PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS
PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS RM3/CRS dispenser firmware (all versions up to and including 41128 1002 RM3_CRS.BTR + 170329 2332 RM3_CRS.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...
2.1AI Score
PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5
PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5 CMDv5 dispenser firmware (all versions up to and including 141128 1002 CD5_ATM.BTR + 170329 2332 CD5_ATM.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...
2.1AI Score
The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ajax_load_more shortcode in versions up to, and including, 7.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,.....
5.9AI Score
footballniagara.com Cross Site Scripting vulnerability OBB-3931954
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Social Profiles widget in all versions up to, and including, 3.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...
5.9AI Score
helensdeli.com Cross Site Scripting vulnerability OBB-3931953
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
leblanccontracting.ca Cross Site Scripting vulnerability OBB-3931952
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
webmaster-freelance-paris.fr Cross Site Scripting vulnerability OBB-3931951
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
site-internet-pas-cher.eu Cross Site Scripting vulnerability OBB-3931950
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
lalambresienne.fr Cross Site Scripting vulnerability OBB-3931949
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
outdooractive.com Cross Site Scripting vulnerability OBB-3931948
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
6.3AI Score
0.019EPSS
continentalpancakehouse.com Cross Site Scripting vulnerability OBB-3931947
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
niagarafallsoptimist.ca Cross Site Scripting vulnerability OBB-3931946
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
luposlittleeataly.com Cross Site Scripting vulnerability OBB-3931945
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
queenscoachrestaurant.com Cross Site Scripting vulnerability OBB-3931944
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
svabinsurance.com Cross Site Scripting vulnerability OBB-3931943
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
hoopsalytics.com Cross Site Scripting vulnerability OBB-3931942
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore database activity modules and direct access to the web server outside of the Moodle webroot could execute a local file...
7AI Score
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore wiki modules and direct access to the web server outside of the Moodle webroot could execute a local file...
7AI Score
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore workshop modules and direct access to the web server outside of the Moodle webroot could execute a local file...
7AI Score
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore feedback modules and direct access to the web server outside of the Moodle webroot could execute a local file...
7AI Score
7.2AI Score
0.0004EPSS
yardmastersniagara.com Cross Site Scripting vulnerability OBB-3931941
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
summerofloveconcert.com Cross Site Scripting vulnerability OBB-3931940
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
italianicecream.ca Cross Site Scripting vulnerability OBB-3931938
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
riverrapidsinn.com Cross Site Scripting vulnerability OBB-3931937
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
greekonportage.com Cross Site Scripting vulnerability OBB-3931936
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
daverotella.com Cross Site Scripting vulnerability OBB-3931935
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
eccdc.org Cross Site Scripting vulnerability OBB-3931934
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
yowdesign.com Cross Site Scripting vulnerability OBB-3931932
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
excelsos.com.ar Cross Site Scripting vulnerability OBB-3931931
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
lcs-engineering.com Cross Site Scripting vulnerability OBB-3931930
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
institutchopin.com Cross Site Scripting vulnerability OBB-3931926
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
New! Insight Agent Support for ARM-based Windows in InsightVM
We are pleased to introduce Insight Agent support of ARM-based Windows 11 devices for both vulnerability and policy assessment within InsightVM. Customers with Windows 11 devices powered by ARM processors can now take advantage of the great performance and lower power requirements of these chips...
7.1AI Score
Metasploit Weekly Wrap-Up 05/31/2024
Quis dīrumpet ipsos dīrumpēs In this release, we feature a double-double: two exploits each targeting two pieces of software. The first pair is from h00die targeting the Jasmine Ransomeware Web Server. The first uses CVE-2024-30851 to retrieve the login for the ransomware server, and the second...
8.3AI Score
0.005EPSS
Updated netatalk packages fix security vulnerability
The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary...
7.1AI Score
0.007EPSS
Updated openssl packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Excessive time spent checking DSA keys and parameters. (CVE-2024-4603) Use After Free with SSL_free_buffers....
7.1AI Score
0.0004EPSS
Updated python-jinja2 packages fix security vulnerabilities
It was discovered that Jinja2 incorrectly handled certain HTML attributes that were accepted by the xmlattr filter. An attacker could use this issue to inject arbitrary HTML attribute keys and values to potentially execute a cross-site scripting (XSS)...
6.3AI Score
0.001EPSS
[SECURITY] [DSA 5701-1] chromium security update
Debian Security Advisory DSA-5701-1 [email protected] https://www.debian.org/security/ Andres Salomon May 31, 2024 https://www.debian.org/security/faq Package : chromium CVE ID : CVE-2024-5493 CVE-2024-5494...
7.3AI Score
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary...
8.3AI Score
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary...
8.7AI Score
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary...
8.3AI Score
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary...
8.7AI Score
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary...
8.3AI Score
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary...
8.7AI Score
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary...
8.7AI Score
A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated permissions in Ivanti EPM 2021.1 and...
8.3AI Score
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary...
8.3AI Score
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary...
8.7AI Score