CVEs Published
What's new in SecDB 24.8
2024-08-12This new version of SecDB brings new features and improvements. Added CVSS v4.0 support Last November 2023, the final specifications for CVSS v4.0 were released by FIRST and organizations and vendors began adopting the new standard for determining vulnerability severity. In late June 2024, NIST...
CWE 4.14 is available
2024-03-01MITRE has released version 4.14 of the Common Weakness Enumeration (CWE) with a new weakness for "Hardware Micro Architectures", a view for "ISA/IEC 62443 Requirements", and new demonstrative examples from "HACK@DAC". Changes in 4.14 New Waknesses: CWE-1420: Exposure of Sensitive Information du...
What's new in SecDB 24.2
2024-02-29This new version of SecDB brings new features and improvements. Polished UI, improved support for EPSS, Web & Social references (from Reddit and Mastodon) in CVEs, new Security Advisories and sections (NASL & NVT and Packages), and much more. Improved the EPSS (Exploit Prediction Scoring System) s...
- What's new in SecDB 22.11 - EPSS, Packages & Software, new Security Advisory feeds... and more! (2022-11-30)
- 2022 CWE Top 25 Most Dangerous Software Weaknesses (2022-06-28)
- CISA Adds 34 Known Exploited Vulnerabilities to Catalog (2022-05-25)
- CISA Adds 20 Known Exploited Vulnerabilities to Catalog (2022-05-24)
- CSIRT Publish 71 known vulnerabilities based on evidence of active exploitation (2022-05-12)
- Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228) (2021-12-13)
- ...all articles
USN-7022-3
2024-10-10Linux kernel vulnerabilities
USN-7060-1
2024-10-10EDK II vulnerabilities
FEDORA-2024-7ee01adadc
2024-10-10Fedora 40: koji
FEDORA-2024-051cf1553e
2024-10-10Fedora 40: xen
FEDORA-2024-020dbf247c
2024-10-10Fedora 39: xen
FEDORA-2024-d85494e836
2024-10-10Fedora 41: firefox
FEDORA-2024-92d80d7f9a
2024-10-10high
Fedora 41: webkit2gtk4.0
FEDORA-2024-a5d6cd9f0a
2024-10-10medium
Fedora 41: unbound
FEDORA-2024-60809cb44e
2024-10-10Fedora 41: xen
SSA:2024-283-01
2024-10-09mozilla-firefox
CVE-2024-8264
2024-10-09CVSS3 5.5 CWE-532
Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password information to the agent...
CVE-2024-9463
2024-10-09CVSS4 9.9 CWE-78
An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitra...
CVE-2024-9464
2024-10-09CVSS4 9.3 CWE-78
An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary...
CVE-2024-9465
2024-10-09CVSS4 9.2 CWE-89
An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition ...
CVE-2024-9466
2024-10-09CVSS4 8.2 CWE-532
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated atta...
CVE-2024-9467
2024-10-09CVSS4 7 CWE-79
A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context ...
CVE-2024-48933
2024-10-09
A cross-site scripting (XSS) vulnerability in LemonLDAP::NG before 2.19.3 allows remote attackers to inject arbitrary we...
CVE-2023-45359
2024-10-09CVSS3 6.5 CWE-116
An issue was discovered in the Vector Skin component for MediaWiki before 1.39.5 and 1.40.x before 1.40.1. vector-toc-to...
CVE-2023-37154
2024-10-09CVSS3 8.4 CWE-77
check_by_ssh in Nagios nagios-plugins 2.4.5 allows arbitrary command execution via ProxyCommand, LocalCommand, and Permi...
CVE-2024-47191
2024-10-09CVSS3 7.1 CWE-22
pam_oath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation because, in the context ...