Exploit for SQL Injection in Microsoft
nate158 https://t.me/Nate158digimon gcloud compute addresses...
0.4AI Score
F5 Networks BIG-IP Edge Client Component Installer Installed (Windows)
Detects F5 Networks BIG-IP Edge Client Component Installer on the remote Windows...
1.5AI Score
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.3 via the 'nxs_getExpSettings' function. This makes it possible for authenticated attackers, with subscriber access and above, to extract...
8.5CVSS
8.2AI Score
0.001EPSS
Palo Alto Networks PAN-OS Firewall/Panorama Web UI Detection
The web interface for Palo Alto Networks PAN-OS firewall or Panorama was detected on the remote host. Panorama is a centralized management solution used for Palo Alto Networks...
1.2AI Score
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (dockerd), which is developed as moby/moby, is commonly referred to as Docker. Swarm Mode, which.....
8.7CVSS
7.5AI Score
0.003EPSS
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.3 via the 'nxs_getExpSettings' function. This makes it possible for authenticated attackers, with subscriber access and above, to extract...
8.5CVSS
6.3AI Score
0.001EPSS
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTTP_USER_AGENT header in all versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers....
6.1CVSS
6.2AI Score
0.0004EPSS
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTTP_USER_AGENT header in all versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers....
6.1CVSS
6.1AI Score
0.0004EPSS
F5 Networks BIG-IP : XML vulnerability (K03244804)
XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD. (CVE-2017-9233) Impact BIG-IP Administrative interfaces, such as iControl SOAP, are...
7.5CVSS
8.6AI Score
0.003EPSS
VolleyballSquid-----CVE-2023-38831-and-Bypass-UAC This is my...
7.8CVSS
8.2AI Score
0.192EPSS
7.4AI Score
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTTP_USER_AGENT header in all versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers....
6.1CVSS
6.2AI Score
0.0004EPSS
DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or...
7.5CVSS
7.5AI Score
0.024EPSS
VMWare Aria Operations for Networks Authentication Bypass (CVE-2023-34039) (Direct Check)
Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks...
9.8CVSS
7.5AI Score
0.945EPSS
F5 Networks BIG-IP : BIG-IP AFM vulnerability (K000137521)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000137521 advisory. When BIG-IP AFM Device DoS or DoS profile is configured with NXDOMAIN attack vector and bad actor detection, undisclosed...
7.5CVSS
7.7AI Score
0.0004EPSS
7.4AI Score
F5 Networks BIG-IP : libxml2 vulnerability (K000139641)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000139641 advisory. In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and...
6.5CVSS
6.6AI Score
0.001EPSS
9.9CVSS
7.2AI Score
0.001EPSS
Exploit for Command Injection in Paloaltonetworks Pan-Os
Cyberspace Mapping Dork Fofa ```...
10CVSS
9.9AI Score
0.957EPSS
Exploit for Command Injection in Paloaltonetworks Pan-Os
Cyberspace Mapping Dork Fofa ```...
10CVSS
9.9AI Score
0.957EPSS
Exploit for Command Injection in Paloaltonetworks Pan-Os
Cyberspace Mapping Dork Fofa ```...
10CVSS
7.3AI Score
0.957EPSS
Exploit for Classic Buffer Overflow in Extremenetworks Iq Engine
CVE-2023-35803 - Unauthenticated RCE in Extreme...
9.8CVSS
9.2AI Score
0.002EPSS
[SECURITY] Fedora 40 Update: prometheus-podman-exporter-1.12.0-1.fc40
Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks...
8.3CVSS
8.4AI Score
0.0004EPSS
Nessus was able to obtain version information for an F5 Networks BIG-IP device on the remote host via...
3AI Score
F5 Networks BIG-IP : Appliance mode vulnerability (K46524395)
On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, internal methods used to prevent arbitrary file overwrites in Appliance Mode were not fully effective. An authenticated attacker with a high privilege level may be able to bypass protections implemented in appliance mode to overwrite...
6.5CVSS
6.5AI Score
0.001EPSS
Nessus was able to obtain version information for an F5 Networks BIG-IQ device on the remote host via an SSH login or by examining HTTP services running on the device. BIG-IQ is a product for managing BIG-IP...
2.8AI Score
Exploit for Cross-site Scripting in Smarty
LabelGrup Networks, official PrestaShop Partner ![LabelGrup...
6.3AI Score
Server Side Request Forgery (SSRF) vulnerability in NebulaGraph Studio version 3.7.0, allows remote attackers to gain sensitive...
7.5CVSS
7.4AI Score
0.001EPSS
[SECURITY] Fedora 39 Update: prometheus-podman-exporter-1.12.0-1.fc39
Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks...
8.3CVSS
8.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtime_map when allocated priv.runtime_map is only allocated when efi_novamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...
7.1AI Score
0.0004EPSS
F5 Networks BIG-IP : Intel BIOS vulnerability (K000137204)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000137204 advisory. Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user...
4.4CVSS
4.5AI Score
0.0004EPSS
perl-Algorithm-Diff perl-Archive-Tar perl-Archive-Zip perl-autodie perl-bignum perl-Carp perl-Compress-Bzip2 perl-Compress-Raw-Bzip2 perl-Compress-Raw-Lzma perl-Compress-Raw-Zlib [2.096-2] - Fix test broken by update in zlib on s390x - Related: RHEL-16371 perl-Config-Perl-V perl-constant...
7.8CVSS
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtime_map when allocated priv.runtime_map is only allocated when efi_novamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...
7.1AI Score
0.0004EPSS
[SECURITY] Fedora 40 Update: openvpn-2.6.11-1.fc40
OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...
7AI Score
EPSS
F5 Networks BIG-IP : Libexpat vulnerability (K000139525)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000139525 advisory. In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in ...
7.5CVSS
7.4AI Score
0.004EPSS
F5 Networks BIG-IP : Spectre SWAPGS gadget vulnerability (K31085564)
The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.5 / 14.1.2.7 / 15.0.1.4 / 15.1.0.5 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K31085564 advisory. An information disclosure vulnerability exists when certain central processing...
5.6CVSS
6.8AI Score
0.001EPSS
F5 Networks BIG-IP : Appliance mode tmsh vulnerability (K87659521)
On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, Administrator and Resource Administrator roles might exploit TMSH access to bypass Appliance Mode restrictions on BIG-IP systems. (CVE-2019-6615) Impact Attackers can gain access to an Advanced Shell (...
4.9CVSS
5.3AI Score
0.001EPSS
F5 Networks BIG-IP : BIG-IP iControl REST API vulnerability (K32544615)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.9 / 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K32544615 advisory. When BIG-IP is deployed in high availability (HA) and an iControl REST API token is updated, the change ...
7.2CVSS
7.2AI Score
0.0004EPSS
Security Advisory 0098 _._CSAF PDF Date: June 25, 2024 Revision | Date | Changes ---|---|--- 1.0 | June 25, 2024 | Initial release The CVE-ID tracking this issue: CVE-2024-4578 CVSSv3.1 Base Score: 8.4 (CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H) Common Weakness Enumeration: CWE-77 Improper...
8.4CVSS
7AI Score
0.0004EPSS
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTTP_USER_AGENT header in all versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers....
6.1CVSS
6.1AI Score
0.0004EPSS
School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting
School Dormitory Management System 1.0 contains an authenticated cross-site scripting vulnerability in admin/inc/navigation.php:126. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based....
6.1CVSS
6.1AI Score
0.001EPSS
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.3 via the 'nxs_getExpSettings' function. This makes it possible for authenticated attackers, with subscriber access and above, to extract...
8.5CVSS
8.2AI Score
0.001EPSS
Palo Alto Networks PAN-OS 10.1.x < 10.1.12 / 10.2.x < 10.2.8 / 11.0.x < 11.0.4 Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.12 or 10.2.x prior to 10.2.8 or 11.0.x prior to 11.0.4. It is, therefore, affected by a vulnerability. A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an...
5.3CVSS
5.2AI Score
0.0004EPSS
Netmaker - Hardcoded DNS Secret Key
Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0.18.6, hardcoded DNS key usage has been found in Netmaker allowing unauth users to interact with DNS API...
7.5CVSS
7.4AI Score
0.089EPSS
Juniper J-Web - Remote Code Execution
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain environments variables to execute remote...
9.8CVSS
7.7AI Score
0.966EPSS
F5 Networks BIG-IP : Apache HTTPD vulnerability (K000139764)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000139764 advisory. Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split...
6.5AI Score
0.0004EPSS
F5 Networks BIG-IP : Python vulnerability (K000139685)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000139685 advisory. An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before...
5.3CVSS
7.2AI Score
0.0005EPSS
F5 Networks BIG-IP : BIG-IP Resource Administrator vulnerability (K38941195)
On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, a user with the Resource Administrator role is able to overwrite sensitive low-level files (such as /etc/passwd) using SFTP to modify user permissions, without Advanced Shell access. This is contrary to.....
6.5CVSS
6.4AI Score
0.001EPSS
NodeBB XML-RPC Request xmlrpc.php - XML Injection
A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC...
9.8CVSS
9.9AI Score
0.517EPSS
TIBCO JasperReports Library - Directory Traversal
The default server implementation of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for...
6.5CVSS
6.6AI Score
0.503EPSS