DP300,TE60,TP3106,ViewPoint 9030,eCNS210 TD,eSpace 7950,eSpace IAD,eSpace U1981 Security Vulnerabilities
espace-aubade.fr Cross Site Scripting vulnerability OBB-3423180
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.1AI Score
espace-terroir.ch Cross Site Scripting vulnerability OBB-3382752
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.1AI Score
espace-o.ca Cross Site Scripting vulnerability OBB-3340764
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.1AI Score
espace-chez-soi.ch Cross Site Scripting vulnerability OBB-3340756
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.1AI Score
Description of the security update for SharePoint Foundation 2013: April 11, 2023 (KB5002383)
Description of the security update for SharePoint Foundation 2013: April 11, 2023 (KB5002383) Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2023-28288....
8AI Score
0.004EPSS
Gitea 1.1.0 - 1.12.5 - Remote Code Execution
Gitea 1.1.0 through 1.12.5 is susceptible to authenticated remote code execution, via the git hook functionality, in customer environments where the documentation is not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the...
7.2CVSS
7.1AI Score
0.973EPSS
Description of the security update for SharePoint Foundation 2013: March 14, 2023 (KB5002367)
Description of the security update for SharePoint Foundation 2013: March 14, 2023 (KB5002367) Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2023-23395....
4.1AI Score
0.001EPSS
9.8CVSS
9.6AI Score
0.014EPSS
Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi....
7.1CVSS
6.7AI Score
0.0004EPSS
Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi....
7.1CVSS
6.4AI Score
0.0004EPSS
Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi....
7.1CVSS
6.7AI Score
0.0004EPSS
Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi....
6.6CVSS
6.8AI Score
0.0004EPSS
Description of the security update for SharePoint Foundation 2013: February 14, 2023 (KB5002347)
Description of the security update for SharePoint Foundation 2013: February 14, 2023 (KB5002347) Summary This security update resolves a Microsoft SharePoint Server elevation of privilege vulnerability and Microsoft Word remote code execution vulnerability. To learn more about the vulnerabilities,....
9.7AI Score
0.454EPSS
espace-ultradanse.fr Cross Site Scripting vulnerability OBB-3192693
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
JetBlue: XSS via Vuln Rendertron Instance At `██████████.jetblue.com/render/*`
Summary I found that you have █████████ installed on your server, but it may not be up to date. i was able to get around ███'s xss block and get it to raise an alert. this is a type of xss that is mirrored and as soon as you send a link to a person, the xss runs. and in a malicious scenario, it...
10AI Score
Rocky Linux 9 : Image Builder (RLSA-2022:7950)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7950 advisory. A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial...
7.8AI Score
0.002EPSS
Description of the security update for SharePoint Foundation 2013: January 10, 2023 (KB5002336)
Description of the security update for SharePoint Foundation 2013: January 10, 2023 (KB5002336) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common...
9AI Score
0.007EPSS
espace-europ.com Cross Site Scripting vulnerability OBB-3099799
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.2AI Score
Description of the security update for SharePoint Foundation 2013: December 13, 2022 (KB5002319)
Description of the security update for SharePoint Foundation 2013: December 13, 2022 (KB5002319) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common...
9AI Score
0.009EPSS
Image Builder security, bug fix, and enhancement update
cockpit-composer [41-1.0.1] - Make per page documentation links point to Oracle Linux [Orabug: 32013095], [Orabug:34398922] [41-1] - New upstream release [40-1] - New upstream release [39-1] - New upstream release [38-1] - New upstream release [37-1] - New upstream release [35-1] - New upstream...
7.5CVSS
0.1AI Score
0.002EPSS
Oracle Linux 9 : Image / Builder (ELSA-2022-7950)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7950 advisory. A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a...
7.5CVSS
7.5AI Score
0.002EPSS
AlmaLinux 9 : Image Builder (ALSA-2022:7950)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2022:7950 advisory. A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial...
7.5CVSS
7.6AI Score
0.002EPSS
RHEL 9 : Image Builder (RHSA-2022:7950)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:7950 advisory. golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service...
7.5CVSS
7.8AI Score
0.002EPSS
Image Builder security, bug fix, and enhancement update
An update is available for cockpit-composer, weldr-client. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Image Builder is a service for building customized OS....
7.5CVSS
7.8AI Score
0.002EPSS
Low: Image Builder security, bug fix, and enhancement update
Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fix(es): golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service.....
7.5CVSS
7.7AI Score
0.002EPSS
(RHSA-2022:7950) Low: Image Builder security, bug fix, and enhancement update
Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fix(es): golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service.....
7.8AI Score
0.002EPSS
Low: Image Builder security, bug fix, and enhancement update
Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fix(es): golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service.....
7.5CVSS
7.8AI Score
0.002EPSS
Low: Image Builder security, bug fix, and enhancement update
Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fix(es): golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service.....
7.5CVSS
7.7AI Score
0.002EPSS
Description of the security update for SharePoint Foundation 2013: November 8, 2022 (KB5002303)
Description of the security update for SharePoint Foundation 2013: November 8, 2022 (KB5002303) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...
8.9AI Score
0.013EPSS
Description of the security update for SharePoint Foundation 2013: September 13, 2022 (KB5002267)
Description of the security update for SharePoint Foundation 2013: September 13, 2022 (KB5002267) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft SharePoint remote code execution vulnerability. To learn more about the...
8.3AI Score
0.022EPSS
Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write....
6.6CVSS
4.6AI Score
0.0004EPSS
Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Data Center Analytics, Analytics probe components), Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe components) allows Server Side....
9.8CVSS
9.4AI Score
0.002EPSS
Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write....
4.4CVSS
0.0004EPSS
Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write....
4.4CVSS
4.6AI Score
0.0004EPSS
Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write....
6.6CVSS
6.3AI Score
0.0004EPSS
sfcp-espace-aubade.fr Cross Site Scripting vulnerability OBB-2999805
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
AI Score
espace-evasion-delmoly.com Cross Site Scripting vulnerability OBB-2998933
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
AI Score
espace-du-son.com Cross Site Scripting vulnerability OBB-2998932
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
AI Score
espace-couture.fr Cross Site Scripting vulnerability OBB-2990906
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
AI Score
Description of the security update for SharePoint Foundation 2013: October 11, 2022 (KB5002284)
Description of the security update for SharePoint Foundation 2013: October 11, 2022 (KB5002284) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common...
9.1AI Score
0.013EPSS
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded...
7.5CVSS
7.4AI Score
0.002EPSS
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded...
7.5AI Score
0.002EPSS
The mintToken function of a smart contract implementation for IADOWR Coin (IAD), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any...
7.5CVSS
7.7AI Score
0.001EPSS
The mintToken function of a smart contract implementation for IADOWR Coin (IAD), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any...
7.7AI Score
0.001EPSS
The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video Conference system do not update the Session ID upon successful establishment of a login session, which allows remote authenticated users to hijack sessions via an unspecified interception...
6.4AI Score
0.002EPSS
The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video Conference system do not update the Session ID upon successful establishment of a login session, which allows remote authenticated users to hijack sessions via an unspecified interception...
6.5AI Score
0.002EPSS
Integrating Live Patching in SecDevOps Workflows
SecDevOps is, just like DevOps, a transformational change that organizations undergo at some point during their lifetime. Just like many other big changes, SecDevOps is commonly adopted after a reality check of some kind: a big damaging cybersecurity incident, for example. A major security breach.....
-0.3AI Score
9.8CVSS
9.6AI Score
0.014EPSS
espace-formatif-cfa.fr Cross Site Scripting vulnerability OBB-2854788
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
Adobe Acrobat Reader DC overlapping annotations type confusion vulnerability
Summary A type confusion vulnerability exists in the way Adobe Acrobat Reader DC 2022.001.20085 deals with overlapping annotations. A specially-crafted PDF document can trigger this vulnerability, which can lead to arbitrary code execution. A victim needs to open the malicious file to trigger this....
7.8CVSS
0.1AI Score
0.001EPSS