friends.aipro.tv Cross Site Scripting vulnerability OBB-3938564
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
attoohinfo.co.za Cross Site Scripting vulnerability OBB-3938565
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
lordtickets.com Cross Site Scripting vulnerability OBB-3938563
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
web.colegioingles.edu.uy Cross Site Scripting vulnerability OBB-3938561
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
oncomarkers.com.br Cross Site Scripting vulnerability OBB-3938560
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
plugintheme.net Cross Site Scripting vulnerability OBB-3938562
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Security Bulletin: This Power System update is being released to address CVE-2023-45857
Summary This affects the BMC's ASMi web application. Vulnerability Details ** CVEID: CVE-2023-45857 DESCRIPTION: **Axios is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By inserting the X-XSRF-TOKEN header using the secret XSRF-TOKEN cookie value.....
6.5CVSS
5.9AI Score
0.001EPSS
tgfilter.org Cross Site Scripting vulnerability OBB-3938558
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
thaince.org Cross Site Scripting vulnerability OBB-3938559
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
boubathemasterclass.com Cross Site Scripting vulnerability OBB-3938557
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
cifs.com.cy Cross Site Scripting vulnerability OBB-3938556
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
flyteachers.com Cross Site Scripting vulnerability OBB-3938555
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Security Bulletin: This Power System update is being released to address CVE-2023-37453
Summary This affects the BMC's physical USB ports. Vulnerability Details ** CVEID: CVE-2023-37453 DESCRIPTION: **Linux Kernel is vulnerable to a denial of service, caused by an out-of-bounds flaw in the read_descriptors function in drivers/usb/core/sysfs.c in the USB subsystem. By using a...
4.6CVSS
6.3AI Score
0.0005EPSS
DSpace Cross Site Scripting (XSS) via a deposited HTML/XML document
Impact In DSpace 7.0 through 7.6.1, when an HTML, XML or JavaScript Bitstream is downloaded, the user's browser may execute any embedded JavaScript. If that embedded JavaScript is malicious, there is a risk of an XSS attack. This attack may only be initialized by a user who already has Submitter...
5.6AI Score
EPSS
DSpace Cross Site Scripting (XSS) via a deposited HTML/XML document
Impact In DSpace 7.0 through 7.6.1, when an HTML, XML or JavaScript Bitstream is downloaded, the user's browser may execute any embedded JavaScript. If that embedded JavaScript is malicious, there is a risk of an XSS attack. This attack may only be initialized by a user who already has Submitter...
2.6CVSS
5.5AI Score
EPSS
7.2AI Score
7.2AI Score
7.2AI Score
7.2AI Score
7.2AI Score
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
7.2AI Score
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...
7.2AI Score
Summary There is a vulnerability in IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor (CVE-2024-27270). Vulnerability Details ** CVEID: CVE-2024-27270 DESCRIPTION: **IBM WebSphere Application Server Liberty 23.0.0.3 through 24.0.0.3 is vulnerable to cross-site...
4.7CVSS
6.4AI Score
0.0004EPSS
Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized...
5.3CVSS
EPSS
Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized...
5.3CVSS
7AI Score
EPSS
7.2AI Score
7.2AI Score
7.2AI Score
7.2AI Score
Summary IBM Sterling B2B Integrator Standard Edition does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with. Vulnerability Details ** CVEID:...
6.6AI Score
EPSS
WordPress 6.5.5 Security Release – What You Need to Know
Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? __Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the...
5.4AI Score
Summary In Sterling B2B Integrator Standard Edition Console, the Content-Security-Policy header in the console for B2Bi is not set to the stictest available value. The Content-Security-Policy that is set by the server allows inline Javascript and "eval" functions in the browser. Allowing inline...
6.2AI Score
EPSS
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: newrelic-infrastructure-agent, k3s, grype, k9s, zot, cadvisor, nerdctl, runc, skopeo, trivy, nvidia-device-plugin, kubescape, telegraf, kaniko, ctop, syft, kots, datadog-agent, kubernetes, skaffold, buildkitd, docker, ingress-nginx-controller, wolfictl, zarf,...
8.6CVSS
9.2AI Score
0.051EPSS
GHSA-7WW5-4WQC-M92C vulnerabilities
Vulnerabilities for packages: newrelic-infrastructure-agent, grype, zot, tekton-pipelines, gitness, trivy, fuse-overlayfs-snapshotter, melange, kubescape, telegraf, eksctl, flux-helm-controller, kaniko, ctop, kubevela, up, kots, neuvector-agent, cert-manager, skaffold, flux-source-controller,...
7.5AI Score
7.5AI Score
0.0004EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: grpcurl, argo-workflows, cri-tools, metallb, timoni, cilium, aws-load-balancer-controller, calico, tekton-pipelines, nri-prometheus, smarter-device-manager, gitness, kubewatch, stakater-reloader, secrets-store-csi-driver, kubernetes-csi-external-snapshotter, nuclei,...
7.5AI Score
Vulnerabilities for packages: kubernetes-csi-driver-hostpath, kubernetes-dns-node-cache, ip-masq-agent, local-static-provisioner, calico, spark-operator, aws-ebs-csi-driver, kubernetes, cluster-autoscaler, node-feature-discovery,...
2.7CVSS
4.3AI Score
0.0004EPSS
7.5AI Score
CVE-2024-23652 vulnerabilities
Vulnerabilities for packages: docker, skaffold, guac, zot, trivy, scorecard, conftest, kubescape, datadog-agent, buildkitd,...
10CVSS
9.7AI Score
0.001EPSS
7.5AI Score
CVE-2024-26130 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines, az, py3-cryptography, ggshield,...
7.5CVSS
7.8AI Score
0.0004EPSS
7.5AI Score
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: grpcurl, git-lfs, calico, nri-prometheus, gitness, kubewatch, cilium-envoy, stakater-reloader, secrets-store-csi-driver, gomplate, amass, hey, nginx-stable, dotnet, terraform-provider-azurerm, envoy-ratelimit, secrets-store-csi-driver-provider-gcp, kind,...
7.5CVSS
9AI Score
0.732EPSS
Vulnerabilities for packages: grafana-mimir, guac, crossplane-provider-azure, k3s, keda, zot, opentofu, flux, fulcio, gitlab-kas, scorecard, tekton-pipelines, flux-image-reflector-controller, terraform, ksops, gitlab-runner, opentelemetry-collector-contrib, prometheus, kubernetes-event-exporter,...
6CVSS
6.2AI Score
0.0004EPSS
6.5CVSS
7.1AI Score
0.003EPSS
7.5CVSS
7.7AI Score
0.0004EPSS
CVE-2024-36129 vulnerabilities
Vulnerabilities for packages: tempo, opentelemetry-collector-contrib, opentelemetry-collector,...
8.2CVSS
8AI Score
0.001EPSS
5.5CVSS
6.6AI Score
0.0004EPSS
7.5CVSS
7.7AI Score
0.003EPSS
7.5AI Score