acestampauctions.com Cross Site Scripting vulnerability OBB-3935316
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
vdvloknya.ucoz.ru Cross Site Scripting vulnerability OBB-3935312
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
shinozaki4chome.dr-kanjuku.net Cross Site Scripting vulnerability OBB-3935308
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
nishikoiwa.dr-kanjuku.net Cross Site Scripting vulnerability OBB-3935302
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
nazgull.ucoz.ru Cross Site Scripting vulnerability OBB-3935301
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
ichikawasoya.dr-kanjuku.net Cross Site Scripting vulnerability OBB-3935296
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
stampedesevens.com Cross Site Scripting vulnerability OBB-3935282
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Exploit for Deserialization of Untrusted Data in Clear Clearml
ClearML Exploit Script This repository contains a Python...
8.8CVSS
7.5AI Score
0.001EPSS
The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the settings parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the...
9.8CVSS
9.8AI Score
0.001EPSS
The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the display function. This makes it possible for authenticated attackers, with contributor access and higher, to include and...
6.4CVSS
6.8AI Score
0.0004EPSS
The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the display function. This makes it possible for authenticated attackers, with contributor access and higher, to include and...
6.4CVSS
0.0004EPSS
The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the settings parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the...
9.8CVSS
0.001EPSS
The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the display function. This makes it possible for authenticated attackers, with contributor access and higher, to include and...
6.4CVSS
0.0004EPSS
The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the settings parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the...
9.8CVSS
0.001EPSS
The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the settings parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the...
9.8CVSS
8.2AI Score
0.001EPSS
Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks
A suspected Pakistan-based threat actor has been linked to a cyber espionage campaign targeting Indian government entities in 2024. Cybersecurity company Volexity is tracking the activity under the moniker UTA0137, noting the adversary's exclusive use of a malware called DISGOMOJI that's written...
7.8CVSS
8.6AI Score
0.076EPSS
ecoparksg.com Cross Site Scripting vulnerability OBB-3935280
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
hd-hvs.com Cross Site Scripting vulnerability OBB-3935279
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
The FooEvents for WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary file uploads due to an improper capability setting on the 'display_ticket_themes_page' function in versions up to, and including, 1.19.20. This makes it possible for authenticated attackers with...
7.1CVSS
0.001EPSS
The FooEvents for WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary file uploads due to an improper capability setting on the 'display_ticket_themes_page' function in versions up to, and including, 1.19.20. This makes it possible for authenticated attackers with...
7.1CVSS
7.2AI Score
0.001EPSS
The FooEvents for WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary file uploads due to an improper capability setting on the 'display_ticket_themes_page' function in versions up to, and including, 1.19.20. This makes it possible for authenticated attackers with...
7.1CVSS
0.001EPSS
Debian dsa-5711 : thunderbird - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5711 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5711-1 [email protected] ...
7.5AI Score
0.0004EPSS
Debian dla-3828 : atril - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3828 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3828-1 [email protected] ...
9.6CVSS
9.1AI Score
0.005EPSS
SUSE SLES15 / openSUSE 15 Security Update : podman (SUSE-SU-2024:2031-1)
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2031-1 advisory. - Update to version 4.9.5 - CVE-2024-3727: Fixed a flaw that allowed attackers to trigger unexpected authenticated...
8.3CVSS
8.7AI Score
0.0004EPSS
Malicious code in @cart-ui/core-i18n (npm)
-= Per source details. Do not edit below this line.=- Source: ghsa-malware (89568273084fef75464b1c975014417bf122a818685035e43012bb1ff5c3ba33) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
7.2AI Score
hamiltonhousepublishers.gr Cross Site Scripting vulnerability OBB-3935274
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
ippofaes.gr Cross Site Scripting vulnerability OBB-3935273
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Metasploit Weekly Wrap-Up 06/14/2024
New module content (5) Telerik Report Server Auth Bypass Authors: SinSinology and Spencer McIntyre Type: Auxiliary Pull request: #19242 contributed by zeroSteiner Path: scanner/http/telerik_report_server_auth_bypass AttackerKB reference: CVE-2024-4358 Description: This adds an exploit for...
9.9CVSS
8.2AI Score
0.938EPSS
fotsi.gr Cross Site Scripting vulnerability OBB-3935268
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
plus613.com Cross Site Scripting vulnerability OBB-3935267
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
linux-azure, linux-gke vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Zheng Wang discovered that the...
7.8CVSS
8.3AI Score
0.0005EPSS
Truist bank confirms data breach
On Wednesday June 12, 2024, a well-known dark web data broker and cybercriminal acting under the name "Sp1d3r" offered a significant amount of data allegedly stolen from Truist Bank for sale. Truist is a US bank holding company and operates 2,781 branches in 15 states and Washington DC. By assets,....
7.7AI Score
lasercutting.gr Cross Site Scripting vulnerability OBB-3935263
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
restobarguide.com Cross Site Scripting vulnerability OBB-3935262
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
yoweby.com Cross Site Scripting vulnerability OBB-3935261
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
acoc.group Cross Site Scripting vulnerability OBB-3935260
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Important: booth security update
The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network....
7.4CVSS
6.7AI Score
0.001EPSS
An update is available for booth. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Booth cluster ticket manager is a component to bridge high availability...
7.4CVSS
7.2AI Score
0.001EPSS
Moderate: podman security and bug fix update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: podman: jose-go: improper handling of highly compressed data (CVE-2024-28180) podman:...
4.9CVSS
7.1AI Score
0.0005EPSS
buildah security and bug fix update
An update is available for buildah. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The buildah package provides a tool for facilitating building OCI container.....
4.9CVSS
6.4AI Score
0.0005EPSS
Moderate: buildah security and bug fix update
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...
4.9CVSS
7.2AI Score
0.0005EPSS
podman security and bug fix update
An update is available for podman. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of....
4.9CVSS
5.5AI Score
0.0005EPSS
familiesmentoringfamilies.org Cross Site Scripting vulnerability OBB-3935259
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
An update is available for booth. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Booth cluster ticket manager is a component to bridge high availability...
7.4CVSS
7.2AI Score
0.001EPSS
Important: booth security update
The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network....
7.4CVSS
7.6AI Score
0.001EPSS
Image builder components bug fix, enhancement and security update
An update is available for osbuild, osbuild-composer. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Image Builder is a service for building customized OS...
6.1CVSS
6.5AI Score
0.0004EPSS
Moderate: Image builder components bug fix, enhancement and security update
Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fix(es): osbuild-composer: race condition may disable GPG verification for package repositories (CVE-2024-2307) For more details about the security...
6.1CVSS
6.9AI Score
0.0004EPSS
Learn to Secure Petabyte-Scale Data in a Webinar with Industry Titans
Data is growing faster than ever. Remember when petabytes (that's 1,000,000 gigabytes!) were only for tech giants? Well, that's so last decade! Today, businesses of all sizes are swimming in petabytes. But this isn't just about storage anymore. This data is ALIVE—it's constantly accessed,...
7.1AI Score
The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_folders_file_upload' function in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with author access and above, to upload...
8.8CVSS
8.9AI Score
0.001EPSS
The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_folders_file_upload' function in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with author access and above, to upload...
8.8CVSS
0.001EPSS