Lucene search

K

F-Secure Endpoint Protection Products On Mac, F-Secure Linux Security (32-bit), F-Secure Linux Security 64, F-Secure Atlant, F-Secure Internet Gatekeeper & F-Secure Security Cloud Security Vulnerabilities

openbugbounty
openbugbounty

san-agustinillo.com Cross Site Scripting vulnerability OBB-3935897

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:21 PM
3
openbugbounty
openbugbounty

saat24.news Cross Site Scripting vulnerability OBB-3935894

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:20 PM
4
openbugbounty
openbugbounty

e-library.iep.edu.gr Cross Site Scripting vulnerability OBB-3935892

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:20 PM
3
openbugbounty
openbugbounty

prostead.com Cross Site Scripting vulnerability OBB-3935890

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:19 PM
4
openbugbounty
openbugbounty

roseandcrowntintern.co.uk Cross Site Scripting vulnerability OBB-3935891

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:19 PM
3
openbugbounty
openbugbounty

morageology.com Cross Site Scripting vulnerability OBB-3935884

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:17 PM
4
openbugbounty
openbugbounty

multivacanze.com Cross Site Scripting vulnerability OBB-3935886

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:17 PM
3
openbugbounty
openbugbounty

mosir.zgora.pl Cross Site Scripting vulnerability OBB-3935885

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:17 PM
3
openbugbounty
openbugbounty

litgraf.com Cross Site Scripting vulnerability OBB-3935882

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:16 PM
4
nvd
nvd

CVE-2024-5741

Stored XSS in inventory tree rendering in Checkmk before 2.3.0p7, 2.2.0p28, 2.1.0p45 and 2.0.0...

6.5CVSS

0.0004EPSS

2024-06-17 12:15 PM
4
cve
cve

CVE-2024-5741

Stored XSS in inventory tree rendering in Checkmk before 2.3.0p7, 2.2.0p28, 2.1.0p45 and 2.0.0...

6.5CVSS

6.2AI Score

0.0004EPSS

2024-06-17 12:15 PM
10
openbugbounty
openbugbounty

kodomoyugakukan.jp Cross Site Scripting vulnerability OBB-3935877

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:14 PM
4
openbugbounty
openbugbounty

stoxos.edu.gr Cross Site Scripting vulnerability OBB-3935873

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:13 PM
4
openbugbounty
openbugbounty

indialink-online.com Cross Site Scripting vulnerability OBB-3935871

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:12 PM
4
openbugbounty
openbugbounty

ipages.ru Cross Site Scripting vulnerability OBB-3935872

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:12 PM
3
openbugbounty
openbugbounty

fudogiken.co.jp Cross Site Scripting vulnerability OBB-3935868

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:10 PM
5
openbugbounty
openbugbounty

fakeluxurywatches.com Cross Site Scripting vulnerability OBB-3935867

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:10 PM
4
openbugbounty
openbugbounty

datasalen.se Cross Site Scripting vulnerability OBB-3935864

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:08 PM
4
openbugbounty
openbugbounty

dagensmenu.dk Cross Site Scripting vulnerability OBB-3935863

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:08 PM
2
openbugbounty
openbugbounty

cc-belley-bas-bugey.com Cross Site Scripting vulnerability OBB-3935858

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:05 PM
4
openbugbounty
openbugbounty

blind.fish Cross Site Scripting vulnerability OBB-3935857

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:05 PM
5
openbugbounty
openbugbounty

aocgoldweb.com Cross Site Scripting vulnerability OBB-3935856

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:04 PM
4
openbugbounty
openbugbounty

akariaryaca.com Cross Site Scripting vulnerability OBB-3935855

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:03 PM
3
openbugbounty
openbugbounty

my.ict.co Cross Site Scripting vulnerability OBB-3935852

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:02 PM
5
openbugbounty
openbugbounty

morimarket.blog.wox.cc Cross Site Scripting vulnerability OBB-3935845

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 12:00 PM
5
ibm
ibm

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to libssh, Linux-pam ,Kerberos 5, systemd and idna packages/liberaries.

Summary IBM MQ Operator and Queue manager container images are vulnerable to libssh, Linux-pam ,Kerberos 5, systemd and idna. This bulletin identifies the steps required to address these vulnerabilities Vulnerability Details ** CVEID: CVE-2023-6004 DESCRIPTION: **libssh could allow a local...

5.9CVSS

8.6AI Score

EPSS

2024-06-17 11:59 AM
1
openbugbounty
openbugbounty

mail.hospitalsanrafaeltunja.gov.co Cross Site Scripting vulnerability OBB-3935844

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 11:59 AM
5
thn
thn

China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices

A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal...

7.9AI Score

2024-06-17 11:59 AM
14
githubexploit
githubexploit

Exploit for CVE-2024-4367

PDF.js Vulnerability Demo Project This project is intended to...

7.2AI Score

2024-06-17 11:39 AM
35
openbugbounty
openbugbounty

mainaloski.gr Cross Site Scripting vulnerability OBB-3935836

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 11:28 AM
5
thn
thn

What is DevSecOps and Why is it Essential for Secure Software Delivery?

Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or after a service is deployed), the ensuing process of compiling and fixing vulnerabilities creates massive.....

7.4AI Score

2024-06-17 11:26 AM
4
schneier
schneier

Using LLMs to Exploit Vulnerabilities

Interesting research: "Teams of LLM Agents can Exploit Zero-Day Vulnerabilities." Abstract: LLM agents have become increasingly sophisticated, especially in the realm of cybersecurity. Researchers have shown that LLM agents can exploit real-world vulnerabilities when given a description of the...

7.3AI Score

2024-06-17 11:08 AM
6
openbugbounty
openbugbounty

en.bfsgroup.gr Cross Site Scripting vulnerability OBB-3935832

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 10:25 AM
5
openbugbounty
openbugbounty

bazaar.benaki.org Cross Site Scripting vulnerability OBB-3935831

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 10:03 AM
3
wired
wired

Hackers Detail How They Allegedly Stole Ticketmaster Data From Snowflake

A ShinyHunters hacker tells WIRED that they gained access to Ticketmaster’s Snowflake cloud account—and others—by first breaching a third-party...

7.2AI Score

2024-06-17 09:30 AM
5
ibm
ibm

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to issues due to ThreeTen Backport, Apache Commons Configuration, JJWT and Fasterxml jackson-databind

Summary There are vulnerabilities in ThreeTen Backport, Apache Commons Configuration, JJWT and Fasterxml jackson-databind used by Install Agent, Integrated File Agent and Integrated Web Services in IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows....

4.7CVSS

9.1AI Score

0.0004EPSS

2024-06-17 09:29 AM
1
veracode
veracode

Insecure Credential Storage

TYPO3 is vulnerable to Insecure Credential Storage. The vulnerability is due to the backend form reloading when creating new backend user accounts, potentially persisting records with insecure or empty...

7AI Score

2024-06-17 09:18 AM
rosalinux
rosalinux

Advisory ROSA-SA-2024-2433

software: emacs 28.1 WASP: ROSA-CHROME package_evr_string: emacs-28.1-5 CVE-ID: CVE-2022-48339 BDU-ID: None CVE-Crit: N/A CVE-DESC.: A problem was discovered in GNU Emacs. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and srcdir...

9.8CVSS

7.9AI Score

0.002EPSS

2024-06-17 09:05 AM
veracode
veracode

Privilege Escalation

silverstripe/framework is vulnerable to Privilege Escalation. The vulnerability is due to the CMS Fields for members being constructed using DirectGroups instead of Groups relation. The vulnerability allows attacker with EDIT_PERMISSIONS and access to the "Security" section to escalate their...

7.3AI Score

2024-06-17 09:03 AM
veracode
veracode

Insufficient Entropy

zendframework/zend-captcha is vulnerable to Insufficient Entropy. The vulnerability is due to the use of PHP's array_rand() function, which does not generate sufficient entropy, leading to predictable CAPTCHA words. The attacker can potentially brute force the CAPTCHA words by exploiting the weak.....

7AI Score

2024-06-17 08:50 AM
veracode
veracode

Improper Authentication

zendframework/zendopenid is vulnerable to Improper Authentication. The vulnerability is due to insufficient parameter validation resulting in accepting tokens with arbitrary signed elements. Ab attacker can impersonate any OpenID Identity by using a malicious OpenID Provider, resulting in...

7.3AI Score

2024-06-17 08:43 AM
openbugbounty
openbugbounty

ermis-suites.gr Cross Site Scripting vulnerability OBB-3935826

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 08:40 AM
5
veracode
veracode

Cross-site Scripting (XSS)

TYPO3 is vulnerable to cross-site scripting (XSS). The vulnerability is due to templates using built-in Fluid ViewHelpers which fail to properly encode user...

6.4AI Score

2024-06-17 08:39 AM
1
openbugbounty
openbugbounty

typet.gr Cross Site Scripting vulnerability OBB-3935825

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-17 08:39 AM
4
openbugbounty
openbugbounty

codepromo-rtbf-be.digidip.net Open Redirect vulnerability OBB-3935824

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

7AI Score

2024-06-17 08:37 AM
4
ibm
ibm

Security Bulletin: IBM Maximo Application Suite uses jose-2.0.6.tgz which is vulnerable to CVE-2024-28176.

Summary Security Bulletin: IBM Maximo Application Suite uses jose-2.0.6.tgz which is vulnerable to CVE-2024-28176. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2024-28176 DESCRIPTION: **Node.js jose module is vulnerable to a...

4.9CVSS

7AI Score

0.0004EPSS

2024-06-17 08:34 AM
openbugbounty
openbugbounty

forumanti-crisefr.digidip.net Open Redirect vulnerability OBB-3935823

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

7AI Score

2024-06-17 08:33 AM
4
osv
osv

Malicious code in @corraldev/cli (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (2ce1f827fc48514e74b4bd81dc008359f2284ff02be068cbae81851f6e2056ea) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI Score

2024-06-17 08:32 AM
osv
osv

Malicious code in corraldev-activationsvc (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (783e4eb475d74b1b4adc4aa4851393ded5ef222b3779734a8b1e4fe125605c6d) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI Score

2024-06-17 08:32 AM
ibm
ibm

Security Bulletin: IBM Maximo Application Suite uses follow-redirects-1.15.4.tgz which is vulnerable to CVE-2024-28849

Summary IBM Maximo Application Suite uses follow-redirects-1.15.4.tgz which is vulnerable to CVE-2024-28849. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2024-28849 DESCRIPTION: **Node.js follow-redirects module could allow a...

6.5CVSS

6.4AI Score

0.0004EPSS

2024-06-17 08:31 AM
1
Total number of security vulnerabilities2968778