Kaminari is a paginator for web app frameworks and object relational mappings. A security vulnerability involving insecure file permissions has been identified in the Kaminari pagination library for Ruby on Rails, concerning insecure file permissions. This vulnerability is of moderate severity due....
6.8AI Score
CVE-2024-35219 OpenAPI Generator Online - Arbitrary File Read/Delete
OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from an arbitrary,...
6.9AI Score
CVE-2024-32978 Kaminari Insecure File Permissions Vulnerability
Kaminari is a paginator for web app frameworks and object relational mappings. A security vulnerability involving insecure file permissions has been identified in the Kaminari pagination library for Ruby on Rails, concerning insecure file permissions. This vulnerability is of moderate severity due....
6.6AI Score
Exploit for Deserialization of Untrusted Data in Vmware Spring For Apache Kafka
CVE-2023-34040 Spring Kafka Deserialization Remote Code...
7.8AI Score
0.0004EPSS
embed.datenportal-muensterland.de Cross Site Scripting vulnerability OBB-3931057
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
7.9AI Score
jba.in Cross Site Scripting vulnerability OBB-3931054
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Grup Arge Energy and Control Systems Smartpower allows SQL Injection.This issue affects Smartpower: through...
8.2AI Score
Exploit for OS Command Injection in Dolibarr Dolibarr Erp\/Crm
POC exploit for Dolibarr <= 17.0.0 (CVE-2023-30253) Reverse...
7.7AI Score
0.004EPSS
Exploit for OS Command Injection in Dolibarr Dolibarr Erp\/Crm
POC exploit for Dolibarr <= 17.0.0 (CVE-2023-30253) Reverse...
7.7AI Score
0.004EPSS
A flaw was found in Ghostscript. The "Driver" parameter for the "opvp"/"oprp" device specifies the name of a dynamic library and allows any library to be loaded. This flaw allows a malicious user to send a specially crafted document that, when processed by Ghostscript, could potentially lead to...
7AI Score
portal.akberlin.de Cross Site Scripting vulnerability OBB-3931053
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CVE-2024-0851 SQLi in Grup Arge Energy and Control Systems's Smartpower
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Grup Arge Energy and Control Systems Smartpower allows SQL Injection.This issue affects Smartpower: through...
7.9AI Score
configureNFS in lib/common/functions.sh in FOG through 1.5.10 allows local users to gain privileges by mounting a crafted NFS share (because of no_root_squash and insecure). In order to exploit the vulnerability, someone needs to mount an NFS share in order to add an executable file as root. In...
7AI Score
configureNFS in lib/common/functions.sh in FOG through 1.5.10 allows local users to gain privileges by mounting a crafted NFS share (because of no_root_squash and insecure). In order to exploit the vulnerability, someone needs to mount an NFS share in order to add an executable file as root. In...
7AI Score
In GNOME Shell through 45.2, unauthenticated remote code execution can be achieved by intercepting two DNS requests (GNOME Network Manager and GNOME Shell Portal Helper connectivity checks), and responding with attacker-specific IP addresses. This DNS hijacking causes GNOME Captive Portal to be...
8.3AI Score
ajisushiwindsor.com Cross Site Scripting vulnerability OBB-3931052
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
agsourcedm.com Cross Site Scripting vulnerability OBB-3931051
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
agrowinggarden.com Cross Site Scripting vulnerability OBB-3931050
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
agecalculator.me Cross Site Scripting vulnerability OBB-3931047
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
aerotec.info Cross Site Scripting vulnerability OBB-3931046
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emac_remove adpt is netdev private data and it cannot be used after free_netdev() call. Using adpt after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of the function....
7.2AI Score
0.0004EPSS
cartney.nl Improper Access Control vulnerability OBB-3931043
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
actascientific.com Cross Site Scripting vulnerability OBB-3931042
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
accountingcrunchers.com Cross Site Scripting vulnerability OBB-3931039
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
carestino.com Improper Access Control vulnerability OBB-3931038
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
configureNFS in lib/common/functions.sh in FOG through 1.5.10 allows local users to gain privileges by mounting a crafted NFS share (because of no_root_squash and insecure). In order to exploit the vulnerability, someone needs to mount an NFS share in order to add an executable file as root. In...
7AI Score
cablelabs.com Improper Access Control vulnerability OBB-3931034
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
buyingasword.com Improper Access Control vulnerability OBB-3931033
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
calisson.com Improper Access Control vulnerability OBB-3931035
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
bodylogicmd.com Improper Access Control vulnerability OBB-3931031
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
borgognamonamour.it Improper Access Control vulnerability OBB-3931032
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
ergopraxis-mg.de Cross Site Scripting vulnerability OBB-3931028
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
blackupcosmetics.com Improper Access Control vulnerability OBB-3931026
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
educa.saludpublica.uchile.cl Cross Site Scripting vulnerability OBB-3931025
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
blackarmoury.com Improper Access Control vulnerability OBB-3931023
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
erber-acryl.de Cross Site Scripting vulnerability OBB-3931022
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
bjb-couteaux-thiers.com Improper Access Control vulnerability OBB-3931021
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
In GNOME Shell through 45.2, unauthenticated remote code execution can be achieved by intercepting two DNS requests (GNOME Network Manager and GNOME Shell Portal Helper connectivity checks), and responding with attacker-specific IP addresses. This DNS hijacking causes GNOME Captive Portal to be...
8.1AI Score
beerwarehouse.ca Improper Access Control vulnerability OBB-3931019
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
bauquip.com Improper Access Control vulnerability OBB-3931017
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
bebesaurus.com Improper Access Control vulnerability OBB-3931018
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
beethovenfm.cl Improper Access Control vulnerability OBB-3931020
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
bainbridgecurrents.com Improper Access Control vulnerability OBB-3931015
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
atelier-piscine.com Improper Access Control vulnerability OBB-3931012
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
astina.dk Improper Access Control vulnerability OBB-3931011
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
azam-escaliers.com Improper Access Control vulnerability OBB-3931014
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
atmosera.com Improper Access Control vulnerability OBB-3931013
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
silverstripe/framework is vulnerable to Improper URL Sanitization. The vulnerability is due to a lack of server-side URL sanitization in the "Add from URL" function, allowing potentially dangerous URLs to be...
7AI Score
artdubarbier.com Improper Access Control vulnerability OBB-3931005
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score