7.4AI Score
7.4AI Score
WordPress Mail Masta 1.0 - Local File Inclusion
WordPress Mail Masta 1.0 is susceptible to local file inclusion in count_of_send.php and...
7.5CVSS
7.4AI Score
0.011EPSS
7.4AI Score
IntelBroker Leaks Alleged National Security Data Tied to US Contractor Acuity Inc.
By Waqas The leaked data was previously being sold by the IntelBroker hacker for just $3,000 in Monero (XMR) cryptocurrency. This is a post from HackRead.com Read the original post: IntelBroker Leaks Alleged National Security Data Tied to US Contractor Acuity...
7.2AI Score
8.5AI Score
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Unmap the surface before resetting it on a plane state Switch to a new plane state requires unreferencing of all held surfaces. In the work required for mob cursors the mapped surfaces started being cached but the...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() The voice allocator sometimes begins allocating from near the end of the array and then wraps around, however snd_emu10k1_pcm_channel_alloc() accesses the.....
7.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Unmap the surface before resetting it on a plane state Switch to a new plane state requires unreferencing of all held surfaces. In the work required for mob cursors the mapped surfaces started being cached but the...
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and disk_release() For avoiding to slow down queue destroy, we don't call blk_mq_quiesce_queue() in blk_cleanup_queue(), instead of delaying to cancel dispatch work in.....
6.3AI Score
0.0004EPSS
playSMS <1.4.3 - Remote Code Execution
PlaySMS before version 1.4.3 is susceptible to remote code execution because it double processes a server-side...
9.8CVSS
9.7AI Score
0.958EPSS
FreeBSD : ISC KEA -- Multiple vulnerabilities (20b92374-d62a-11e9-af73-001b217e4ee5)
Internet Systems Consortium, Inc. reports : A packet containing a malformed DUID can cause the kea-dhcp6 server to terminate (CVE-2019-6472) [Medium] An invalid hostname option can cause the kea-dhcp4 server to terminate (CVE-2019-6473) [Medium] An oversight when validating incoming client...
6.5CVSS
6.3AI Score
0.002EPSS
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-059)
The version of kernel installed on the remote host is prior to 5.4.268-181.368. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-059 advisory. 2024-06-06: CVE-2023-52698 was added to this advisory. 2024-06-06: CVE-2023-52464 was added to this...
7.8CVSS
7.8AI Score
0.001EPSS
JVN#60331535: WordPress plugin "SiteGuard WP Plugin" may leak the customized path to the login page
WordPress plugin "SiteGuard WP Plugin" provided by EG Secure Solutions Inc. provides a functionality to customize the path to the login page wp-login.php. The plugin implements a measure to avoid redirection from other URLs, but missed to implement a measure to avoid redirection from...
6.6AI Score
0.001EPSS
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the ./inc/kiosks.inc...
7AI Score
0.0004EPSS
RHEL 5 : ghostscript (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ghostscript: /invalidaccess bypass after failed restore (699654) (CVE-2018-16509) ghostscript: Safer...
9.6AI Score
0.973EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in W3 Eden, Inc. Premium Packages allows Reflected XSS.This issue affects Premium Packages: from n/a through...
7.1CVSS
9.3AI Score
0.0004EPSS
7.4AI Score
7.4AI Score
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in W3 Eden, Inc. Premium Packages allows Reflected XSS.This issue affects Premium Packages: from n/a through...
7.1CVSS
6.9AI Score
0.0004EPSS
CVE-2024-29924 WordPress Premium Packages plugin <= 5.8.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in W3 Eden, Inc. Premium Packages allows Reflected XSS.This issue affects Premium Packages: from n/a through...
7.1CVSS
7.1AI Score
0.0004EPSS
7.4AI Score
7.4AI Score
About the security content of macOS Ventura 13.6.7
About the security content of macOS Ventura 13.6.7 This document describes the security content of macOS Ventura 13.6.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
7.8CVSS
8.1AI Score
0.002EPSS
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-036)
The version of kernel installed on the remote host is prior to 5.15.148-97.158. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2024-036 advisory. 2024-06-06: CVE-2023-52698 was added to this advisory. 2024-05-09: CVE-2024-26586 was added to this...
7.8CVSS
7.9AI Score
0.001EPSS
Gentoo Security Advisory GLSA 201201-19 (acroread)
The remote host is missing updates announced in advisory GLSA...
9.8CVSS
9.1AI Score
0.969EPSS
Gentoo Security Advisory GLSA 201101-09 (adobe-flash)
The remote host is missing updates announced in advisory GLSA...
7.8CVSS
8.1AI Score
0.969EPSS
Gentoo Security Advisory GLSA 201101-08 (acroread)
The remote host is missing updates announced in advisory GLSA...
7.3CVSS
8AI Score
0.969EPSS
RedHat Security Advisory RHSA-2009:1188
The remote host is missing updates announced in advisory RHSA-2009:1188. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. Multiple security flaws were found in the way Flash Player displayed certain SWF content. An attacker could use these...
7.8CVSS
8.2AI Score
0.559EPSS
RedHat Security Advisory RHSA-2009:1189
The remote host is missing updates announced in advisory RHSA-2009:1189. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. Multiple security flaws were found in the way Flash Player displayed certain SWF content. An attacker could use these...
7.8CVSS
8.2AI Score
0.559EPSS
The remote host is missing an update to the system as announced in the referenced...
9.8CVSS
9AI Score
0.969EPSS
Debian Security Advisory DSA 105-1 (enscript)
The remote host is missing an update to enscript announced via advisory DSA...
6.7AI Score
0.0004EPSS
FreeBSD Ports: linux-flashplugin
The remote host is missing an update to the system as announced in the referenced...
7.8CVSS
7.8AI Score
0.972EPSS
Gentoo Security Advisory GLSA 201006-18 (sun-jre-bin sun-jdk emul-linux-x86-java)
The remote host is missing updates announced in advisory GLSA...
9.8CVSS
8.2AI Score
0.97EPSS
Gentoo Security Advisory GLSA 201009-05 (acroread)
The remote host is missing updates announced in advisory GLSA...
8.8CVSS
8.5AI Score
0.975EPSS
Gentoo Security Advisory GLSA 200803-01 (acroread)
The remote host is missing updates announced in advisory GLSA...
9.8CVSS
8.8AI Score
0.972EPSS
FreeBSD Ports: linux-flashplugin
The remote host is missing an update to the system as announced in the referenced...
7.8CVSS
8.2AI Score
0.873EPSS
Gentoo Security Advisory GLSA 200908-04 (adobe-flash acroread)
The remote host is missing updates announced in advisory GLSA...
7.8CVSS
7.8AI Score
0.559EPSS
7.4AI Score
Debian Security Advisory DSA 279-1 (metrics)
The remote host is missing an update to metrics announced via advisory DSA...
6.6AI Score
0.0004EPSS
Debian Security Advisory DSA 296-1 (kdebase)
The remote host is missing an update to kdebase announced via advisory DSA...
6.4AI Score
0.082EPSS
This plugin attempts to determine the presence of various common dirs on the remote web...
9.9CVSS
8.1AI Score
0.975EPSS
Debian Security Advisory DSA 063-1 (xinetd)
The remote host is missing an update to xinetd announced via advisory DSA...
6.6AI Score
0.319EPSS
Debian Security Advisory DSA 090-1 (xtel)
The remote host is missing an update to xtel announced via advisory DSA...
7.4AI Score
RHEL 6 : ghostscript (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ghostscript: Safer mode bypass by .forceput exposure in setsystemparams (701443) (CVE-2019-14813) ...
9.8AI Score
0.017EPSS
Debian Security Advisory DSA 284-1 (kdegraphics)
The remote host is missing an update to kdegraphics announced via advisory DSA...
6.4AI Score
0.082EPSS
Debian Security Advisory DSA 608-1 (zgv)
The remote host is missing an update to zgv announced via advisory DSA...
6.4AI Score
0.12EPSS
Debian Security Advisory DSA 231-1 (dhcp3)
The remote host is missing an update to dhcp3 announced via advisory DSA...
6.5AI Score
0.135EPSS
Debian Security Advisory DSA 293-1 (kdelibs)
The remote host is missing an update to kdelibs announced via advisory DSA...
6.4AI Score
0.082EPSS
Debian Security Advisory DSA 026-1 (bind)
The remote host is missing an update to bind announced via advisory DSA...
6.5AI Score
0.189EPSS