Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

All-in-One Addons For Elementor – WidgetKit Security Vulnerabilities

github
github

DSpace Cross Site Scripting (XSS) via a deposited HTML/XML document

Impact In DSpace 7.0 through 7.6.1, when an HTML, XML or JavaScript Bitstream is downloaded, the user's browser may execute any embedded JavaScript. If that embedded JavaScript is malicious, there is a risk of an XSS attack. This attack may only be initialized by a user who already has Submitter...

5.5AI Score

EPSS

2024-06-25 05:07 PM
3
vulnrichment
vulnrichment

CVE-2024-6308 itsourcecode Simple Online Hotel Reservation System index.php sql injection

A vulnerability was found in itsourcecode Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file index.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit....

7.3CVSS

7.8AI Score

EPSS

2024-06-25 05:00 PM
cvelist
cvelist

CVE-2024-6308 itsourcecode Simple Online Hotel Reservation System index.php sql injection

A vulnerability was found in itsourcecode Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file index.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit....

7.3CVSS

EPSS

2024-06-25 05:00 PM
cve
cve

CVE-2023-42014

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

7.2AI Score

2024-06-25 04:50 PM
1
cve
cve

CVE-2023-42011

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

7.2AI Score

2024-06-25 04:50 PM
ibm
ibm

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to cross-site scripting due to WebSphere Application Server Liberty

Summary There is a vulnerability in IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor (CVE-2024-27270). Vulnerability Details ** CVEID: CVE-2024-27270 DESCRIPTION: **IBM WebSphere Application Server Liberty 23.0.0.3 through 24.0.0.3 is vulnerable to cross-site...

4.7CVSS

6.4AI Score

0.0004EPSS

2024-06-25 04:18 PM
2
nvd
nvd

CVE-2024-0171

Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized...

5.3CVSS

EPSS

2024-06-25 04:15 PM
3
cve
cve

CVE-2024-0171

Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized...

5.3CVSS

7AI Score

EPSS

2024-06-25 04:15 PM
1
ibm
ibm

Security Bulletin: IBM Sterling B2B Integrator Standard Edition does not correctly restrict frame objects

Summary IBM Sterling B2B Integrator Standard Edition does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with. Vulnerability Details ** CVEID:...

6.6AI Score

EPSS

2024-06-25 03:49 PM
2
wordfence
wordfence

WordPress 6.5.5 Security Release – What You Need to Know

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? __Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the...

5.4AI Score

2024-06-25 03:38 PM
2
ibm
ibm

Security Bulletin: Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting ( CVE-2023-42014).

Summary In Sterling B2B Integrator Standard Edition Console, the Content-Security-Policy header in the console for B2Bi is not set to the stictest available value. The Content-Security-Policy that is set by the server allows inline Javascript and "eval" functions in the browser. Allowing inline...

6.2AI Score

EPSS

2024-06-25 03:36 PM
2
wolfi
wolfi

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: grpcurl, git-lfs, calico, nri-prometheus, gitness, kubewatch, cilium-envoy, stakater-reloader, secrets-store-csi-driver, gomplate, amass, hey, nginx-stable, dotnet, terraform-provider-azurerm, envoy-ratelimit, secrets-store-csi-driver-provider-gcp, kind,...

7.5CVSS

9AI Score

0.732EPSS

2024-06-25 03:33 PM
608
wolfi
wolfi

CVE-2024-4368 vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

0.0004EPSS

2024-06-25 03:33 PM
43
wolfi
wolfi

CVE-2024-3177 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-driver-hostpath, kubernetes-dns-node-cache, ip-masq-agent, local-static-provisioner, calico, spark-operator, aws-ebs-csi-driver, kubernetes, cluster-autoscaler, node-feature-discovery,...

2.7CVSS

4.3AI Score

0.0004EPSS

2024-06-25 03:33 PM
75
wolfi
wolfi

GHSA-C5PJ-MQFH-RVC3 vulnerabilities

Vulnerabilities for packages: buildah,...

7.5AI Score

2024-06-25 03:33 PM
68
wolfi
wolfi

CVE-2024-23652 vulnerabilities

Vulnerabilities for packages: docker, skaffold, guac, zot, trivy, scorecard, conftest, kubescape, datadog-agent, buildkitd,...

10CVSS

9.7AI Score

0.001EPSS

2024-06-25 03:33 PM
265
wolfi
wolfi

GHSA-JM46-725R-HH9V vulnerabilities

Vulnerabilities for packages: python,...

7.5AI Score

2024-06-25 03:33 PM
99
wolfi
wolfi

CVE-2024-26130 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines, az, py3-cryptography, ggshield,...

7.5CVSS

7.8AI Score

0.0004EPSS

2024-06-25 03:33 PM
139
wolfi
wolfi

GHSA-V5QP-MX94-J49V vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-25 03:33 PM
125
wolfi
wolfi

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: grpcurl, argo-workflows, cri-tools, metallb, timoni, cilium, aws-load-balancer-controller, calico, tekton-pipelines, nri-prometheus, smarter-device-manager, gitness, kubewatch, stakater-reloader, secrets-store-csi-driver, kubernetes-csi-external-snapshotter, nuclei,...

7.5AI Score

2024-06-25 03:33 PM
179
wolfi
wolfi

CVE-2024-29018 vulnerabilities

Vulnerabilities for packages: grype, zot, docker-compose, cadvisor, prometheus, ko, crossplane, loki, goreleaser, trivy, melange, kubescape, spire-server, telegraf, kaniko, ctop, aactl, syft, up, datadog-agent, buildkitd, kargo, dagger, wolfictl, tkn, buf,...

5.9CVSS

5.9AI Score

0.0004EPSS

2024-06-25 03:33 PM
156
wolfi
wolfi

GHSA-2C7C-3MJ9-8FQH vulnerabilities

Vulnerabilities for packages: argo-workflows, keda, external-secrets-operator, fulcio, tekton-pipelines, traefik, cilium-envoy, vexctl, falco, cloudflared, rekor, kubescape, spire-server, slsa-verifier, vault, istio-pilot-discovery, aactl, cosign, dex, gitsign, kots, cert-manager, argo-cd,...

7.5AI Score

2024-06-25 03:33 PM
346
wolfi
wolfi

GHSA-JQ35-85CJ-FJ4P vulnerabilities

Vulnerabilities for packages: k3s, scorecard, tekton-pipelines, prometheus, loki, goreleaser, falco, kubescape, slsa-verifier, ctop, aactl, paranoia, up, kpt, cert-manager, chartmuseum, skaffold, tekton-chains, k3d,...

7.5AI Score

2024-06-25 03:33 PM
344
wolfi
wolfi

GHSA-MQ39-4GV4-MVPX vulnerabilities

Vulnerabilities for packages: grype, zot, docker-compose, cadvisor, prometheus, ko, crossplane, loki, goreleaser, trivy, melange, kubescape, spire-server, telegraf, kaniko, ctop, aactl, syft, up, datadog-agent, buildkitd, kargo, dagger, wolfictl, tkn, buf,...

7.5AI Score

2024-06-25 03:33 PM
140
wolfi
wolfi

GHSA-X32M-MVFJ-52XV vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-25 03:33 PM
87
wolfi
wolfi

GHSA-9766-5277-J5HR vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-25 03:33 PM
42
wolfi
wolfi

GHSA-797F-63WG-8CHV vulnerabilities

Vulnerabilities for packages: python,...

7.5AI Score

2024-06-25 03:33 PM
92
wolfi
wolfi

CVE-2022-3736 vulnerabilities

Vulnerabilities for packages:...

7.5CVSS

7.7AI Score

0.001EPSS

2024-06-25 03:33 PM
347
wolfi
wolfi

CVE-2023-4408 vulnerabilities

Vulnerabilities for packages:...

7.5CVSS

7.5AI Score

0.001EPSS

2024-06-25 03:33 PM
146
wolfi
wolfi

CVE-2023-5679 vulnerabilities

Vulnerabilities for packages:...

7.5CVSS

7.5AI Score

0.001EPSS

2024-06-25 03:33 PM
128
wolfi
wolfi

GHSA-M868-F948-VVJC vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-25 03:33 PM
76
wolfi
wolfi

GHSA-7P63-JGG6-RGPV vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-25 03:33 PM
257
wolfi
wolfi

CVE-2024-3154 vulnerabilities

Vulnerabilities for packages: buildah,...

7.2CVSS

7.3AI Score

0.0004EPSS

2024-06-25 03:33 PM
64
wolfi
wolfi

GHSA-X84C-P2G9-RQV9 vulnerabilities

Vulnerabilities for packages: docker, dagger, helm-push, harbor-scanner-trivy, policy-controller, cri-tools, grype, docker-compose, neuvector-scanner, wolfictl, syft, melange, tekton-pipelines, k3d, buf, prometheus,...

7.5AI Score

2024-06-25 03:33 PM
64
wolfi
wolfi

CVE-2023-31130 vulnerabilities

Vulnerabilities for packages:...

6.4CVSS

7.7AI Score

0.0004EPSS

2024-06-25 03:33 PM
325
wolfi
wolfi

CVE-2023-2727 vulnerabilities

Vulnerabilities for packages:...

6.5CVSS

7.7AI Score

0.001EPSS

2024-06-25 03:33 PM
290
wolfi
wolfi

GHSA-CFGP-2977-2FMM vulnerabilities

Vulnerabilities for packages: calico,...

7.5AI Score

2024-06-25 03:33 PM
233
wolfi
wolfi

GHSA-VR64-R9QJ-H27F vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-25 03:33 PM
70
wolfi
wolfi

GHSA-R53H-JV2G-VPX6 vulnerabilities

Vulnerabilities for packages: istio-operator, helm-push, k9s, zot, cilium-cli, trivy, zarf, up, cert-manager, helm-operator, kubescape, kots, eksctl, chartmuseum, flux-helm-controller, flux-source-controller,...

7.5AI Score

2024-06-25 03:33 PM
99
wolfi
wolfi

CVE-2024-25620 vulnerabilities

Vulnerabilities for packages: istio-operator, helm-push, k9s, zot, cilium-cli, trivy, zarf, up, cert-manager, helm-operator, kubescape, kots, eksctl, chartmuseum, flux-helm-controller, flux-source-controller,...

6.4CVSS

6.7AI Score

0.0004EPSS

2024-06-25 03:33 PM
102
wolfi
wolfi

GHSA-5R57-JCC8-JHH3 vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-25 03:33 PM
56
wolfi
wolfi

CVE-2024-3914 vulnerabilities

Vulnerabilities for packages:...

8.9AI Score

0.0005EPSS

2024-06-25 03:33 PM
64
wolfi
wolfi

GHSA-FFF2-PWCG-X73M vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-25 03:33 PM
56
wolfi
wolfi

GHSA-JFH3-F27X-P9GP vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-25 03:33 PM
53
wolfi
wolfi

CVE-2024-4058 vulnerabilities

Vulnerabilities for packages:...

8.8CVSS

6.8AI Score

0.001EPSS

2024-06-25 03:33 PM
51
wolfi
wolfi

GHSA-9XRG-J488-68QQ vulnerabilities

Vulnerabilities for packages:...

7.5AI Score

2024-06-25 03:33 PM
51
wolfi
wolfi

CVE-2024-5159 vulnerabilities

Vulnerabilities for packages:...

7.1AI Score

0.0004EPSS

2024-06-25 03:33 PM
36
wolfi
wolfi

CVE-2024-5274 vulnerabilities

Vulnerabilities for packages:...

8.8CVSS

7.1AI Score

0.003EPSS

2024-06-25 03:33 PM
36
wolfi
wolfi

CVE-2024-5493 vulnerabilities

Vulnerabilities for packages:...

7.2AI Score

0.0004EPSS

2024-06-25 03:33 PM
26
wolfi
wolfi

CVE-2024-5494 vulnerabilities

Vulnerabilities for packages:...

7.2AI Score

0.0004EPSS

2024-06-25 03:33 PM
26
Total number of security vulnerabilities3047192