NAME__________GLPI cross-site scriptingPlatforms Affected:GLPI GLPI 9.4.0 GLPI GLPI 10.0.7Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________GLPI is vulnerable to cross-site scripting, caused by improper...
NAME__________Outline cross-site scriptingPlatforms Affected:outline outline 0.70.0Risk Level:6.3Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Outlin is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
NAME__________Tyan S5552 BMC man-in-the-middlePlatforms Affected:Tyan S5552 BMC 3.00Risk Level:6.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Tyan S5552 BMC is vulnerable to a man-in-the-middle attack, caused...
NAME__________GLPI information disclosurePlatforms Affected:GLPI GLPI 10.0.7 GLPI GLPI 0.68Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________GLPI could allow a remote authenticated attacker to obtain...
NAME__________AMI MegaRAC SPX weak securityPlatforms Affected:AMI MegaRAC SPX 12 AMI MegaRAC SPX 13Risk Level:7.6Exploitability:UnprovenConsequences:Other DESCRIPTION__________AMI MegaRAC SPX could provide weaker...
NAME__________Sanitize cross-site scriptingPlatforms Affected:Sanitize Sanitize 6.0.1Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Sanitize is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
NAME__________SQLFluff code executionPlatforms Affected:SQLFluff SQLFluff 2.1.1Risk Level:6.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________SQLFluff could allow a local authenticated attacker to execute arbitrary code on...
NAME__________Apache Johnzon denial of servicePlatforms Affected:Apache Johnzon 1.2.20Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Apache Johnzon is vulnerable to a denial of service,...
NAME__________IBM Db2 denial of servicePlatforms Affected:IBM DB2 for Linux UNIX and Windows 11.1 IBM DB2 for Linux UNIX and Windows...
NAME__________Apache Camel JIRA information disclosurePlatforms Affected:Apache Camel JIRA 3.0.0 Apache Camel JIRA 3.14.8 Apache Camel JIRA 3.18.0 Apache Camel JIRA...
NAME__________IBM Db2 information disclosurePlatforms Affected:IBM DB2 for Linux UNIX and Windows 10.5 IBM DB2 for Linux UNIX and Windows 11.1...
NAME__________Apache MINA SSHD information disclosurePlatforms Affected:Apache MINA SSHD 2.9.2 Apache MINA SSHD 1.0.0Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apache MINA SSHD could allow...
NAME__________IBM Watson Knowledge Catalog denial of servicePlatforms Affected:IBM Watson Knowledge Catalog on-prem 4.0Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________IBM Watson Knowledge Catalog...
NAME__________Sentry information disclosurePlatforms Affected:Sentry Sentry 23.6.0 Sentry Sentry 23.6.1Risk Level:6.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Sentry could allow a remote attacker to obtain sensitive...
NAME__________IBM Db2 audit loggingPlatforms Affected:IBM DB2 for Linux UNIX and Windows 10.5 IBM DB2 for Linux UNIX and Windows 11.1...
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-1786A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in...
BianLian Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Security researchers observed a new campaign they attribute to the Charming Kitten APT group where hackers used new NokNok malware that...
2023 CWE Top 25 Most Dangerous Software Weaknesses The Homeland Security Systems Engineering and Development Institute, sponsored by the Department...
DoS and DDoS Attacks against Multiple Sectors CISA is aware of open-source reporting of targeted denial-of-service (DoS) and distributed denial-of-service...
CISA Releases Nine Industrial Control Systems Advisories CISA released nine Industrial Control Systems (ICS) advisories on June 29, 2023. These...
CISA and NSA Release Joint Guidance on Defending Continuous Integration/Continuous Delivery (CI/CD) Environments Today, CISA, together with the National Security...
CISA Adds Eight Known Exploited Vulnerabilities to Catalog CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
Mozilla Releases Security Advisories for Thunderbird, Firefox, and Firefox ESR Mozilla has released security advisories to address vulnerabilities in Thunderbird,...
