Lucene search

K

Goolytics – Simple Google Analytics Security Vulnerabilities

osv
osv

CGA-rxr7-qjj9-xf8j

Bulletin has no...

5.8AI Score

2024-06-25 02:09 PM
osv
osv

CGA-jr43-5p8x-5hw3

Bulletin has no...

5.8AI Score

2024-06-25 02:09 PM
osv
osv

CGA-hh84-2wfx-r9gj

Bulletin has no...

5.8AI Score

2024-06-25 02:09 PM
osv
osv

CGA-gmc4-4vrp-848q

Bulletin has no...

5.8AI Score

2024-06-25 02:04 PM
osv
osv

CGA-87rr-22r2-g8x6

Bulletin has no...

7.2AI Score

2024-06-25 02:04 PM
osv
osv

CGA-cm7c-wjqw-rp4x

Bulletin has no...

5.8AI Score

2024-06-25 02:04 PM
osv
osv

CGA-598r-p58j-7rqf

Bulletin has no...

5.8AI Score

2024-06-25 02:04 PM
osv
osv

CGA-4xr7-qfjp-f5x2

Bulletin has no...

5.8AI Score

2024-06-25 02:04 PM
osv
osv

CGA-4xx5-vp4r-9vwm

Bulletin has no...

5.8AI Score

2024-06-25 02:04 PM
osv
osv

CGA-4vmm-7hrf-9rx6

Bulletin has no...

5.8AI Score

2024-06-25 02:04 PM
osv
osv

CGA-2jpm-8hrp-3x75

Bulletin has no...

5.8AI Score

2024-06-25 02:04 PM
osv
osv

CGA-2gpx-j9wf-x7gf

Bulletin has no...

5.8AI Score

2024-06-25 02:04 PM
osv
osv

CGA-w7pc-vv6c-4fmm

Bulletin has no...

5.8AI Score

2024-06-25 01:04 PM
osv
osv

CGA-vwqx-qf6m-p26p

Bulletin has no...

5.8AI Score

2024-06-25 01:04 PM
osv
osv

CGA-j2qw-2x9r-mg22

Bulletin has no...

5.8AI Score

2024-06-25 01:04 PM
osv
osv

CGA-5vrr-fvvw-xjq3

Bulletin has no...

5.8AI Score

2024-06-25 01:04 PM
kitploit
kitploit

CloudBrute - Awesome Cloud Enumerator

A tool to find a company (target) infrastructure, files, and apps on the top cloud providers (Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, Linode). The outcome is useful for bug bounty hunters, red teamers, and penetration testers alike. The complete writeup is available. here...

7.2AI Score

2024-06-25 12:30 PM
2
osv
osv

BIT-opencart-2024-21515

This affects versions of the package opencart/opencart from 4.0.0-0. A reflected XSS issue was identified in the filename parameter of the admin tool/log route. An attacker could obtain a user's token by tricking the user to click on a maliciously crafted URL. The user is then prompted to login...

4.7CVSS

5AI Score

0.0005EPSS

2024-06-25 11:58 AM
osv
osv

BIT-opencart-2024-21516

This affects versions of the package opencart/opencart from 4.0.0-0. A reflected XSS issue was identified in the directory parameter of admin common/filemanager.list route. An attacker could obtain a user's token by tricking the user to click on a maliciously crafted URL. The user is then prompted....

4.7CVSS

5AI Score

0.0005EPSS

2024-06-25 11:58 AM
osv
osv

BIT-opencart-2024-21517

This affects versions of the package opencart/opencart from 4.0.0-0. A reflected XSS issue was identified in the redirect parameter of customer account/login route. An attacker can inject arbitrary HTML and Javascript into the page response. As this vulnerability is present in the account...

6.1CVSS

6.1AI Score

0.0005EPSS

2024-06-25 11:58 AM
osv
osv

BIT-opencart-2024-21518

This affects versions of the package opencart/opencart from 4.0.0-0. A Zip Slip issue was identified via the marketplace installer due to improper sanitization of the target path, allowing files within a malicious archive to traverse the filesystem and be extracted to arbitrary locations. An...

7.2CVSS

7AI Score

0.001EPSS

2024-06-25 11:57 AM
osv
osv

BIT-opencart-2024-21519

This affects versions of the package opencart/opencart from 4.0.0-0. An Arbitrary File Creation issue was identified via the database restoration functionality. By injecting PHP code into the database, an attacker with admin privileges can create a backup file with an arbitrary filename (including....

7.2CVSS

7.2AI Score

0.0005EPSS

2024-06-25 11:57 AM
ibm
ibm

Security Bulletin: Apache James and Bouncy Castle vulnerabilities in Apache Solr and Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2023-33202,CVE-2024-21742,CVE-2024-29857,CVE-2024-30172,CVE-2024-34447)

Summary There are potential denial of service and bypass security restrictions vulnerabilities in Apache James Mime4J and Bouncy Castle Crypto Package, which are used by Apache Solr and Logstash in IBM Operations Analytics - Log Analysis Vulnerability Details ** CVEID: CVE-2024-34447 DESCRIPTION:.....

5.5CVSS

7.9AI Score

EPSS

2024-06-25 10:21 AM
1
ibm
ibm

Security Bulletin: ThreeTen Backport vulnerability has been identified in Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2024-23081,CVE-2024-23082)

Summary There is a potential denial of service vulnerability in ThreeTen Backport that is used by Apache Solr in IBM Operations Analytics - Log Analysis Vulnerability Details ** CVEID: CVE-2024-23082 DESCRIPTION: **ThreeTen Backport is vulnerable to a denial of service, caused by an integer...

7.7AI Score

0.0004EPSS

2024-06-25 10:08 AM
osv
osv

CGA-96qq-mr6v-8845

Bulletin has no...

7.2AI Score

2024-06-25 09:49 AM
1
ibm
ibm

Security Bulletin: Apache Commons Configuration vulnerability has been identified in Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2024-29131,CVE-2024-29133)

Summary There is a potential out-of-bounds write vulnerability in Apache Commons Configuration that is used by Apache Solr in IBM Operations Analytics - Log Analysis Vulnerability Details ** CVEID: CVE-2024-29131 DESCRIPTION: **Apache Commons Configuration could allow a remote attacker to execute.....

8.4AI Score

0.0004EPSS

2024-06-25 09:10 AM
1
osv
osv

Malicious code in fing-react-components (npm)

-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (4e606602dc2c4b6d0550d90156a68cf31799054412bac90062d266e5bcad3d76) The OpenSSF Package Analysis project identified 'fing-react-components' @ 1.15.0 (npm) as malicious. It is considered malicious because: The...

7.1AI Score

2024-06-25 07:40 AM
2
osv
osv

linux-5.10 - security update

Bulletin has no...

7.8CVSS

8.1AI Score

EPSS

2024-06-25 12:00 AM
osv
osv

org-mode - security update

Bulletin has no...

6.5AI Score

0.0004EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : ruby (EulerOS-SA-2024-1846)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do...

6.8AI Score

EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1837)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fix mcast list locking Releasing the priv-lock while iterating...

7.8CVSS

7.7AI Score

0.0004EPSS

2024-06-25 12:00 AM
3
osv
osv

Important: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...

7.8CVSS

7.7AI Score

0.0004EPSS

2024-06-25 12:00 AM
osv
osv

linux-5.10 - security update

Bulletin has no...

8CVSS

8.5AI Score

0.0005EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : ruby (EulerOS-SA-2024-1825)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do...

6.8AI Score

EPSS

2024-06-25 12:00 AM
osv
osv

Important: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...

7.8CVSS

7.6AI Score

0.0005EPSS

2024-06-25 12:00 AM
osv
osv

Important: git security update

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to...

9CVSS

9.1AI Score

0.001EPSS

2024-06-25 12:00 AM
nessus
nessus

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1816)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fix mcast list locking Releasing the priv-lock while iterating...

7.8CVSS

7.7AI Score

0.0004EPSS

2024-06-25 12:00 AM
3
osv
osv

Important: git security update

Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to...

9CVSS

9.1AI Score

0.001EPSS

2024-06-25 12:00 AM
osv
osv

emacs - security update

Bulletin has no...

6.5AI Score

0.0004EPSS

2024-06-25 12:00 AM
openvas
openvas

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-1846)

The remote host is missing an update for the Huawei...

7.5AI Score

EPSS

2024-06-25 12:00 AM
openvas
openvas

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-1825)

The remote host is missing an update for the Huawei...

7.5AI Score

EPSS

2024-06-25 12:00 AM
osv
osv

linux - security update

Bulletin has no...

7.8CVSS

8.8AI Score

EPSS

2024-06-25 12:00 AM
osv
osv

linux-5.10 - security update

Bulletin has no...

7.8CVSS

7.8AI Score

0.0005EPSS

2024-06-25 12:00 AM
debiancve
debiancve

CVE-2024-6292

Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...

7.1AI Score

0.0004EPSS

2024-06-24 10:15 PM
nvd
nvd

CVE-2024-6293

Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...

0.0004EPSS

2024-06-24 10:15 PM
9
cve
cve

CVE-2024-6291

Use after free in Swiftshader in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...

7.1AI Score

0.0004EPSS

2024-06-24 10:15 PM
10
nvd
nvd

CVE-2024-6292

Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...

0.0004EPSS

2024-06-24 10:15 PM
6
debiancve
debiancve

CVE-2024-6291

Use after free in Swiftshader in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...

7.1AI Score

0.0004EPSS

2024-06-24 10:15 PM
3
cve
cve

CVE-2024-6290

Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...

7.1AI Score

0.0004EPSS

2024-06-24 10:15 PM
14
nvd
nvd

CVE-2024-6291

Use after free in Swiftshader in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...

0.0004EPSS

2024-06-24 10:15 PM
4
Total number of security vulnerabilities304787