Lucene search

K

Ad Directory & Listings By AWP Classifieds Security Vulnerabilities

ibm
ibm

Security Bulletin: Maximo Application suite - express-4.18.2.tgz is vulnerable to CVE-2024-29041 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses express-4.18.2.tgz which is vulnerable to CVE-2024-29041. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2024-29041 DESCRIPTION: **Express.js Express could allow a remote...

6.1CVSS

7.1AI Score

0.0004EPSS

2024-06-25 10:07 PM
1
ibm
ibm

Security Bulletin: Maximo Application Suite - jose4j is vulnerable to CVE-2023-51775 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses jose4j which is vulnerable to CVE-2023-51775. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-51775 DESCRIPTION: **jose4j is vulnerable to a denial of service, caused by.....

7.2AI Score

0.0004EPSS

2024-06-25 10:06 PM
ibm
ibm

Security Bulletin: Maximo Application Suite - gunicorn-20.1.0-py3-none-any.whl is vulnerable to CVE-2024-1135 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses gunicorn-20.1.0-py3-none-any.whl which is vulnerable to CVE-2024-1135. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2024-1135 DESCRIPTION: **Gunicorn is vulnerable to...

7.5CVSS

6.1AI Score

0.0004EPSS

2024-06-25 10:05 PM
1
ibm
ibm

Security Bulletin: Maximo Application Suite - bcprov-jdk18on-1.76.jar is vulnerable to CVE-2024-30171 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses bcprov-jdk18on-1.76.jar which is vulnerable to CVE-2024-30171. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2024-30171 DESCRIPTION: **The Bouncy Castle Crypto Package...

6.4AI Score

0.0004EPSS

2024-06-25 10:05 PM
1
openbugbounty
openbugbounty

nordicbiosite.com Cross Site Scripting vulnerability OBB-3938898

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 09:51 PM
4
malwarebytes
malwarebytes

Neiman Marcus confirms breach. Is the customer data already for sale?

Luxury retail chain Neiman Marcus has begun to inform customers about a cyberattack it discovered in May. The attacker compromised a database platform storing customers' personal information. The letter tells customers: “Promptly after learning of the issue, we took steps to contain it, including.....

7.5AI Score

2024-06-25 09:35 PM
3
openbugbounty
openbugbounty

baseballquebec.com Cross Site Scripting vulnerability OBB-3938896

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 09:28 PM
3
nvd
nvd

CVE-2024-5016

In WhatsUp Gold versions released before 2023.1.3, Distributed Edition installations can be exploited by using a deserialization tool to achieve a Remote Code Execution as SYSTEM. The vulnerability exists in the main message processing routines NmDistributed.DistributedServiceBehavior.OnMessage...

7.2CVSS

0.0004EPSS

2024-06-25 09:16 PM
3
cve
cve

CVE-2024-5018

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Path Traversal vulnerability exists Wug.UI.Areas.Wug.Controllers.SessionController.LoadNMScript. This allows allows reading of any file from the applications web-root directory...

5.3CVSS

5.4AI Score

0.0004EPSS

2024-06-25 09:16 PM
6
cve
cve

CVE-2024-5016

In WhatsUp Gold versions released before 2023.1.3, Distributed Edition installations can be exploited by using a deserialization tool to achieve a Remote Code Execution as SYSTEM. The vulnerability exists in the main message processing routines NmDistributed.DistributedServiceBehavior.OnMessage...

7.2CVSS

7.2AI Score

0.0004EPSS

2024-06-25 09:16 PM
8
nvd
nvd

CVE-2024-5018

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Path Traversal vulnerability exists Wug.UI.Areas.Wug.Controllers.SessionController.LoadNMScript. This allows allows reading of any file from the applications web-root directory...

5.3CVSS

0.0004EPSS

2024-06-25 09:16 PM
2
nvd
nvd

CVE-2024-35526

An issue in Daemon PTY Limited FarCry Core framework before 7.2.14 allows attackers to access sensitive information in the /facade...

0.0004EPSS

2024-06-25 09:15 PM
1
cve
cve

CVE-2024-35526

An issue in Daemon PTY Limited FarCry Core framework before 7.2.14 allows attackers to access sensitive information in the /facade...

6.2AI Score

0.0004EPSS

2024-06-25 09:15 PM
6
openbugbounty
openbugbounty

b-21.com Cross Site Scripting vulnerability OBB-3938893

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 09:06 PM
4
redhatcve
redhatcve

CVE-2024-39470

In the Linux kernel, the following vulnerability has been resolved: eventfs: Fix a possible null pointer dereference in eventfs_find_events() In function eventfs_find_events,there is a potential null pointer that may be caused by calling update_events_attr which will perform some operations on the....

7.2AI Score

0.0004EPSS

2024-06-25 08:52 PM
redhatcve
redhatcve

CVE-2024-39469

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors The error handling in nilfs_empty_dir() when a directory folio/page read fails is incorrect, as in the old ext2 implementation, and if the folio/page cannot be.....

7AI Score

0.0004EPSS

2024-06-25 08:52 PM
redhatcve
redhatcve

CVE-2024-39467

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode() syzbot reports a kernel bug as below: F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4...

7AI Score

0.0004EPSS

2024-06-25 08:52 PM
redhatcve
redhatcve

CVE-2024-39465

In the Linux kernel, the following vulnerability has been resolved: media: mgb4: Fix double debugfs remove Fixes an error where debugfs_remove_recursive() is called first on a parent directory and then again on a child which causes a kernel panic. [hverkuil: added Fixes/Cc...

7.1AI Score

0.0004EPSS

2024-06-25 08:52 PM
redhatcve
redhatcve

CVE-2024-39463

In the Linux kernel, the following vulnerability has been resolved: 9p: add missing locking around taking dentry fid list Fix a use-after-free on dentry's d_fsdata fid list when a thread looks up a fid through dentry while another thread unlinks it: UAF thread: refcount_t: addition on 0;...

7.2AI Score

0.0004EPSS

2024-06-25 08:52 PM
openbugbounty
openbugbounty

basaksecmen.com Cross Site Scripting vulnerability OBB-3938892

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:52 PM
2
openbugbounty
openbugbounty

bestlocalseotools.com Cross Site Scripting vulnerability OBB-3938891

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:50 PM
2
cvelist
cvelist

CVE-2024-5019 WhatsUp Gold LoadCSSUsingBasePath Directory Traversal Information Disclosure Vulnerability

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Arbitrary File Read issue exists in Wug.UI.Areas.Wug.Controllers.SessionController.CachedCSS. This vulnerability allows reading of any file with iisapppool\NmConsole...

5.3CVSS

0.0004EPSS

2024-06-25 08:29 PM
2
vulnrichment
vulnrichment

CVE-2024-5019 WhatsUp Gold LoadCSSUsingBasePath Directory Traversal Information Disclosure Vulnerability

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Arbitrary File Read issue exists in Wug.UI.Areas.Wug.Controllers.SessionController.CachedCSS. This vulnerability allows reading of any file with iisapppool\NmConsole...

5.3CVSS

7.1AI Score

0.0004EPSS

2024-06-25 08:29 PM
cvelist
cvelist

CVE-2024-5018 WhatsUp Gold LoadUsingBasePath Directory Traversal Information Disclosure Vulnerability

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Path Traversal vulnerability exists Wug.UI.Areas.Wug.Controllers.SessionController.LoadNMScript. This allows allows reading of any file from the applications web-root directory...

5.3CVSS

0.0004EPSS

2024-06-25 08:27 PM
1
openbugbounty
openbugbounty

wcuc.org Cross Site Scripting vulnerability OBB-3938884

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:26 PM
3
redhatcve
redhatcve

CVE-2024-38385

In the Linux kernel, the following vulnerability has been resolved: genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after() irq_find_at_or_after() dereferences the interrupt descriptor which is returned by mt_find() while neither holding sparse_irq_lock nor RCU read lock, which means the.....

7.2AI Score

0.0004EPSS

2024-06-25 08:25 PM
redhatcve
redhatcve

CVE-2024-38306

In the Linux kernel, the following vulnerability has been resolved: btrfs: protect folio::private when attaching extent buffer folios [BUG] Since v6.8 there are rare kernel crashes reported by various people, the common factor is bad page status error messages like this: BUG: Bad page state in...

7.5AI Score

0.0004EPSS

2024-06-25 08:25 PM
1
redhatcve
redhatcve

CVE-2024-37078

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential kernel bug due to lack of writeback flag waiting Destructive writes to a block device on which nilfs2 is mounted can cause a kernel bug in the folio/page writeback start routine or writeback end routine...

7.1AI Score

0.0004EPSS

2024-06-25 08:25 PM
openbugbounty
openbugbounty

ubaldlalime.com Cross Site Scripting vulnerability OBB-3938882

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:25 PM
3
redhatcve
redhatcve

CVE-2022-48772

In the Linux kernel, the following vulnerability has been resolved: media: lgdt3306a: Add a check against null-pointer-def The driver should check whether the client provides the platform_data. The following log reveals it: [ 29.610324] BUG: KASAN: null-ptr-deref in kmemdup+0x30/0x40 [ 29.610730].....

7.2AI Score

0.0004EPSS

2024-06-25 08:24 PM
openbugbounty
openbugbounty

terrys-service.com Cross Site Scripting vulnerability OBB-3938879

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:24 PM
3
openbugbounty
openbugbounty

t1rex.com Cross Site Scripting vulnerability OBB-3938878

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:24 PM
3
openbugbounty
openbugbounty

tolliversflowershop.com Cross Site Scripting vulnerability OBB-3938880

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:24 PM
3
cvelist
cvelist

CVE-2024-5016 WhatsUp Gold OnMessage Deserialization of Untrusted Data Remote Code Execution Vulnerability

In WhatsUp Gold versions released before 2023.1.3, Distributed Edition installations can be exploited by using a deserialization tool to achieve a Remote Code Execution as SYSTEM. The vulnerability exists in the main message processing routines NmDistributed.DistributedServiceBehavior.OnMessage...

7.2CVSS

0.0004EPSS

2024-06-25 08:23 PM
1
vulnrichment
vulnrichment

CVE-2024-5016 WhatsUp Gold OnMessage Deserialization of Untrusted Data Remote Code Execution Vulnerability

In WhatsUp Gold versions released before 2023.1.3, Distributed Edition installations can be exploited by using a deserialization tool to achieve a Remote Code Execution as SYSTEM. The vulnerability exists in the main message processing routines NmDistributed.DistributedServiceBehavior.OnMessage...

7.2CVSS

7.5AI Score

0.0004EPSS

2024-06-25 08:23 PM
openbugbounty
openbugbounty

sydkusten.es Cross Site Scripting vulnerability OBB-3938877

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:23 PM
3
openbugbounty
openbugbounty

ripledd.com Cross Site Scripting vulnerability OBB-3938875

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:22 PM
2
openbugbounty
openbugbounty

qemjanitorial.com Cross Site Scripting vulnerability OBB-3938873

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:21 PM
2
openbugbounty
openbugbounty

perreux.fr Cross Site Scripting vulnerability OBB-3938871

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:19 PM
2
openbugbounty
openbugbounty

npzl.be Cross Site Scripting vulnerability OBB-3938869

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:18 PM
3
openbugbounty
openbugbounty

lutonsynagogue.org.uk Cross Site Scripting vulnerability OBB-3938865

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:16 PM
2
nvd
nvd

CVE-2024-4498

A Path Traversal and Remote File Inclusion (RFI) vulnerability exists in the parisneo/lollms-webui application, affecting versions v9.7 to the latest. The vulnerability arises from insufficient input validation in the /apply_settings function, allowing an attacker to manipulate the...

7.7CVSS

0.0004EPSS

2024-06-25 08:15 PM
cve
cve

CVE-2024-4498

A Path Traversal and Remote File Inclusion (RFI) vulnerability exists in the parisneo/lollms-webui application, affecting versions v9.7 to the latest. The vulnerability arises from insufficient input validation in the /apply_settings function, allowing an attacker to manipulate the...

7.7CVSS

7.9AI Score

0.0004EPSS

2024-06-25 08:15 PM
5
openbugbounty
openbugbounty

levangileaucoeur.fr Cross Site Scripting vulnerability OBB-3938861

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:15 PM
3
openbugbounty
openbugbounty

flowersetcofyorksc.com Cross Site Scripting vulnerability OBB-3938853

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:10 PM
4
openbugbounty
openbugbounty

eplay.co.uk Cross Site Scripting vulnerability OBB-3938850

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:08 PM
3
openbugbounty
openbugbounty

chateau-de-rochecotte.com Cross Site Scripting vulnerability OBB-3938845

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:04 PM
3
openbugbounty
openbugbounty

cathedraledevienne.fr Cross Site Scripting vulnerability OBB-3938842

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:03 PM
3
openbugbounty
openbugbounty

cbpt14.com Cross Site Scripting vulnerability OBB-3938843

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:03 PM
3
openbugbounty
openbugbounty

aytovaldelugueros.es Cross Site Scripting vulnerability OBB-3938841

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 08:01 PM
2
Total number of security vulnerabilities2079043