layout-pcb-design.com Cross Site Scripting vulnerability OBB-3939594
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
uhu.es Cross Site Scripting vulnerability OBB-3939590
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
emmalemasson.fr Cross Site Scripting vulnerability OBB-3939589
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
laganggps.ca Cross Site Scripting vulnerability OBB-3939588
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
tnbnewyearseve.bpt.me Cross Site Scripting vulnerability OBB-3939562
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CVE-2022-3857 affecting package syslinux 6.04-10
CVE-2022-3857 affecting package syslinux 6.04-10. No patch is available...
5.5CVSS
5.5AI Score
0.001EPSS
CVE-2022-43552 affecting package cmake 3.21.4-10
CVE-2022-43552 affecting package cmake 3.21.4-10. No patch is available...
5.9CVSS
8AI Score
0.001EPSS
CVE-2023-23916 affecting package cmake 3.21.4-10
CVE-2023-23916 affecting package cmake 3.21.4-10. No patch is available...
6.5CVSS
8.3AI Score
0.001EPSS
CVE-2023-23915 affecting package cmake 3.21.4-10
CVE-2023-23915 affecting package cmake 3.21.4-10. No patch is available...
6.5CVSS
8AI Score
0.001EPSS
CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10
CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10. A patched version of the package is...
7.5CVSS
7.8AI Score
0.732EPSS
CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10
CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10. A patched version of the package is...
7.5CVSS
7.8AI Score
0.732EPSS
CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10
CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10
CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
pabodie.com Cross Site Scripting vulnerability OBB-3939543
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
ludinantes.fr Cross Site Scripting vulnerability OBB-3939537
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length...
6.7AI Score
0.0004EPSS
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the...
6.6AI Score
0.0004EPSS
This repository hosts source code implementing the Trusted Computing Group's (TCG) TPM2 Software Stack (TSS). The JSON Quote Info returned by Fapi_Quote has to be deserialized by Fapi_VerifyQuote to the TPM Structure TPMS_ATTEST. For the field TPM2_GENERATED magic of this structure any number can.....
4.3CVSS
6.8AI Score
0.0004EPSS
Buffer Overflow vulnerability in DCMTK v.3.6.8 allows an attacker to execute arbitrary code via the EctEnhancedCT method...
7.9AI Score
0.0004EPSS
Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data
The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that's designed to steal sensitive information as part of an ongoing intelligence collection effort. Zscaler ThreatLabz, which observed the activity in early March 2024, has...
7.8CVSS
7.5AI Score
0.974EPSS
tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...
9CVSS
9AI Score
0.0004EPSS
Grafana XSS in header column rename in github.com/grafana/grafana
Grafana XSS in header column rename in...
6.1CVSS
5.8AI Score
0.005EPSS
Apache Answer Race Condition vulnerability in github.com/apache/incubator-answer
Apache Answer Race Condition vulnerability in...
3.1CVSS
6.7AI Score
0.001EPSS
Ingress-nginx code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation in...
8.8CVSS
7.2AI Score
0.001EPSS
tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by tpm2 checkquote. This issue was patched in version...
4.3CVSS
6.8AI Score
0.0004EPSS
msmt.gov.cz Cross Site Scripting vulnerability OBB-3939457
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
ottozeus.com Cross Site Scripting vulnerability OBB-3939437
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
tuner.fdnetwork.com.au Cross Site Scripting vulnerability OBB-3939418
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
projects.fdnetwork.com.au Cross Site Scripting vulnerability OBB-3939416
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
proxy.fdnetwork.com.au Cross Site Scripting vulnerability OBB-3939417
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
install.fdnetwork.com.au Cross Site Scripting vulnerability OBB-3939415
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
file.fdnetwork.com.au Cross Site Scripting vulnerability OBB-3939414
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
bvs.sa.cr Cross Site Scripting vulnerability OBB-3939413
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
fisica.unam.mx Cross Site Scripting vulnerability OBB-3939411
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
domus.am Cross Site Scripting vulnerability OBB-3939409
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
endmemo.com Cross Site Scripting vulnerability OBB-3939404
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
worldhistorymaps.info Cross Site Scripting vulnerability OBB-3939378
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
vitoriasc.pt Cross Site Scripting vulnerability OBB-3939354
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Certain HP PC BIOS Logo Vulnerabilities
Potential security vulnerabilities, known as LogoFAIL, have been reported in the AMI BIOS and the Insyde BIOS used in certain HP PC products, which might allow escalation of privilege, arbitrary code execution, denial of service, information disclosure, and/or data tampering. AMI and Insyde are...
7.8CVSS
7.8AI Score
0.0004EPSS
Intel Chipset Device Software May 2024 Security Update
Intel has informed HP of a potential security vulnerability in some Intel® Chipset Device Software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...
6.7CVSS
7.1AI Score
0.0004EPSS
7.1AI Score
0.0004EPSS
7.1AI Score
0.0004EPSS
Debian dla-3847 : dcmtk - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3847 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3847-1 [email protected] ...
7.5CVSS
7.2AI Score
0.003EPSS
In the Linux kernel before 4.8, usb_parse_endpoint in drivers/usb/core/config.c does not validate the wMaxPacketSize field of an endpoint descriptor. NOTE: This vulnerability only affects products that are no longer supported by the...
7AI Score
0.0004EPSS
In phpseclib before 1.0.22, 2.x before 2.0.46, and 3.x before 3.0.33, some characters in Subject Alternative Name fields in TLS certificates are incorrectly allowed to have a special meaning in regular expressions (such as a + wildcard), leading to name confusion in X.509 certificate host...
6.6AI Score
0.0004EPSS
NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. This affects, for example, averaged_perceptron_tagger and...
7.7AI Score
0.0004EPSS
CPython 3.9 and earlier doesn't disallow configuring an empty list ("[]") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used (see CVE-2024-5535 for OpenSSL). This vulnerability is of low severity due to...
6.6AI Score
0.0004EPSS
A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the __zzip_fetch_disk_trailer() function at...
6.6AI Score
0.0004EPSS
Decoding OWASP – A Security Engineer’s Roadmap to Application Security
In a time where over 60% of data breaches are linked to software vulnerabilities and a single overlooked software vulnerability can expose sensitive data, the imperative of robust application security cannot be overstated. The 2023 IBM Security Cost of a Data Breach Report highlights that...
8.4AI Score
Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of service via the __zzip_parse_root_directory() function at...
6.6AI Score
0.0004EPSS