hoopsalytics.com Cross Site Scripting vulnerability OBB-3931942
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
The snapctl component within snapd allows a confined snap to interact with the snapd daemon to take certain privileged actions on behalf of the snap. It was found that snapctl did not properly parse command-line arguments, allowing an unprivileged user to trigger an authorised action on behalf of.....
7.2AI Score
Friday Squid Blogging: Baby Colossal Squid
This video might be a juvenile colossal squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines...
7.2AI Score
CVE-2024-34009 moodle: ReCAPTCHA can be bypassed on the login page
Insufficient checks whether ReCAPTCHA was enabled made it possible to bypass the checks on the login page. This did not affect other pages where ReCAPTCHA is...
6.9AI Score
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore database activity modules and direct access to the web server outside of the Moodle webroot could execute a local file...
7AI Score
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore wiki modules and direct access to the web server outside of the Moodle webroot could execute a local file...
7AI Score
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore workshop modules and direct access to the web server outside of the Moodle webroot could execute a local file...
7AI Score
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore feedback modules and direct access to the web server outside of the Moodle webroot could execute a local file...
7AI Score
7.2AI Score
0.0004EPSS
yardmastersniagara.com Cross Site Scripting vulnerability OBB-3931941
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
summerofloveconcert.com Cross Site Scripting vulnerability OBB-3931940
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CVE-2024-33998 moodle: stored XSS via user's name on participants page when opening some options
Insufficient escaping of participants' names in the participants page table resulted in a stored XSS risk when interacting with some...
6AI Score
italianicecream.ca Cross Site Scripting vulnerability OBB-3931938
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
riverrapidsinn.com Cross Site Scripting vulnerability OBB-3931937
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
greekonportage.com Cross Site Scripting vulnerability OBB-3931936
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
daverotella.com Cross Site Scripting vulnerability OBB-3931935
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
eccdc.org Cross Site Scripting vulnerability OBB-3931934
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
yowdesign.com Cross Site Scripting vulnerability OBB-3931932
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CVE-2022-36765 affecting package edk2 for versions less than 20240223gitedc6681206c1-1
CVE-2022-36765 affecting package edk2 for versions less than 20240223gitedc6681206c1-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.0004EPSS
CVE-2024-25110 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1
CVE-2024-25110 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.0004EPSS
CVE-2023-5115 affecting package ansible for versions less than 2.17.0-1
CVE-2023-5115 affecting package ansible for versions less than 2.17.0-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.001EPSS
CVE-2023-5764 affecting package ansible for versions less than 2.17.0-1
CVE-2023-5764 affecting package ansible for versions less than 2.17.0-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.0004EPSS
CVE-2024-32487 affecting package less for versions less than 643-2
CVE-2024-32487 affecting package less for versions less than 643-2. A patched version of the package is...
7.3AI Score
0.0004EPSS
CVE-2024-31744 affecting package jasper for versions less than 4.2.1-2
CVE-2024-31744 affecting package jasper for versions less than 4.2.1-2. A patched version of the package is...
7.3AI Score
0.0004EPSS
CVE-2022-36764 affecting package edk2 for versions less than 20240223gitedc6681206c1-1
CVE-2022-36764 affecting package edk2 for versions less than 20240223gitedc6681206c1-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.0004EPSS
CVE-2023-45234 affecting package edk2 for versions less than 20240223gitedc6681206c1-1
CVE-2023-45234 affecting package edk2 for versions less than 20240223gitedc6681206c1-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.001EPSS
CVE-2022-36763 affecting package edk2 for versions less than 20240223gitedc6681206c1-1
CVE-2022-36763 affecting package edk2 for versions less than 20240223gitedc6681206c1-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.0004EPSS
CVE-2023-45231 affecting package edk2 for versions less than 20240223gitedc6681206c1-1
CVE-2023-45231 affecting package edk2 for versions less than 20240223gitedc6681206c1-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.001EPSS
CVE-2023-45232 affecting package edk2 for versions less than 20240223gitedc6681206c1-1
CVE-2023-45232 affecting package edk2 for versions less than 20240223gitedc6681206c1-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.006EPSS
CVE-2024-27099 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1
CVE-2024-27099 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.0004EPSS
CVE-2024-24806 affecting package libuv for versions less than 1.48.0-1
CVE-2024-24806 affecting package libuv for versions less than 1.48.0-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.001EPSS
CVE-2024-0690 affecting package ansible for versions less than 2.17.0-1
CVE-2024-0690 affecting package ansible for versions less than 2.17.0-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.0004EPSS
CVE-2024-35176 affecting package rubygem-rexml for versions less than 3.2.8-1
CVE-2024-35176 affecting package rubygem-rexml for versions less than 3.2.8-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.0004EPSS
CVE-2024-4317 affecting package postgresql for versions less than 16.3-1
CVE-2024-4317 affecting package postgresql for versions less than 16.3-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.0004EPSS
CVE-2023-45233 affecting package edk2 for versions less than 20240223gitedc6681206c1-1
CVE-2023-45233 affecting package edk2 for versions less than 20240223gitedc6681206c1-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.004EPSS
CVE-2024-0985 affecting package postgresql for versions less than 16.3-1
CVE-2024-0985 affecting package postgresql for versions less than 16.3-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.001EPSS
CVE-2023-45229 affecting package edk2 for versions less than 20240223gitedc6681206c1-1
CVE-2023-45229 affecting package edk2 for versions less than 20240223gitedc6681206c1-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.001EPSS
CVE-2024-29195 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1
CVE-2024-29195 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.0004EPSS
CVE-2024-22017 affecting package libuv for versions less than 1.48.0-1
CVE-2024-22017 affecting package libuv for versions less than 1.48.0-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.0004EPSS
CVE-2022-4304 affecting package edk2 for versions less than 20240223gitedc6681206c1-1
CVE-2022-4304 affecting package edk2 for versions less than 20240223gitedc6681206c1-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.002EPSS
CVE-2024-21646 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1
CVE-2024-21646 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.007EPSS
CVE-2023-45235 affecting package edk2 for versions less than 20240223gitedc6681206c1-1
CVE-2023-45235 affecting package edk2 for versions less than 20240223gitedc6681206c1-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.001EPSS
CVE-2023-45230 affecting package edk2 for versions less than 20240223gitedc6681206c1-1
CVE-2023-45230 affecting package edk2 for versions less than 20240223gitedc6681206c1-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.001EPSS
CVE-2023-45236 affecting package edk2 for versions less than 20240223gitedc6681206c1-1
CVE-2023-45236 affecting package edk2 for versions less than 20240223gitedc6681206c1-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.001EPSS
CVE-2023-45237 affecting package edk2 for versions less than 20240223gitedc6681206c1-1
CVE-2023-45237 affecting package edk2 for versions less than 20240223gitedc6681206c1-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.001EPSS
CVE-2024-26455 affecting package fluent-bit for versions less than 3.0.3-1
CVE-2024-26455 affecting package fluent-bit for versions less than 3.0.3-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.0004EPSS
CVE-2023-5870 affecting package postgresql for versions less than 16.3-1
CVE-2023-5870 affecting package postgresql for versions less than 16.3-1. An upgraded version of the package is available that resolves this...
7.3AI Score
0.001EPSS
excelsos.com.ar Cross Site Scripting vulnerability OBB-3931931
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
lcs-engineering.com Cross Site Scripting vulnerability OBB-3931930
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
institutchopin.com Cross Site Scripting vulnerability OBB-3931926
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score