An issue in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote attacker to execute arbitrary code via the router's authentication...
0.0004EPSS
Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp...
7.2AI Score
0.0005EPSS
An issue in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote attacker to execute arbitrary code via the router's authentication...
8.1AI Score
0.0004EPSS
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential.....
Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp...
0.0005EPSS
Cisco Firepower Threat Defense Software Encrypted Archive File Policy Bypass Vulnerability
A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a.....
7.3AI Score
0.0004EPSS
An issue in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote attacker to execute arbitrary code via the router's authentication...
0.0004EPSS
An issue in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote attacker to execute arbitrary code via the router's authentication...
8.3AI Score
0.0004EPSS
Insecure Permissions vulnerability in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote attacker to escalate privileges via a crafted...
0.0004EPSS
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this...
7.1CVSS
6.8AI Score
0.001EPSS
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Melapress MelaPress Login Security allows PHP Remote File Inclusion.This issue affects MelaPress Login Security: from n/a through...
7.2CVSS
5.3AI Score
0.001EPSS
Hangzhou Meisoft Information Technology Co., Ltd. FineSoft <=8.0 is affected by Cross Site Scripting (XSS) which allows remote attackers to execute arbitrary code. Enter any account and password, click Login, the page will report an error, and a controllable parameter will appear at the...
6.7AI Score
0.0005EPSS
Hangzhou Meisoft Information Technology Co., Ltd. FineSoft <=8.0 is affected by Cross Site Scripting (XSS) which allows remote attackers to execute arbitrary code. Enter any account and password, click Login, the page will report an error, and a controllable parameter will appear at the...
6.1CVSS
0.0005EPSS
Hangzhou Meisoft Information Technology Co., Ltd. FineSoft <=8.0 is affected by Cross Site Scripting (XSS) which allows remote attackers to execute arbitrary code. Enter any account and password, click Login, the page will report an error, and a controllable parameter will appear at the...
0.0005EPSS
Hangzhou Meisoft Information Technology Co., Ltd. FineSoft <=8.0 is affected by Cross Site Scripting (XSS) which allows remote attackers to execute arbitrary code. Enter any account and password, click Login, the page will report an error, and a controllable parameter will appear at the...
6.1CVSS
6.5AI Score
0.0005EPSS
Summary The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. Log Source Management App for IBM QRadar SIEM has addressed the applicable CVEs in an update. Vulnerability Details ** CVEID: CVE-2024-28849 DESCRIPTION:...
7.4CVSS
7AI Score
0.0004EPSS
co-free.julius-kuehn.de Cross Site Scripting vulnerability OBB-3870099
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
6.7AI Score
0.0004EPSS
[2.43.5-1] - Update to 2.43.5 - Related: RHEL-36402, RHEL-36414 [2.43.4-1] - Update to 2.43.4 - Resolves: RHEL-36402,...
9CVSS
9.4AI Score
0.002EPSS
[2.43.5-1] - Update to 2.43.5 - Related: RHEL-36399, RHEL-36411 [2.43.4-1] - Update to 2.43.4 - Resolves: RHEL-36399,...
9CVSS
9.4AI Score
0.002EPSS
Security Advisory 0098 _._CSAF PDF Date: June 25, 2024 Revision | Date | Changes ---|---|--- 1.0 | June 25, 2024 | Initial release The CVE-ID tracking this issue: CVE-2024-4578 CVSSv3.1 Base Score: 8.4 (CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H) Common Weakness Enumeration: CWE-77 Improper...
8.4CVSS
7AI Score
0.0004EPSS
8.1CVSS
6.7AI Score
0.002EPSS
9CVSS
7AI Score
0.087EPSS
6.7CVSS
6.7AI Score
0.0004EPSS
7.5CVSS
6.7AI Score
0.0004EPSS
6.5AI Score
0.0004EPSS
6.4AI Score
0.0004EPSS
7.5CVSS
6.7AI Score
0.003EPSS
[4.12-2.0.1.1] - Add libreswan-oracle.patch to detect Oracle Linux distro [4.12-2.1] - Fix CVE-2024-3652...
6.6AI Score
0.0004EPSS
[3.11.7-1.1] - Security fix for CVE-2023-6597 - Fix tests for XMLPullParser with Expat with fixed CVE Resolves:...
7.8CVSS
7.8AI Score
0.0004EPSS
6.7AI Score
0.0004EPSS
[3.11.9-1.0.1] - Update rpm-macros description [Orabug: 36024572] [3.11.9-1] - Rebase to 3.11.9 - Security fixes for CVE-2023-6597 and CVE-2024-0450 - Fix expat tests for the latest expat security release Resolves: RHEL-33672,...
7.8CVSS
7.1AI Score
0.0005EPSS
7.8CVSS
8.8AI Score
EPSS
A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been classified as critical. This affects an unknown part of the file /protocol/firewall/addaddress_interpret.php. The manipulation of the argument messagecontent leads to sql injection. The exploit has been...
7.5CVSS
7.8AI Score
0.001EPSS
Race condition in ESET Smart Security 4.2.35.3 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...
6.9AI Score
0.0004EPSS
5.9CVSS
7.2AI Score
0.002EPSS
[SECURITY] [DLA 3855-1] pdns-recursor security update
Debian LTS Advisory DLA-3855-1 [email protected] https://www.debian.org/lts/security/ ; Daniel Leidert July 01, 2024 https://wiki.debian.org/LTS Package : pdns-recursor Version : 4.1.11-1+deb10u2 CVE...
7.5CVSS
6.9AI Score
0.006EPSS
6.8AI Score
0.0004EPSS
8.8CVSS
6.7AI Score
0.0004EPSS
OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim...
7CVSS
6.8AI Score
0.001EPSS
Important: pcp security update
Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....
8.8CVSS
7.1AI Score
0.0004EPSS
New emacs packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/emacs-29.4-i586-1_slack15.0.txz: Upgraded. Emacs 29.4 is an emergency bugfix release intended to fix a security vulnerability: ...
7.6AI Score
[9.27-13] - CVE-2024-33871 ghostscript: OPVP device arbitrary code execution via custom Driver...
7.8AI Score
EPSS
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an attacker on the network to take control of the server. IBM X-Force ID: ...
9.8CVSS
9AI Score
0.001EPSS
[3.9.18-3.1] - Security fixes for CVE-2023-6597 and CVE-2024-0450 - Fix tests for XMLPullParser with Expat with fixed CVE Resolves: RHEL-33887,...
7.8CVSS
7.8AI Score
0.0005EPSS
A vulnerability classified as problematic was found in WEKA INTEREST Security Scanner up to 1.8. Affected by this vulnerability is the Stresstest Configuration Handler. A manipulation leads to a local denial of service. The exploit has been disclosed to the public and may be used. NOTE: This...
5.5CVSS
5.3AI Score
0.0004EPSS
In Splunk Enterprise Security (ES) versions lower than 7.1.2, an attacker can create a malformed Investigation to perform a denial of service (DoS). The malformed investigation prevents the generation and rendering of the Investigations manager until it is deleted.The vulnerability requires an...
6.5CVSS
6.3AI Score
0.0004EPSS
[115.12.1-1.0.1] - Add Oracle prefs [115.12.1] - Add OpenELA debranding [115.12.1-1] - Update to 115.12.1 build1 [115.12.0-2] - Update to 115.12.0 build2 [115.12.0-1] - Update to 115.12.0...
6.9AI Score
0.0004EPSS
[115.12.1-1.0.1] - Add Oracle prefs file [115.12.1] - Add OpenELA debranding [115.12.1-1] - Update to 115.12.1 build1 [115.12.0-2] - Update to 115.12.0 build2 [115.12.0-1] - Update to 115.12.0...
6.9AI Score
0.0004EPSS
[9.54.0-16] - RHEL-39110 fix regression discovered in OPVP device [9.54.0-15] - RHEL-39110 CVE-2024-33871 ghostscript: OPVP device arbitrary code execution via custom Driver...
7.7AI Score
EPSS