lepture Authlib before 1.3.1 has algorithm confusion with asymmetric public keys. Unless an algorithm is specified in a jwt.decode call, HMAC verification is allowed with any asymmetric public key. (This is similar to CVE-2022-29217 and...
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs)....
5.3CVSS
lepture Authlib before 1.3.1 has algorithm confusion with asymmetric public keys. Unless an algorithm is specified in a jwt.decode call, HMAC verification is allowed with any asymmetric public key. (This is similar to CVE-2022-29217 and...
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs)....
5.3CVSS
7.3AI Score
lindenberg-lagertechnik.de Cross Site Scripting vulnerability OBB-3934287
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
CVE-2024-5458 Filter bypass in filter_var (FILTER_VALIDATE_URL)
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs)....
5.3CVSS
CVE-2024-5458 Filter bypass in filter_var (FILTER_VALIDATE_URL)
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs)....
5.3CVSS
abraxas-stone-experts.com Cross Site Scripting vulnerability OBB-3934285
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
aimri.ae Cross Site Scripting vulnerability OBB-3934284
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
vit.com.br Cross Site Scripting vulnerability OBB-3934283
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
conwater.com Cross Site Scripting vulnerability OBB-3934282
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
stybelpeabody.com Cross Site Scripting vulnerability OBB-3934280
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
cranepartssupply.com Cross Site Scripting vulnerability OBB-3934279
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
jodecoglass.nl Cross Site Scripting vulnerability OBB-3934278
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
winel.nl Cross Site Scripting vulnerability OBB-3934277
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
greatminds.smartplayer.video Cross Site Scripting vulnerability OBB-3934276
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
CVE-2007-3205 affecting package php 7.4.14-3
CVE-2007-3205 affecting package php 7.4.14-3. This CVE either no longer is or was never...
6.9AI Score
CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5
CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...
7.5CVSS
7AI Score
CVE-2016-2124 affecting package samba 4.12.5-6
CVE-2016-2124 affecting package samba 4.12.5-6. No patch is available...
5.9CVSS
6.8AI Score
CVE-2016-4912 affecting package openslp 2.0.0-26
CVE-2016-4912 affecting package openslp 2.0.0-26. No patch is available...
7.5CVSS
7.7AI Score
CVE-2007-6353 affecting package exiv2 0.28.0-1
CVE-2007-6353 affecting package exiv2 0.28.0-1. No patch is available...
6.4AI Score
CVE-2007-1397 affecting package fish 3.6.2-1
CVE-2007-1397 affecting package fish 3.6.2-1. This CVE either no longer is or was never...
6.5AI Score
CVE-2007-1397 affecting package fish 3.1.2-4
CVE-2007-1397 affecting package fish 3.1.2-4. This CVE either no longer is or was never...
7.5AI Score
CVE-2010-2642 affecting package t1lib 5.1.2-28
CVE-2010-2642 affecting package t1lib 5.1.2-28. No patch is available...
6.6AI Score
CVE-2007-3205 affecting package php 8.1.28-1
CVE-2007-3205 affecting package php 8.1.28-1. No patch is available...
6.7AI Score
CVE-2013-7381 affecting package libnotify 0.7.9-4
CVE-2013-7381 affecting package libnotify 0.7.9-4. This CVE either no longer is or was never...
9.8CVSS
7AI Score
CVE-2010-4756 affecting package glibc 2.35-7
CVE-2010-4756 affecting package glibc 2.35-7. This CVE either no longer is or was never...
6.4AI Score
CVE-2010-4226 affecting package cpio 2.13-5
CVE-2010-4226 affecting package cpio 2.13-5. This CVE either no longer is or was never...
6.8AI Score
CVE-2016-1000104 affecting package mod_fcgid 2.3.9-21
CVE-2016-1000104 affecting package mod_fcgid 2.3.9-21. No patch is available...
8.8CVSS
8.9AI Score
CVE-2016-2568 affecting package polkit 0.119-3
CVE-2016-2568 affecting package polkit 0.119-3. No patch is available...
7.8CVSS
7.9AI Score
CVE-2016-8681 affecting package libdwarf for versions less than 0.9.0
CVE-2016-8681 affecting package libdwarf for versions less than 0.9.0. A patched version of the package is...
5.5CVSS
6AI Score
CVE-2016-3709 affecting package libxml2 2.9.14-3
CVE-2016-3709 affecting package libxml2 2.9.14-3. This CVE either no longer is or was never...
6.1CVSS
9.2AI Score
CVE-2016-2568 affecting package polkit 0.116-7
CVE-2016-2568 affecting package polkit 0.116-7. No patch is available...
7.8CVSS
7.5AI Score
CVE-2010-4226 affecting package cpio 2.13-3
CVE-2010-4226 affecting package cpio 2.13-3. This CVE either no longer is or was never...
7.5AI Score
CVE-2007-4559 affecting package python3 3.7.16-1
CVE-2007-4559 affecting package python3 3.7.16-1. No patch is available...
8.1AI Score
CVE-2010-4756 affecting package glibc 2.28-24
CVE-2010-4756 affecting package glibc 2.28-24. This CVE either no longer is or was never...
7.5AI Score
asia.si.edu Cross Site Scripting vulnerability OBB-3934275
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
frewen.ca Cross Site Scripting vulnerability OBB-3934274
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
parts.harnessmaster.com Cross Site Scripting vulnerability OBB-3934273
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
itech-soft.com Cross Site Scripting vulnerability OBB-3934272
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
bookmarkja.com Cross Site Scripting vulnerability OBB-3934271
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
app.globalyouthleadersforum.org Cross Site Scripting vulnerability OBB-3934270
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
tribuna.ro Cross Site Scripting vulnerability OBB-3934269
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
convio.co.uk Cross Site Scripting vulnerability OBB-3934268
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
panierbasket.fr Cross Site Scripting vulnerability OBB-3934266
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
cioccari.com.br Cross Site Scripting vulnerability OBB-3934252
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
mondialisations.org Cross Site Scripting vulnerability OBB-3934247
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
activ.org.in Cross Site Scripting vulnerability OBB-3934238
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
srpublicschool.edu.in Cross Site Scripting vulnerability OBB-3934236
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...