CVE-2024-4547 Delta Electronics DIAEnergie Unauthenticated SQL Injection
A SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a 'RecalculateScript' message, which is splitted into 4 fields using the '~' character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth...
9.8CVSS
7.1AI Score
0.0004EPSS
wap-co-nop-sitiowebsc.azurewebsites.net Cross Site Scripting vulnerability OBB-3852309
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
WPQA < 6.1.1 - Arbitrary Category and Tag Follow/Unfollow via CSRF
Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF...
6.8AI Score
EPSS
CVE-2024-4547 Delta Electronics DIAEnergie Unauthenticated SQL Injection
A SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe processes a 'RecalculateScript' message, which is splitted into 4 fields using the '~' character as the separator. An unauthenticated remote attacker can perform SQLi via the fourth...
9.8CVSS
9.7AI Score
0.0004EPSS
HTTP/2 HPACK integer overflow and buffer allocation
An integer overflow in MetaDataBuilder.checkSize allows for HTTP/2 HPACK header values to exceed their size limit. In MetaDataBuilder.java, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: java 291 public void...
7.5CVSS
7.4AI Score
0.004EPSS
Description The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the stopbadbots_get_ajax_data() function in all versions up to, and including, 10.23. This makes it.....
4.3CVSS
6.4AI Score
0.0004EPSS
Schneider Electric InTouch Machine Edition Detection
The remote host has Schneider Electric InTouch Machine Edition installed. This is an application development and maintenance software for wireless SCADA...
1.1AI Score
Schneider Electric Multiple Products Buffer Overflow
The remote host has Schneider Electric software installed that is affected by a stack-based buffer overflow vulnerability in file 'isObjectModel.dll' of the DTM development kit. This flaw can be exploited by a remote attacker to execute arbitrary...
3.4AI Score
Improper access control vulnerability exists in the resident process of SKYSEA Client View versions from Ver.11.220 prior to Ver.19.2. If this vulnerability is exploited, an arbitrary process may be executed with SYSTEM privilege by a user who can log in to the PC where the product's Windows...
6.8AI Score
0.0004EPSS
Schneider Electric InduSoft Web Studio Detection
The remote host is running Schneider Electric InduSoft Web Studio, a software application for managing and monitoring remote SCADA...
0.8AI Score
A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of Cryptopp Crypto++ 8.9, allows an attacker to co-reside in the same system with a victim process to disclose information and escalate...
7.4AI Score
EPSS
CVE-2024-4610 Mali GPU Kernel Driver allows improper GPU memory processing operations
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0;...
7AI Score
0.213EPSS
CVE-2024-34033 Path Traversal vulnerability in Delta Electronics DIAEnergie
Delta Electronics DIAEnergie has insufficient input validation which makes it possible to perform a path traversal attack and write outside of the intended directory. If a file name is specified that already exists on the file system, then the original file will be...
8.8CVSS
6.8AI Score
0.0004EPSS
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0;...
5.5CVSS
0.213EPSS
CVE-2024-4610 Mali GPU Kernel Driver allows improper GPU memory processing operations
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0;...
0.213EPSS
python-blivet bug fix and enhancement update
An update is available for python-blivet. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
6.8AI Score
weldr-client bug fix and enhancement update
An update is available for weldr-client. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
6.8AI Score
python3.12-pyyaml bug fix and enhancement update
An update is available for python3.12-pyyaml. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky....
6.8AI Score
python3.12-requests bug fix and enhancement update
An update is available for python3.12-requests. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
6.8AI Score
c-ares bug fix and enhancement update
An update is available for c-ares. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.10....
6.8AI Score
kexec-tools bug fix and enhancement update
An update is available for kexec-tools. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux....
6.8AI Score
Moderate: podman security and bug fix update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: podman: jose-go: improper handling of highly compressed data (CVE-2024-28180) podman:...
4.9CVSS
7.1AI Score
0.0005EPSS
gtk-vnc bug fix and enhancement update
An update is available for gtk-vnc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...
6.8AI Score
python3.12-pip bug fix and enhancement update
An update is available for python3.12-pip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
6.8AI Score
net-snmp bug fix and enhancement update
An update is available for net-snmp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...
6.8AI Score
python-urllib3 bug fix and enhancement update
An update is available for python-urllib3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
6.8AI Score
Moderate: podman security and bug fix update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: podman: jose-go: improper handling of highly compressed data (CVE-2024-28180) podman:...
4.9CVSS
5.3AI Score
0.0005EPSS
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0;...
Moderate: podman security and bug fix update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: podman: jose-go: improper handling of highly compressed data (CVE-2024-28180) podman:...
4.9CVSS
5.5AI Score
0.0005EPSS
A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of Cryptopp Crypto++ 8.9, allows an attacker to co-reside in the same system with a victim process to disclose information and escalate...
7.6AI Score
EPSS
Important: tomcat security and bug fix update
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) Bug Fix(es): Rebase tomcat to...
6.6AI Score
0.0004EPSS
rpm-ostree bug fix and enhancement update
An update is available for rpm-ostree. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The rpm-ostree tool binds together the RPM packaging model with the...
7.4AI Score
grafana-pcp bug fix and enhancement update
An update is available for grafana-pcp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list grafana-pcp is an open source Grafana plugin for PCP. Bug Fix(es) and...
7.5CVSS
7.7AI Score
0.0005EPSS
ansible-freeipa bug fix and enhancement update
An update is available for ansible-freeipa. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
6.8AI Score
python3.12-lxml bug fix and enhancement update
An update is available for python3.12-lxml. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
6.8AI Score
gnome-shell bug fix and enhancement update
An update is available for gnome-shell. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux....
6.8AI Score
python3.12-cffi bug fix and enhancement update
An update is available for python3.12-cffi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
6.8AI Score
python-pip bug fix and enhancement update
An update is available for python-pip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux.....
6.8AI Score
kernel security, bug fix, and enhancement update
An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating....
9.8CVSS
7.4AI Score
EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Hosting Pay with Vipps and MobilePay for WooCommerce allows Stored XSS.This issue affects Pay with Vipps and MobilePay for WooCommerce: from n/a through...
6.5CVSS
5.5AI Score
0.0004EPSS
Moderate: buildah security and bug fix update
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...
4.9CVSS
7.2AI Score
0.0005EPSS
Moderate: virt:rhel and virt-devel:rhel security update
Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the....
6.2CVSS
6.7AI Score
0.001EPSS
poppler-data bug fix and enhancement update
An update is available for poppler-data. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
6.8AI Score
go-toolset:rhel8 bug fix and enhancement update
An update is available for delve, module.delve. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
6.8AI Score
python3.11-pip bug fix and enhancement update
An update is available for python3.11-pip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
6.8AI Score
fence-agents security and bug fix update
An update is available for fence-agents. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fence-agents packages provide a collection of scripts for handling.....
6.1CVSS
6.8AI Score
0.001EPSS
smc-tools bug fix and enhancement update
An update is available for smc-tools. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...
6.8AI Score
ADP Grant - Intent mismatch between Intent.toUri and Intent.parseUri
In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.4AI Score
0.0004EPSS
Moderate: buildah security and bug fix update
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...
4.9CVSS
5.5AI Score
0.0005EPSS
Moderate: buildah security and bug fix update
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...
4.9CVSS
5.4AI Score
0.0005EPSS