6.7AI Score
0.019EPSS
bsb.as Cross Site Scripting vulnerability OBB-3931956
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ajax_load_more shortcode in versions up to, and including, 7.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,.....
5.9AI Score
footballniagara.com Cross Site Scripting vulnerability OBB-3931954
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Social Profiles widget in all versions up to, and including, 3.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...
5.9AI Score
helensdeli.com Cross Site Scripting vulnerability OBB-3931953
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
leblanccontracting.ca Cross Site Scripting vulnerability OBB-3931952
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
6.5AI Score
0.019EPSS
[SECURITY] Fedora 39 Update: python3.6-3.6.15-28.fc39
Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software.....
7.4AI Score
0.0005EPSS
[SECURITY] Fedora 39 Update: python-jinja2-3.1.4-1.fc39
Jinja2 is a template engine written in pure Python. It provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. If you have any exposure to other text-based template languages, such as Smarty or Django, you should feel right at home with...
7.2AI Score
0.0004EPSS
webmaster-freelance-paris.fr Cross Site Scripting vulnerability OBB-3931951
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
site-internet-pas-cher.eu Cross Site Scripting vulnerability OBB-3931950
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
lalambresienne.fr Cross Site Scripting vulnerability OBB-3931949
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Oracle Linux 8 : container-tools:ol8 (ELSA-2024-3254)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3254 advisory. aardvark-dns buildah [2:1.33.7-1] - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 ...
7.4AI Score
7.4AI Score
7AI Score
0.004EPSS
Fedora 39 : python3.6 (2024-18b9c9b9cf)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-18b9c9b9cf advisory. Security fix for CVE-2024-0450 and CVE-2023-6597 Tenable has extracted the preceding description block directly from the Fedora security advisory....
7AI Score
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : Java (SUSE-SU-2024:1874-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1874-1 advisory. This update for Java fixes thefollowing issues: apiguardian was updated to vesion 1.1.2: - Added...
8.1AI Score
7.1AI Score
0.013EPSS
7.1AI Score
0.008EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gstreamer-plugins-base (SUSE-SU-2024:1882-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1882-1 advisory. - CVE-2024-4453: Fixed lack of proper validation of user-supplied data when parsing EXIF metadata ...
7AI Score
SUSE SLES15 Security Update : gstreamer-plugins-base (SUSE-SU-2024:1886-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1886-1 advisory. - CVE-2024-4453: Fixed lack of proper validation of user-supplied data when parsing EXIF metadata (bsc#1224806) Tenable has extracted...
7AI Score
Oracle Linux 8 : idm:DL1 / and / idm:client (ELSA-2024-3267)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3267 advisory. bind-dyndb-ldap custodia ipa [4.9.13-9.0.1] - Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674] [9.4.13-9] - dcerpc:...
7.3AI Score
Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2024-3253)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3253 advisory. hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt [8.0.0-23.1.0.1] - Set SOURCE_DATE_EPOCH from changelog...
8AI Score
Oracle Linux 8 : go-toolset:ol8 (ELSA-2024-3259)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3259 advisory. delve golang [1.21.9-1] - Fix CVE-2023-45288 - Resolves: RHEL-31915 go-toolset [1.21.9-1] - Fix CVE-2023-45288 - Resolves: RHEL-31915 ...
7.5AI Score
Fedora 39 : python-jinja2 (2024-ce7649d28e)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-ce7649d28e advisory. Update to 3.1.4 (rhbz#2279211,rhbz#2279491) Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
7.4AI Score
7.4AI Score
outdooractive.com Cross Site Scripting vulnerability OBB-3931948
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
An invalid pointer in the modbus_receive() function of libmodbus v3.1.6 allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the...
6.6AI Score
libmodbus v3.1.6 was discovered to contain a use-after-free via the ctx->backend pointer. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the...
7AI Score
6.3AI Score
0.019EPSS
continentalpancakehouse.com Cross Site Scripting vulnerability OBB-3931947
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
niagarafallsoptimist.ca Cross Site Scripting vulnerability OBB-3931946
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
luposlittleeataly.com Cross Site Scripting vulnerability OBB-3931945
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
queenscoachrestaurant.com Cross Site Scripting vulnerability OBB-3931944
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
svabinsurance.com Cross Site Scripting vulnerability OBB-3931943
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
hoopsalytics.com Cross Site Scripting vulnerability OBB-3931942
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CVE-2024-34008 moodle: CSRF risk in analytics management of models
Actions in the admin management of analytics models did not include the necessary token to prevent a CSRF...
6.9AI Score
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore database activity modules and direct access to the web server outside of the Moodle webroot could execute a local file...
7AI Score
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore wiki modules and direct access to the web server outside of the Moodle webroot could execute a local file...
7AI Score
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore workshop modules and direct access to the web server outside of the Moodle webroot could execute a local file...
7AI Score
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore feedback modules and direct access to the web server outside of the Moodle webroot could execute a local file...
7AI Score
7.2AI Score
0.0004EPSS
CVE-2024-34001 moodle: CSRF risk in admin preset tool management of presets
Actions in the admin preset tool did not include the necessary token to prevent a CSRF...
6.9AI Score
yardmastersniagara.com Cross Site Scripting vulnerability OBB-3931941
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
summerofloveconcert.com Cross Site Scripting vulnerability OBB-3931940
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
italianicecream.ca Cross Site Scripting vulnerability OBB-3931938
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
riverrapidsinn.com Cross Site Scripting vulnerability OBB-3931937
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
greekonportage.com Cross Site Scripting vulnerability OBB-3931936
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
daverotella.com Cross Site Scripting vulnerability OBB-3931935
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score