3com – Asesor De Cookies Para Normativa Española Security Vulnerabilities and Issues — 3com – Asesor De Cookies Para Normativa Española CVE List

wordfence

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 17, 2024 to June 23, 2024)

_ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? __Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the...

10CVSS

9.8AI Score

EPSS

2024-06-27 03:00 PM

5

cve

CVE-2024-0947

Reliance on Cookies without Validation and Integrity Checking vulnerability in Talya Informatics Elektraweb allows Session Credential Falsification through Manipulation, Accessing/Intercepting/Modifying HTTP Cookies, Manipulating Opaque Client-based Data Tokens.This issue affects Elektraweb:...

9.8CVSS

9.6AI Score

0.001EPSS

2024-06-27 10:15 AM

7

nvd

CVE-2024-0947

Reliance on Cookies without Validation and Integrity Checking vulnerability in Talya Informatics Elektraweb allows Session Credential Falsification through Manipulation, Accessing/Intercepting/Modifying HTTP Cookies, Manipulating Opaque Client-based Data Tokens.This issue affects Elektraweb:...

9.8CVSS

0.001EPSS

2024-06-27 10:15 AM

6

nvd

CVE-2023-7270

An issue was discovered in SoftMaker Office 2024 / NX before revision 1214 and SoftMaker FreeOffice 2014 before revision 1215. FreeOffice 2021 is also affected, but won't be fixed. The SoftMaker Office and FreeOffice MSI installer files were found to produce a visible conhost.exe window running...

0.0004EPSS

2024-06-27 10:15 AM

3

cve

CVE-2023-7270

An issue was discovered in SoftMaker Office 2024 / NX before revision 1214 and SoftMaker FreeOffice 2014 before revision 1215. FreeOffice 2021 is also affected, but won't be fixed. The SoftMaker Office and FreeOffice MSI installer files were found to produce a visible conhost.exe window running...

6.5AI Score

0.0004EPSS

2024-06-27 10:15 AM

10

cvelist

CVE-2023-7270 Local Privilege Escalation via MSI installer

An issue was discovered in SoftMaker Office 2024 / NX before revision 1214 and SoftMaker FreeOffice 2014 before revision 1215. FreeOffice 2021 is also affected, but won't be fixed. The SoftMaker Office and FreeOffice MSI installer files were found to produce a visible conhost.exe window running...

0.0004EPSS

2024-06-27 09:28 AM

5

vulnrichment

CVE-2024-0947 Cookies Manipulation in Talya Informatics' Elektraweb

Reliance on Cookies without Validation and Integrity Checking vulnerability in Talya Informatics Elektraweb allows Session Credential Falsification through Manipulation, Accessing/Intercepting/Modifying HTTP Cookies, Manipulating Opaque Client-based Data Tokens.This issue affects Elektraweb:...

9.8CVSS

7AI Score

0.001EPSS

2024-06-27 09:27 AM

1

cvelist

CVE-2024-0947 Cookies Manipulation in Talya Informatics' Elektraweb

Reliance on Cookies without Validation and Integrity Checking vulnerability in Talya Informatics Elektraweb allows Session Credential Falsification through Manipulation, Accessing/Intercepting/Modifying HTTP Cookies, Manipulating Opaque Client-based Data Tokens.This issue affects Elektraweb:...

9.8CVSS

0.001EPSS

2024-06-27 09:27 AM

3

nvd

CVE-2024-6283

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL parameter of the De Gallery widget in all versions up to and including 2.1.5 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for....

5.4CVSS

0.001EPSS

2024-06-27 05:15 AM

4

cve

CVE-2024-6283

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL parameter of the De Gallery widget in all versions up to and including 2.1.5 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for....

5.4CVSS

5.1AI Score

0.001EPSS

2024-06-27 05:15 AM

6

cvelist

CVE-2024-6283 DethemeKit For Elementor <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via URL Parameter of the De Gallery Widget

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL parameter of the De Gallery widget in all versions up to and including 2.1.5 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for....

5.4CVSS

0.001EPSS

2024-06-27 04:38 AM

8

vulnrichment

CVE-2024-6283 DethemeKit For Elementor <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via URL Parameter of the De Gallery Widget

The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL parameter of the De Gallery widget in all versions up to and including 2.1.5 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for....

5.4CVSS

5.8AI Score

0.001EPSS

2024-06-27 04:38 AM

googleprojectzero

The Windows Registry Adventure #3: Learning resources

Posted by Mateusz Jurczyk, Google Project Zero When tackling a new vulnerability research target, especially a closed-source one, I prioritize gathering as much information about it as possible. This gets especially interesting when it's a subsystem as old and fundamental as the Windows registry......

5.5CVSS

6.7AI Score

0.001EPSS

2024-06-27 12:00 AM

nessus

RHEL 9 : OpenShift Container Platform 4.16.0 (RHSA-2024:0045)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0045 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

8.3CVSS

6.1AI Score

0.0004EPSS

2024-06-27 12:00 AM

osv

CVE-2024-38375

@fastly/js-compute is a JavaScript SDK and runtime for building Fastly Compute applications. The implementation of several functions were determined to include a use-after-free bug. This bug could allow for unintended data loss if the result of the preceding functions were sent anywhere else, and.....

5.3CVSS

6.8AI Score

0.0004EPSS

2024-06-26 07:15 PM

ibm

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty and libcurl may affect IBM Storage Protect Backup-Archive Client

Summary IBM Storage Protect Backup-Archive Client can be affected by security flaws in IBM WebSphere Application Server Liberty and libcurl. The flaws can lead to weaker than expected security for outbound TLS connections and bypass of security restrictions, as described in the "Vulnerability...

6.5CVSS

7AI Score

0.001EPSS

2024-06-26 04:23 PM

7

ibm

Security Bulletin: IBM Cloud Pak for Network Automation 2.7.4 addresses multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.7.4 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details ** CVEID: CVE-2022-48554 DESCRIPTION: **File is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the file_copystr...

7.8CVSS

9.6AI Score

EPSS

2024-06-26 12:12 PM

1

ibm

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities listed herein. Vulnerability Details ** CVEID: CVE-2023-49569 DESCRIPTION: **go-git could allow a remote attacker to traverse directories on the system. By sending a specially crafted request using the...

9.8CVSS

10AI Score

EPSS

2024-06-26 09:20 AM

13

zdt

SolarWinds Platform 2024.1 SR1 - Race Condition Expoit

...

8.1CVSS

7AI Score

0.017EPSS

2024-06-26 12:00 AM

46

packetstorm

SolarWinds Platform 2024.1 SR1 Race Condition

...

8.1CVSS

7.1AI Score

0.017EPSS

2024-06-26 12:00 AM

51

nessus

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.6)

The version of AOS installed on the remote host is prior to 6.5.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.6 advisory. There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and...

9.8CVSS

7.5AI Score

0.003EPSS

2024-06-26 12:00 AM

exploitdb

SolarWinds Platform 2024.1 SR1 - Race Condition

...

8.1CVSS

7AI Score

EPSS

2024-06-26 12:00 AM

56

nessus

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.8.0.5)

The version of AOS installed on the remote host is prior to 6.8.0.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.8.0.5 advisory. An information disclosure vulnerability exists in...

9.8CVSS

8.3AI Score

0.05EPSS

2024-06-26 12:00 AM

nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2190-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2190-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The...

9.8CVSS

8.7AI Score

EPSS

2024-06-26 12:00 AM

2

openbugbounty

chateau-de-rochecotte.com Cross Site Scripting vulnerability OBB-3938845

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:04 PM

3

openbugbounty

radelier-de-la-loue.asso-web.com Cross Site Scripting vulnerability OBB-3938608

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 06:22 PM

4

osv

Malicious code in python-cookies-shower (PyPI)

-= Per source details. Do not edit below this...

7.1AI Score

2024-06-25 01:40 PM

osv

Malicious code in updated-tricks-roblox-robux-generator-2023-de-zs573s9c (npm)

-= Per source details. Do not edit below this...

7.1AI Score