1. Unity EdgeConnect, NX, VX 2. Unity Orchestrator, 3. EdgeConnect In AWS, Azure, GCP Security Vulnerabilities

CVE-2024-6059 Ingenico Estate Manager News Feed messages cross site scripting

A vulnerability, which was classified as problematic, has been found in Ingenico Estate Manager 2023. This issue affects some unknown processing of the file /emgui/rest/ums/messages of the component News Feed. The manipulation of the argument message leads to cross site scripting. The attack may...

CVE-2024-6059 Ingenico Estate Manager News Feed messages cross site scripting

A vulnerability, which was classified as problematic, has been found in Ingenico Estate Manager 2023. This issue affects some unknown processing of the file /emgui/rest/ums/messages of the component News Feed. The manipulation of the argument message leads to cross site scripting. The attack may...

motu-almanach.de Cross Site Scripting vulnerability OBB-3935989

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

d-zent-web.de Cross Site Scripting vulnerability OBB-3935987

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

mager-web.de Cross Site Scripting vulnerability OBB-3935986

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

diepianistin.de Cross Site Scripting vulnerability OBB-3935985

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-6058

A vulnerability classified as problematic has been found in LabVantage LIMS 2017. This affects an unknown part of the file /labvantage/rc?command=page&page=SampleHistoricalList&_iframename=list&__crc=crc_1701669816260. The manipulation of the argument height/width leads to cross site scripting. It....

CVE-2024-6056

A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /forgot-password of the component Password Reset Handler. The manipulation of the argument Email leads to observable response...

CVE-2024-6056

A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /forgot-password of the component Password Reset Handler. The manipulation of the argument Email leads to observable response...

CVE-2024-6058

A vulnerability classified as problematic has been found in LabVantage LIMS 2017. This affects an unknown part of the file /labvantage/rc?command=page&page=SampleHistoricalList&_iframename=list&__crc=crc_1701669816260. The manipulation of the argument height/width leads to cross site scripting. It....

CVE-2024-37795

A segmentation fault in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service (DoS) via a crafted SMT-LIB input file containing the set-logic command with specific formatting...

CVE-2024-36973

In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe() When auxiliary_device_add() returns error and then calls auxiliary_device_uninit(), callback function gp_auxiliary_device_release() calls...

CVE-2024-37662

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the...

CVE-2024-37664

Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the...

CVE-2024-37661

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect...

CVE-2024-37663

Redmi router RB03 v1.0.57 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect...

CVE-2024-37795

A segmentation fault in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service (DoS) via a crafted SMT-LIB input file containing the set-logic command with specific formatting...

CVE-2024-37794

Improper input validation in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service (DoS) via a crafted SMT2 input...

CVE-2024-36973

In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe() When auxiliary_device_add() returns error and then calls auxiliary_device_uninit(), callback function gp_auxiliary_device_release() calls...

CVE-2024-37794

Improper input validation in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service (DoS) via a crafted SMT2 input...

CVE-2024-37661

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect...

CVE-2024-37664

Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the...

CVE-2024-37662

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the...

CVE-2024-37663

Redmi router RB03 v1.0.57 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect...

CVE-2018-25103

There exists a use-after-free-vulnerability in lighttpd <= 1.4.50 that can allow access to do a case-insensitive comparison against the reused...

CVE-2018-25103

There exists a use-after-free-vulnerability in lighttpd <= 1.4.50 that can allow access to do a case-insensitive comparison against the reused...

alexander-meinzer.de Cross Site Scripting vulnerability OBB-3935984

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

muelltueten.de Cross Site Scripting vulnerability OBB-3935983

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

guersel-transporte.de Cross Site Scripting vulnerability OBB-3935982

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

remember-cars.de Cross Site Scripting vulnerability OBB-3935980

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2018-25103 Use-after-free vulnerability in lighttpd <= 1.4.50

There exists a use-after-free-vulnerability in lighttpd &lt;= 1.4.50 that can allow access to do a case-insensitive comparison against the reused...

CVE-2024-6058 LabVantage LIMS cross site scripting

A vulnerability classified as problematic has been found in LabVantage LIMS 2017. This affects an unknown part of the file /labvantage/rc?command=page&page=SampleHistoricalList&_iframename=list&__crc=crc_1701669816260. The manipulation of the argument height/width leads to cross site scripting. It....

CVE-2024-36973 misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe()

In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe() When auxiliary_device_add() returns error and then calls auxiliary_device_uninit(), callback function gp_auxiliary_device_release() calls...

CVE-2021-3672 affecting package pgbouncer 1.16.1-1

CVE-2021-3672 affecting package pgbouncer 1.16.1-1. No patch is available...

CVE-2022-2929 affecting package dhcp 4.4.3-3

CVE-2022-2929 affecting package dhcp 4.4.3-3. No patch is available...

CVE-2022-38752 affecting package snakeyaml 1.25-2

CVE-2022-38752 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...

CVE-2022-36069 affecting package poetry 1.0.10-2

CVE-2022-36069 affecting package poetry 1.0.10-2. No patch is available...

CVE-2022-25857 affecting package snakeyaml 1.25-2

CVE-2022-25857 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...

CVE-2022-36033 affecting package jsoup 1.11.3-3

CVE-2022-36033 affecting package jsoup 1.11.3-3. No patch is available...

CVE-2023-48795 affecting package moby-engine for versions less than 20.10.27-1

CVE-2023-48795 affecting package moby-engine for versions less than 20.10.27-1. A patched version of the package is...

CVE-2022-42969 affecting package python-py 1.10.0-3

CVE-2022-42969 affecting package python-py 1.10.0-3. No patch is available...

CVE-2022-31629 affecting package php 7.4.14-3

CVE-2022-31629 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2020-8277 affecting package python-gevent for versions less than 21.1.2-3

CVE-2020-8277 affecting package python-gevent for versions less than 21.1.2-3. A patched version of the package is...

CVE-2023-44487 affecting package golang for versions less than 1.21.6-1

CVE-2023-44487 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...

CVE-2021-21704 affecting package php 7.4.14-3

CVE-2021-21704 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2007-3205 affecting package php 7.4.14-3

CVE-2007-3205 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2023-39326 affecting package golang for versions less than 1.21.6-1

CVE-2023-39326 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...

CVE-2023-24536 affecting package golang for versions less than 1.21.6-1

CVE-2023-24536 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...

CVE-2023-45284 affecting package golang for versions less than 1.21.6-1

CVE-2023-45284 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...

CVE-2023-45287 affecting package golang for versions less than 1.21.6-1

CVE-2023-45287 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...