score
2024-06 Dynamic Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5039211)
ComponentUpdate: A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft...
7.2AI Score
2024-06 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB5039217)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article.....
7.2AI Score
2024-06 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5039211)
Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your...
7.1AI Score
2024-06 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5039217)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article.....
7.2AI Score
2024-06 Cumulative Update for Windows Server 2019 for x64-based Systems (KB5039217)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article.....
7.2AI Score
Missing Authorization vulnerability in Contact List PRO Contact List – Easy Business Directory, Staff Directory and Address Book Plugin.This issue affects Contact List – Easy Business Directory, Staff Directory and Address Book Plugin: from n/a through...
5.3CVSS
0.0004EPSS
Missing Authorization vulnerability in Contact List PRO Contact List – Easy Business Directory, Staff Directory and Address Book Plugin.This issue affects Contact List – Easy Business Directory, Staff Directory and Address Book Plugin: from n/a through...
5.3CVSS
5.3AI Score
0.0004EPSS
CVE-2024-34821 WordPress Contact List plugin <= 2.9.87 - Broken Access Control vulnerability
Missing Authorization vulnerability in Contact List PRO Contact List – Easy Business Directory, Staff Directory and Address Book Plugin.This issue affects Contact List – Easy Business Directory, Staff Directory and Address Book Plugin: from n/a through...
5.3CVSS
0.0004EPSS
CVE-2024-34821 WordPress Contact List plugin <= 2.9.87 - Broken Access Control vulnerability
Missing Authorization vulnerability in Contact List PRO Contact List – Easy Business Directory, Staff Directory and Address Book Plugin.This issue affects Contact List – Easy Business Directory, Staff Directory and Address Book Plugin: from n/a through...
5.3CVSS
7.2AI Score
0.0004EPSS
CVE-2024-28995: Trivially Exploitable Information Disclosure Vulnerability in SolarWinds Serv-U
On June 5, 2024, SolarWinds disclosed CVE-2024-28995, a high-severity directory traversal vulnerability affecting their Serv-U file transfer server, which comes in two editions (Serv-U FTP and Serv-U MFT). Successful exploitation of the vulnerability allows unauthenticated attackers to read...
8.6CVSS
7.8AI Score
0.343EPSS
A vulnerability has been identified in TIA Administrator (All versions < V3 SP2). The affected component creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update...
3.3CVSS
6.6AI Score
0.0004EPSS
A vulnerability has been identified in TIA Administrator (All versions < V3 SP2). The affected component creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update...
3.3CVSS
0.0004EPSS
A vulnerability has been identified in TIA Administrator (All versions < V3 SP2). The affected component creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update...
3.3CVSS
6.8AI Score
0.0004EPSS
A vulnerability has been identified in TIA Administrator (All versions < V3 SP2). The affected component creates temporary download files in a directory with insecure permissions. This could allow any authenticated attacker on Windows to disrupt the update...
3.3CVSS
0.0004EPSS
SecurEnvoy Two Factor Authentication - LDAP Injection
Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. An unauthenticated remote attacker could exfiltrate data from Active Directory through blind LDAP injection attacks against the DESKTOP service exposed on the...
7.5CVSS
7.6AI Score
0.013EPSS
QR code SQL injection and other vulnerabilities in a popular biometric terminal
Biometric scanners offer a unique way to resolve the conflict between security and usability. They help to identify a person by their unique biological characteristics – a fairly reliable process that does not require the user to exert any extra effort. Yet, biometric scanners, as any other tech,.....
10CVSS
9AI Score
0.0004EPSS
The Advanced Contact form 7 DB plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.2 via the wp-content/uploads/advanced-cf7-upload directory. This makes it possible for unauthenticated attackers to extract sensitive data uploaded via this....
5.3CVSS
0.0005EPSS
The Advanced Contact form 7 DB plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.2 via the wp-content/uploads/advanced-cf7-upload directory. This makes it possible for unauthenticated attackers to extract sensitive data uploaded via this....
5.3CVSS
5.2AI Score
0.0005EPSS
CVE-2024-3723 Advanced Contact form 7 DB <= 2.0.2 - Sensitive Information Exposure
The Advanced Contact form 7 DB plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.2 via the wp-content/uploads/advanced-cf7-upload directory. This makes it possible for unauthenticated attackers to extract sensitive data uploaded via this....
5.3CVSS
0.0005EPSS
FileOrganizer < 1.0.8 - Sensitive Information Exposure via Directory Listing
Description The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.7 via the 'fileorganizer_ajax_handler' function. This makes it possible for unauthenticated attackers to extract...
7.5CVSS
6.6AI Score
0.001EPSS
ARMember < 4.0.28 - Directory Traversal via X-FILENAME
Description The ARMember plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.0.27 via the 'X-FILENAME' HTTP header. This makes it possible for unauthenticated attackers to upload and overwrite certain files (e.g., CSS) to directories outside the...
7.1AI Score
Important: 389-ds-base security update
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): 389-ds-base: potential denial of service via specially crafted kerberos...
7.5CVSS
6.8AI Score
0.0004EPSS
Important: 389-ds-base security update
389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): 389-ds-base: potential denial of service via specially crafted kerberos...
7.5CVSS
6.9AI Score
0.0004EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.21 (SUSE-SU-2024:1969-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1969-1 advisory. go1.21.11 release (bsc#1212475). - CVE-2024-24789: Fixed mishandling of corrupt central...
9.8CVSS
8.1AI Score
0.001EPSS
Advanced Contact form 7 DB <= 2.0.2 - Sensitive Information Exposure
Description The Advanced Contact form 7 DB plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.2 via the wp-content/uploads/advanced-cf7-upload directory. This makes it possible for unauthenticated attackers to extract sensitive data...
5.3CVSS
6.7AI Score
0.0005EPSS
7.8CVSS
7AI Score
0.44EPSS
Description The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. This makes it possible for authenticated attackers to cut and paste (copy) the contents of arbitrary...
8.8CVSS
6.6AI Score
0.001EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.22 (SUSE-SU-2024:1970-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1970-1 advisory. go1.21.11 release (bsc#1212475). - CVE-2024-24789: Fixed mishandling of corrupt central...
9.8CVSS
8.1AI Score
0.001EPSS
Qi Addons For Elementor < 1.7.3 - Authenticated (Contributor+) Local File Inclusion
Description The Qi Addons For Elementor plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 1.7.2 via the 'behavior' attributes found in the qi_addons_for_elementor_blog_list shortcode. This makes it possible for authenticated attackers, with...
7.5CVSS
7.2AI Score
0.001EPSS
A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of...
7.5CVSS
7.6AI Score
0.0004EPSS
Security Bulletin: Updating Java in Identity Insight 9.0.0.1 for security update
Summary Identity Insight customers are advised to update OpenJDK 8 to version 8.0.412 for the security update in Java. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected Product(s) | Version(s) ---|--- IBM...
7.5CVSS
6.8AI Score
EPSS
Security Bulletin: Updating Java in Identity Insight 10.0.0.0 for security update
Summary Identity Insight customers are advised to update OpenJDK 17 to version 17.0.11.0 for the security update in Java. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected Product(s) | Version(s) ---|--- IBM...
7.5CVSS
6.8AI Score
EPSS
Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. An unauthenticated remote attacker could exfiltrate data from Active Directory through blind LDAP injection attacks against the DESKTOP service exposed on the...
7.5CVSS
0.013EPSS
Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. An unauthenticated remote attacker could exfiltrate data from Active Directory through blind LDAP injection attacks against the DESKTOP service exposed on the...
7.5CVSS
7.7AI Score
0.013EPSS
Docker CLI leaks private registry credentials to registry-1.docker.io
Impact A bug was found in the Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file (typically ~/.docker/config.json) listing a credsStore or credHelpers that could not be executed would result in any provided credentials being sent to...
7.5CVSS
6.4AI Score
0.001EPSS
Docker CLI leaks private registry credentials to registry-1.docker.io
Impact A bug was found in the Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file (typically ~/.docker/config.json) listing a credsStore or credHelpers that could not be executed would result in any provided credentials being sent to...
7.5CVSS
6.4AI Score
0.001EPSS