CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type properly. Remote attackers with administrator privilege can exploit this vulnerability to upload and run malicious file to execute system...
7.2CVSS
7.2AI Score
0.001EPSS
"Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an external service, which may allow a local attacker to obtain the API key. Note that the users of the app are not directly affected by this...
0.0004EPSS
CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type properly. Remote attackers with administrator privilege can exploit this vulnerability to upload and run malicious file to execute system...
7.2CVSS
0.001EPSS
CHANGING Mobile One Time Password does not properly filter parameters for the file download functionality, allowing remote attackers with administrator privilege to read arbitrary file on the...
4.9CVSS
0.0005EPSS
CHANGING Mobile One Time Password does not properly filter parameters for the file download functionality, allowing remote attackers with administrator privilege to read arbitrary file on the...
4.9CVSS
5.3AI Score
0.0005EPSS
Summary DB2 JDBC driver is shipped with IBM Tivoli Netcool Impact as part of the db2 data source adapter. Information about security vulnerabilities affecting DB2 JDBC driver has been published in a security bulletin. Vulnerability Details ** CVEID: CVE-2023-47152 DESCRIPTION: **IBM Db2 for...
7.5CVSS
6.2AI Score
0.001EPSS
Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details ** CVEID:.....
5.3CVSS
5.2AI Score
0.0004EPSS
Summary Apache Camel is shipped with IBM Tivoli Netcool Impact as part of the data provider interface in the GUI server. Information about a security vulnerability affecting Apache ActiveMQ has been published in a security bulletin. Vulnerability Details ** CVEID: CVE-2024-22371 DESCRIPTION:...
2.9CVSS
6.1AI Score
0.0004EPSS
CVE-2024-3123 CHANGING Mobile One Time Password - Arbitrary File Upload
CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type properly. Remote attackers with administrator privilege can exploit this vulnerability to upload and run malicious file to execute system...
7.2CVSS
0.001EPSS
CVE-2024-3122 CHANGING Mobile One Time Password - Arbitrary File Reading
CHANGING Mobile One Time Password does not properly filter parameters for the file download functionality, allowing remote attackers with administrator privilege to read arbitrary file on the...
4.9CVSS
0.0005EPSS
CVE-2024-3122 CHANGING Mobile One Time Password - Arbitrary File Reading
CHANGING Mobile One Time Password does not properly filter parameters for the file download functionality, allowing remote attackers with administrator privilege to read arbitrary file on the...
4.9CVSS
7.1AI Score
0.0005EPSS
"Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an external service, which may allow a local attacker to obtain the API key. Note that the users of the app are not directly affected by this...
0.0004EPSS
[SECURITY] [DLA 3855-1] pdns-recursor security update
Debian LTS Advisory DLA-3855-1 [email protected] https://www.debian.org/lts/security/ ; Daniel Leidert July 01, 2024 https://wiki.debian.org/LTS Package : pdns-recursor Version : 4.1.11-1+deb10u2 CVE...
7.5CVSS
6.9AI Score
0.006EPSS
A vulnerability classified as critical was found in SourceCodester Medicine Tracker System 1.0. This vulnerability affects unknown code of the file /classes/Master.php?f=save_medicine. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has....
6.3CVSS
0.0004EPSS
A vulnerability classified as critical was found in SourceCodester Medicine Tracker System 1.0. This vulnerability affects unknown code of the file /classes/Master.php?f=save_medicine. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has....
6.3CVSS
7AI Score
0.0004EPSS
5.3CVSS
5.5AI Score
0.001EPSS
5.3CVSS
5.5AI Score
0.001EPSS
8.5CVSS
7.1AI Score
0.005EPSS
6.7AI Score
0.0004EPSS
7.5CVSS
7.1AI Score
0.001EPSS
8.8CVSS
7.4AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1850)
The remote host is missing an update for the Huawei...
7.5CVSS
8.1AI Score
0.05EPSS
Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2024-1865)
The remote host is missing an update for the Huawei...
7.5CVSS
8.1AI Score
0.05EPSS
Huawei EulerOS: Security Advisory for less (EulerOS-SA-2024-1874)
The remote host is missing an update for the Huawei...
6.8AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1877)
The remote host is missing an update for the Huawei...
8CVSS
8.1AI Score
0.05EPSS
6.7AI Score
0.0004EPSS
4.7CVSS
7.1AI Score
0.0004EPSS
8.1CVSS
8.2AI Score
0.0004EPSS
8.2AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2024-1867)
The remote host is missing an update for the Huawei...
6.3CVSS
6.5AI Score
0.0004EPSS
6.7AI Score
0.0004EPSS
7.5CVSS
7.1AI Score
0.006EPSS
8.8CVSS
8.8AI Score
0.0004EPSS
4.4CVSS
7.1AI Score
0.0004EPSS
5.3CVSS
7.1AI Score
0.0004EPSS
8.8CVSS
8.8AI Score
0.0004EPSS
7.5AI Score
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2024-1861)
The remote host is missing an update for the Huawei...
7.8CVSS
7.9AI Score
0.0005EPSS
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1856)
The remote host is missing an update for the Huawei...
7.4AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for iSulad (EulerOS-SA-2024-1858)
The remote host is missing an update for the Huawei...
7CVSS
7AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for iSulad (EulerOS-SA-2024-1872)
The remote host is missing an update for the Huawei...
7CVSS
7AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1859)
The remote host is missing an update for the Huawei...
8CVSS
8.2AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2024-1854)
The remote host is missing an update for the Huawei...
5.5CVSS
5.7AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2024-1871)
The remote host is missing an update for the Huawei...
5.5CVSS
5.7AI Score
0.0005EPSS
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1863)
The remote host is missing an update for the Huawei...
8CVSS
8.1AI Score
0.05EPSS
SDL_ttf: Arbitrary Memory Write
Background SDL_ttf is a wrapper around the FreeType and Harfbuzz libraries, allowing you to use TrueType fonts to render text in SDL applications. Description A vulnerability has been discovered in SDL_ttf. Please review the CVE identifier referenced below for details. Impact SDL_ttf was...
7.8CVSS
7.4AI Score
0.001EPSS
OpenSSH -- Race condition resulting in potential remote code execution
The OpenSSH project reports: A race condition in sshd(8) could allow remote code execution as root on non-OpenBSD...
8.1CVSS
8.5AI Score
EPSS
Important Photon OS Security Update - PHSA-2024-5.0-0307
Updates of ['openssh'] packages of Photon OS have been...
9.8CVSS
10AI Score
EPSS
phpok 6.4.003 contains a Cross Site Scripting (XSS) vulnerability in the ok_f() method under the framework/api/upload_control.php...
EPSS
7.5AI Score