CVE-2023-52644 wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled
In the Linux kernel, the following vulnerability has been resolved: wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled When QoS is disabled, the queue priority value will not map to the correct ieee80211 queue since there is only one queue. Stop/wake queue 0 when QoS is...
7.2AI Score
0.0004EPSS
CVE-2024-26743 RDMA/qedr: Fix qedr_create_user_qp error flow
In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix qedr_create_user_qp error flow Avoid the following warning by making sure to free the allocated resources in case that qedr_init_user_queue() fail. -----------[ cut here ]----------- WARNING: CPU: 0 PID: 143192 at...
6.7AI Score
0.0004EPSS
WordPress EasyCart <2.0.6 - Information Disclosure
WordPress EasyCart plugin before 2.0.6 contains an information disclosure vulnerability. An attacker can obtain configuration information via a direct request to inc/admin/phpinfo.php, which calls the phpinfo...
6AI Score
0.028EPSS
A potential security vulnerability has been identified in the HP Application Enabling Software Driver for certain HP PC products, which might allow escalation of privilege. HP is releasing software updates to mitigate this potential...
7.1AI Score
0.0004EPSS
MyBB is a free and open source forum software. The default list of disallowed remote hosts does not contain the 127.0.0.0/8 block, which may result in a Server-Side Request Forgery (SSRF) vulnerability. The Configuration File's Disallowed Remote Addresses list...
5CVSS
5.3AI Score
0.001EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Bond Code Insert Manager (Q2W3 Inc Manager) allows Reflected XSS.This issue affects Code Insert Manager (Q2W3 Inc Manager): from n/a through...
5.8CVSS
5.8AI Score
0.0004EPSS
The WP Datepicker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdp_add_new_datepicker_ajax() function in all versions up to, and including, 2.1.0. This makes it possible for authenticated attackers, with subscriber-level access...
8.8CVSS
8.4AI Score
0.001EPSS
Memory corruption when multiple listeners are being registered with the same file...
6.7CVSS
7.1AI Score
0.0004EPSS
8.4CVSS
7.1AI Score
0.001EPSS
8.4CVSS
7.2AI Score
0.001EPSS
6.8CVSS
6.7AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Unmap the surface before resetting it on a plane state Switch to a new plane state requires unreferencing of all held surfaces. In the work required for mob cursors the mapped surfaces started being cached but the...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtime_map when allocated priv.runtime_map is only allocated when efi_novamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...
7AI Score
0.0004EPSS
CVE-2023-52648 drm/vmwgfx: Unmap the surface before resetting it on a plane state
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Unmap the surface before resetting it on a plane state Switch to a new plane state requires unreferencing of all held surfaces. In the work required for mob cursors the mapped surfaces started being cached but the...
6.6AI Score
0.0004EPSS
7.4AI Score
7.4AI Score
WordPress Mail Masta 1.0 - Local File Inclusion
WordPress Mail Masta 1.0 is susceptible to local file inclusion in count_of_send.php and...
7.5CVSS
7.4AI Score
0.011EPSS
IntelBroker Leaks Alleged National Security Data Tied to US Contractor Acuity Inc.
By Waqas The leaked data was previously being sold by the IntelBroker hacker for just $3,000 in Monero (XMR) cryptocurrency. This is a post from HackRead.com Read the original post: IntelBroker Leaks Alleged National Security Data Tied to US Contractor Acuity...
7.2AI Score
7.4AI Score
8.5AI Score
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Unmap the surface before resetting it on a plane state Switch to a new plane state requires unreferencing of all held surfaces. In the work required for mob cursors the mapped surfaces started being cached but the...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() The voice allocator sometimes begins allocating from near the end of the array and then wraps around, however snd_emu10k1_pcm_channel_alloc() accesses the.....
7.3AI Score
0.0004EPSS
playSMS <1.4.3 - Remote Code Execution
PlaySMS before version 1.4.3 is susceptible to remote code execution because it double processes a server-side...
9.8CVSS
9.7AI Score
0.958EPSS
In the Linux kernel, the following vulnerability has been resolved: blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and disk_release() For avoiding to slow down queue destroy, we don't call blk_mq_quiesce_queue() in blk_cleanup_queue(), instead of delaying to cancel dispatch work in.....
6.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Unmap the surface before resetting it on a plane state Switch to a new plane state requires unreferencing of all held surfaces. In the work required for mob cursors the mapped surfaces started being cached but the...
6.4AI Score
0.0004EPSS
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-059)
The version of kernel installed on the remote host is prior to 5.4.268-181.368. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-059 advisory. 2024-06-06: CVE-2023-52698 was added to this advisory. 2024-06-06: CVE-2023-52464 was added to this...
7.8CVSS
7.8AI Score
0.001EPSS
FreeBSD : ISC KEA -- Multiple vulnerabilities (20b92374-d62a-11e9-af73-001b217e4ee5)
Internet Systems Consortium, Inc. reports : A packet containing a malformed DUID can cause the kea-dhcp6 server to terminate (CVE-2019-6472) [Medium] An invalid hostname option can cause the kea-dhcp4 server to terminate (CVE-2019-6473) [Medium] An oversight when validating incoming client...
6.5CVSS
6.3AI Score
0.002EPSS
JVN#60331535: WordPress plugin "SiteGuard WP Plugin" may leak the customized path to the login page
WordPress plugin "SiteGuard WP Plugin" provided by EG Secure Solutions Inc. provides a functionality to customize the path to the login page wp-login.php. The plugin implements a measure to avoid redirection from other URLs, but missed to implement a measure to avoid redirection from...
6.6AI Score
0.001EPSS
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the ./inc/kiosks.inc...
7AI Score
0.0004EPSS
RHEL 5 : ghostscript (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ghostscript: /invalidaccess bypass after failed restore (699654) (CVE-2018-16509) ghostscript: Safer...
9.6AI Score
0.973EPSS
7.4AI Score
7.4AI Score
7.4AI Score
7.4AI Score
Gentoo Security Advisory GLSA 201201-19 (acroread)
The remote host is missing updates announced in advisory GLSA...
9.8CVSS
9.1AI Score
0.969EPSS
Gentoo Security Advisory GLSA 201101-09 (adobe-flash)
The remote host is missing updates announced in advisory GLSA...
7.8CVSS
8.1AI Score
0.969EPSS
Gentoo Security Advisory GLSA 201101-08 (acroread)
The remote host is missing updates announced in advisory GLSA...
7.3CVSS
8AI Score
0.969EPSS
RedHat Security Advisory RHSA-2009:1188
The remote host is missing updates announced in advisory RHSA-2009:1188. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. Multiple security flaws were found in the way Flash Player displayed certain SWF content. An attacker could use these...
7.8CVSS
8.2AI Score
0.559EPSS
RedHat Security Advisory RHSA-2009:1189
The remote host is missing updates announced in advisory RHSA-2009:1189. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. Multiple security flaws were found in the way Flash Player displayed certain SWF content. An attacker could use these...
7.8CVSS
8.2AI Score
0.559EPSS
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-036)
The version of kernel installed on the remote host is prior to 5.15.148-97.158. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2024-036 advisory. 2024-06-06: CVE-2023-52698 was added to this advisory. 2024-05-09: CVE-2024-26586 was added to this...
7.8CVSS
7.9AI Score
0.001EPSS
About the security content of macOS Ventura 13.6.7
About the security content of macOS Ventura 13.6.7 This document describes the security content of macOS Ventura 13.6.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
7.8CVSS
8.1AI Score
0.002EPSS
The remote host is missing an update to the system as announced in the referenced...
9.8CVSS
9AI Score
0.969EPSS
Debian Security Advisory DSA 105-1 (enscript)
The remote host is missing an update to enscript announced via advisory DSA...
6.7AI Score
0.0004EPSS
FreeBSD Ports: linux-flashplugin
The remote host is missing an update to the system as announced in the referenced...
7.8CVSS
8.2AI Score
0.873EPSS
Gentoo Security Advisory GLSA 200908-04 (adobe-flash acroread)
The remote host is missing updates announced in advisory GLSA...
7.8CVSS
7.8AI Score
0.559EPSS
FreeBSD Ports: linux-flashplugin
The remote host is missing an update to the system as announced in the referenced...
7.8CVSS
7.8AI Score
0.972EPSS
Gentoo Security Advisory GLSA 201006-18 (sun-jre-bin sun-jdk emul-linux-x86-java)
The remote host is missing updates announced in advisory GLSA...
9.8CVSS
8.2AI Score
0.97EPSS
Gentoo Security Advisory GLSA 201009-05 (acroread)
The remote host is missing updates announced in advisory GLSA...
8.8CVSS
8.5AI Score
0.975EPSS
Gentoo Security Advisory GLSA 200803-01 (acroread)
The remote host is missing updates announced in advisory GLSA...
9.8CVSS
8.8AI Score
0.972EPSS
7.4AI Score