1. Unity EdgeConnect, NX, VX 2. Unity Orchestrator, 3. EdgeConnect In AWS, Azure, GCP Security Vulnerabilities

PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS

PT-2021-02: Encryption bypass when downloading a firmware update in Diebold-Nixdorf RM3/CRS RM3/CRS dispenser firmware (all versions up to and including 41128 1002 RM3_CRS.BTR + 170329 2332 RM3_CRS.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...

PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5

PT-2021-01: Encryption bypass when downloading a firmware update in Diebold-Nixdorf CMDv5 CMDv5 dispenser firmware (all versions up to and including 141128 1002 CD5_ATM.BTR + 170329 2332 CD5_ATM.FRM) Severity: Severity level: High Encryption bypass when downloading a firmware update in...

angular-workshops.de Cross Site Scripting vulnerability OBB-3932497

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

codecommunity.de Cross Site Scripting vulnerability OBB-3932496

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

dotnetcore.de Cross Site Scripting vulnerability OBB-3932494

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

EvilSlackbot - A Slack Bot Phishing Framework For Red Teaming Exercises

EvilSlackbot A Slack Attack Framework for conducting Red Team and phishing exercises within Slack workspaces. Disclaimer This tool is intended for Security Professionals only. Do not use this tool against any Slack workspace without explicit permission to test. Use at your own risk. Background...

CVE-2024-2178 Path Traversal Vulnerability in parisneo/lollms-webui

A path traversal vulnerability exists in the parisneo/lollms-webui, specifically within the 'copy_to_custom_personas' endpoint in the 'lollms_personalities_infos.py' file. This vulnerability allows attackers to read arbitrary files by manipulating the 'category' and 'name' parameters during the...

Exploit for CVE-2024-25600

CVE-2024-25600 Exploit Tool 🚀 Disclaimer: This tool is...

103.177.225.81 Cross Site Scripting vulnerability OBB-3932489

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

sdhengineering.com Cross Site Scripting vulnerability OBB-3932488

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

willienile.com Cross Site Scripting vulnerability OBB-3932487

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

willowbrooknurseries.com Cross Site Scripting vulnerability OBB-3932486

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

willowlaneconsulting.com Cross Site Scripting vulnerability OBB-3932485

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

dalriadaurgentcare.org.uk Cross Site Scripting vulnerability OBB-3932484

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-5587 Casdoor Configuration File app.conf file access

A vulnerability was found in Casdoor up to 1.335.0. It has been classified as problematic. Affected is an unknown function of the file /conf/app.conf of the component Configuration File Handler. The manipulation leads to files or directories accessible. It is possible to launch the attack...

putnoe.org Cross Site Scripting vulnerability OBB-3932482

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

nemsrota.org.uk Cross Site Scripting vulnerability OBB-3932481

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

partnershealthrota.org.uk Cross Site Scripting vulnerability OBB-3932480

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

ephedrarotas.org Cross Site Scripting vulnerability OBB-3932479

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

mkucsrota.org.uk Cross Site Scripting vulnerability OBB-3932478

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

westernurgentcare.org.uk Cross Site Scripting vulnerability OBB-3932477

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

dgooh.org.uk Cross Site Scripting vulnerability OBB-3932475

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

saucs.org.uk Cross Site Scripting vulnerability OBB-3932474

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2021-21704 affecting package php 7.4.14-3

CVE-2021-21704 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2007-3205 affecting package php 7.4.14-3

CVE-2007-3205 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2011-1429 affecting package mutt 2.2.12-1

CVE-2011-1429 affecting package mutt 2.2.12-1. No patch is available...

CVE-2020-7071 affecting package php 7.4.14-3

CVE-2020-7071 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2007-6353 affecting package exiv2 0.28.0-1

CVE-2007-6353 affecting package exiv2 0.28.0-1. No patch is available...

CVE-1999-0965 affecting package xterm 380-1

CVE-1999-0965 affecting package xterm 380-1. No patch is available...

CVE-2021-21705 affecting package php 7.4.14-3

CVE-2021-21705 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2021-21703 affecting package php 7.4.14-3

CVE-2021-21703 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2020-27827 affecting package lldpd 1.0.4-3

CVE-2020-27827 affecting package lldpd 1.0.4-3. This CVE either no longer is or was never...

CVE-2021-3634 affecting package libssh 0.9.5-2

CVE-2021-3634 affecting package libssh 0.9.5-2. This CVE either no longer is or was never...

CVE-2021-21707 affecting package php 7.4.14-3

CVE-2021-21707 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2011-4966 affecting package freeradius 3.2.3-2

CVE-2011-4966 affecting package freeradius 3.2.3-2. No patch is available...

CVE-2002-0318 affecting package freeradius 3.2.3-2

CVE-2002-0318 affecting package freeradius 3.2.3-2. No patch is available...

CVE-2017-18640 affecting package snakeyaml 1.25-2

CVE-2017-18640 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...

CVE-2021-21702 affecting package php 7.4.14-3

CVE-2021-21702 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2021-37714 affecting package jsoup 1.11.3-3

CVE-2021-37714 affecting package jsoup 1.11.3-3. No patch is available...

CVE-2016-2568 affecting package polkit 0.119-3

CVE-2016-2568 affecting package polkit 0.119-3. No patch is available...

CVE-2023-0215 affecting package hvloader for versions less than 1.0.1-2

CVE-2023-0215 affecting package hvloader for versions less than 1.0.1-2. A patched version of the package is...

CVE-2023-0286 affecting package hvloader for versions less than 1.0.1-2

CVE-2023-0286 affecting package hvloader for versions less than 1.0.1-2. A patched version of the package is...

CVE-2023-39326 affecting package golang for versions less than 1.21.6-1

CVE-2023-39326 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...

CVE-2023-24536 affecting package golang for versions less than 1.21.6-1

CVE-2023-24536 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...

CVE-2023-45284 affecting package golang for versions less than 1.21.6-1

CVE-2023-45284 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...

CVE-2023-44487 affecting package golang for versions less than 1.21.6-1

CVE-2023-44487 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...

CVE-2020-8277 affecting package python-gevent for versions less than 21.1.2-3

CVE-2020-8277 affecting package python-gevent for versions less than 21.1.2-3. A patched version of the package is...

CVE-2023-48795 affecting package moby-engine for versions less than 20.10.27-1

CVE-2023-48795 affecting package moby-engine for versions less than 20.10.27-1. A patched version of the package is...

CVE-2023-48795 affecting package jsch for versions less than 0.1.55-2

CVE-2023-48795 affecting package jsch for versions less than 0.1.55-2. A patched version of the package is...

CVE-2023-44487 affecting package moby-engine for versions less than 20.10.25-2

CVE-2023-44487 affecting package moby-engine for versions less than 20.10.25-2. A patched version of the package is...