Lucene search

K

F-Secure Endpoint Protection Products On Mac, F-Secure Linux Security (32-bit), F-Secure Linux Security 64, F-Secure Atlant, F-Secure Internet Gatekeeper & F-Secure Security Cloud Security Vulnerabilities

cvelist
cvelist

CVE-2024-0066

Johan Fagerström, member of the AXIS OS Bug Bounty Program, has found that a O3C feature may expose sensitive traffic between the client (Axis device) and (O3C) server. If O3C is not being used this flaw does not apply. Axis has released patched AXIS OS versions for the highlighted flaw. Please...

5.3CVSS

0.0004EPSS

2024-06-18 06:10 AM
3
cvelist
cvelist

CVE-2024-34024

Observable response discrepancy issue exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, an unauthenticated remote attacker may determine if a username is valid or...

0.0004EPSS

2024-06-18 05:44 AM
4
cvelist
cvelist

CVE-2024-33620

Absolute path traversal vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, the file contents including sensitive information on the server may be retrieved by an unauthenticated remote...

0.0004EPSS

2024-06-18 05:44 AM
2
cvelist
cvelist

CVE-2024-33622

Missing authentication for critical function vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, sensitive information may be obtained and/or the information stored in the database may be altered by a remote authenticated...

0.0004EPSS

2024-06-18 05:44 AM
2
cvelist
cvelist

CVE-2024-37081

The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server...

7.8CVSS

0.0004EPSS

2024-06-18 05:43 AM
4
cvelist
cvelist

CVE-2023-5527 Business Directory Plugin <= 6.4.3 - Authenticated (Author+) CSV Injection

The Business Directory Plugin plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 6.4.3 via the class-csv-exporter.php file. This allows authenticated attackers, with author-level permissions and above, to embed untrusted input into CSV files exported by...

7.4CVSS

0.001EPSS

2024-06-18 05:38 AM
1
redhatcve
redhatcve

CVE-2024-38394

Mismatches in interpreting USB authorization policy between GNOME Settings Daemon (GSD) through 46.0 and the Linux kernel's underlying device matching logic allow a physically proximate attacker to access some unintended Linux kernel USB functionality, such as USB device-specific kernel modules...

6.8AI Score

0.0004EPSS

2024-06-18 05:07 AM
2
redhatcve
redhatcve

CVE-2024-38428

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host...

6.8AI Score

0.0004EPSS

2024-06-18 05:07 AM
1
redhatcve
redhatcve

CVE-2024-36600

Buffer Overflow Vulnerability in libcdio v2.1.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image...

7.8AI Score

0.0004EPSS

2024-06-18 05:07 AM
1
cve
cve

CVE-2024-5860

The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the tc_dl_delete_tickets AJAX action in all versions up to, and including, 3.5.2.8. This makes it possible for authenticated attackers, with Subscriber-level....

4.3CVSS

6.5AI Score

0.0004EPSS

2024-06-18 04:15 AM
4
nvd
nvd

CVE-2024-5860

The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the tc_dl_delete_tickets AJAX action in all versions up to, and including, 3.5.2.8. This makes it possible for authenticated attackers, with Subscriber-level....

4.3CVSS

0.0004EPSS

2024-06-18 04:15 AM
4
openbugbounty
openbugbounty

ehcanadatravel.com Cross Site Scripting vulnerability OBB-3936039

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 03:40 AM
6
openbugbounty
openbugbounty

efihardware.com Cross Site Scripting vulnerability OBB-3936038

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 03:38 AM
5
openbugbounty
openbugbounty

efhca.com Cross Site Scripting vulnerability OBB-3936037

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 03:37 AM
5
openbugbounty
openbugbounty

efficacemente.com Cross Site Scripting vulnerability OBB-3936036

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 03:36 AM
6
openbugbounty
openbugbounty

educativo.net Cross Site Scripting vulnerability OBB-3936034

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 03:34 AM
4
openbugbounty
openbugbounty

editorajc.com.br Cross Site Scripting vulnerability OBB-3936033

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 03:33 AM
5
openbugbounty
openbugbounty

easytourchina.com Cross Site Scripting vulnerability OBB-3936030

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 03:29 AM
5
openbugbounty
openbugbounty

eastmanjohnson.org Cross Site Scripting vulnerability OBB-3936029

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 03:28 AM
3
openbugbounty
openbugbounty

dugdalebros.com Cross Site Scripting vulnerability OBB-3936027

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 03:24 AM
4
openbugbounty
openbugbounty

drraoof.com Cross Site Scripting vulnerability OBB-3936025

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 03:18 AM
3
openbugbounty
openbugbounty

drdarjdental.com Cross Site Scripting vulnerability OBB-3936024

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 03:18 AM
4
openbugbounty
openbugbounty

dr-tschauder.de Cross Site Scripting vulnerability OBB-3936023

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 03:16 AM
3
cve
cve

CVE-2024-5541

The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ibtana_visual_editor_register_ajax_json_endpont' function in all versions up to, and including, 1.2.3.3. This makes it possible for...

5.3CVSS

5.2AI Score

0.001EPSS

2024-06-18 03:15 AM
3
nvd
nvd

CVE-2024-5541

The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ibtana_visual_editor_register_ajax_json_endpont' function in all versions up to, and including, 1.2.3.3. This makes it possible for...

5.3CVSS

0.001EPSS

2024-06-18 03:15 AM
2
cve
cve

CVE-2024-0845

The PDF Viewer for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the render function in all versions up to, and including, 2.9.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level.....

6.4CVSS

5.8AI Score

0.001EPSS

2024-06-18 03:15 AM
1
nvd
nvd

CVE-2024-1634

The Scheduling Plugin – Online Booking for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'cbsb_disconnect_settings' function in all versions up to, and including, 3.5.10. This makes it possible for unauthenticated attackers to...

6.5CVSS

0.0005EPSS

2024-06-18 03:15 AM
4
cve
cve

CVE-2024-1634

The Scheduling Plugin – Online Booking for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'cbsb_disconnect_settings' function in all versions up to, and including, 3.5.10. This makes it possible for unauthenticated attackers to...

6.5CVSS

6.3AI Score

0.0005EPSS

2024-06-18 03:15 AM
2
nvd
nvd

CVE-2024-4375

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ms_layer' shortcode in all versions up to, and including, 3.9.10 due to insufficient input sanitization and output escaping on the 'css_id' user supplied attribute. This.....

6.4CVSS

0.0004EPSS

2024-06-18 03:15 AM
4
cve
cve

CVE-2024-4375

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ms_layer' shortcode in all versions up to, and including, 3.9.10 due to insufficient input sanitization and output escaping on the 'css_id' user supplied attribute. This.....

6.4CVSS

5.7AI Score

0.0004EPSS

2024-06-18 03:15 AM
3
nvd
nvd

CVE-2024-0845

The PDF Viewer for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the render function in all versions up to, and including, 2.9.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level.....

6.4CVSS

0.001EPSS

2024-06-18 03:15 AM
3
cvelist
cvelist

CVE-2024-5860 Tickera <= 3.5.2.8 - Missing Authorization to Authenticated (Susbcriber+) Ticket Deletion

The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the tc_dl_delete_tickets AJAX action in all versions up to, and including, 3.5.2.8. This makes it possible for authenticated attackers, with Subscriber-level....

4.3CVSS

0.0004EPSS

2024-06-18 03:13 AM
3
openbugbounty
openbugbounty

dpchallenge.com Cross Site Scripting vulnerability OBB-3936022

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 03:13 AM
openbugbounty
openbugbounty

doctoralizadeh.com Cross Site Scripting vulnerability OBB-3936021

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 03:09 AM
1
openbugbounty
openbugbounty

divephotoguide.com Cross Site Scripting vulnerability OBB-3936020

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 03:06 AM
openbugbounty
openbugbounty

diu-minnezit.de Cross Site Scripting vulnerability OBB-3936019

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 03:05 AM
2
openbugbounty
openbugbounty

digitalartsandentertainment.be Cross Site Scripting vulnerability OBB-3936015

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 03:01 AM
2
openbugbounty
openbugbounty

dgb-courtage.com Cross Site Scripting vulnerability OBB-3936013

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 02:59 AM
2
openbugbounty
openbugbounty

dentalphotomaster.com Cross Site Scripting vulnerability OBB-3936010

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 02:56 AM
2
openbugbounty
openbugbounty

delmarvapain.com Cross Site Scripting vulnerability OBB-3936009

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 02:55 AM
2
openbugbounty
openbugbounty

delinat.com Cross Site Scripting vulnerability OBB-3936008

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-18 02:54 AM
2
cvelist
cvelist

CVE-2024-5541 Ibtana - WordPress Website Builder <= 1.2.3.3 - Unauthenticated reCAPTCHA Settings Update

The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ibtana_visual_editor_register_ajax_json_endpont' function in all versions up to, and including, 1.2.3.3. This makes it possible for...

5.3CVSS

0.001EPSS

2024-06-18 02:37 AM
2
cvelist
cvelist

CVE-2024-1634 Scheduling Plugin – Online Booking for WordPress <= 3.5.10 - Missing Authorization to Unauthenticated Service Disconnection

The Scheduling Plugin – Online Booking for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'cbsb_disconnect_settings' function in all versions up to, and including, 3.5.10. This makes it possible for unauthenticated attackers to...

6.5CVSS

0.0005EPSS

2024-06-18 02:37 AM
1
cvelist
cvelist

CVE-2024-4375 Master Slider – Responsive Touch Slider <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_layer Shortcode

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ms_layer' shortcode in all versions up to, and including, 3.9.10 due to insufficient input sanitization and output escaping on the 'css_id' user supplied attribute. This.....

6.4CVSS

0.0004EPSS

2024-06-18 02:37 AM
2
cve
cve

CVE-2024-38264

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

7.2AI Score

2024-06-18 12:49 AM
6
cve
cve

CVE-2024-27256

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

7.2AI Score

2024-06-18 12:49 AM
3
nessus
nessus

Oracle Linux 9 : firefox (ELSA-2024-3955)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3955 advisory. [115.12.0-1.0.1] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [115.12.0-1] - Update to 115.12.0 build1 Tenable has...

7.5AI Score

2024-06-18 12:00 AM
openvas
openvas

Ubuntu: Security Advisory (USN-6837-1)

The remote host is missing an update for...

7.5CVSS

5.8AI Score

0.001EPSS

2024-06-18 12:00 AM
openvas
openvas

Mageia: Security Advisory (MGASA-2024-0227)

The remote host is missing an update for...

4.4CVSS

7.1AI Score

0.0004EPSS

2024-06-18 12:00 AM
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:2033-1)

The remote host is missing an update for...

7.5CVSS

7.7AI Score

0.05EPSS

2024-06-18 12:00 AM
Total number of security vulnerabilities2968778