Microsoft Windows 7, Windows Server 2008 And R2, Windows 8.1 And Windows RT 8.1, Windows Server 2012 And R2, Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016 Security Vulnerabilities

GHSA-3RQ5-2G8H-59HC vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server,...

GHSA-44WM-F244-XHP3 vulnerabilities

Vulnerabilities for packages: py3-pillow, kubeflow-pipelines-visualization-server,...

GHSA-PWR2-4V36-6QPR vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server,...

CVE-2023-4863 vulnerabilities

Vulnerabilities for packages:...

GHSA-V86X-5FM3-5P7J vulnerabilities

Vulnerabilities for packages: loki, prometheus-alertmanager,...

GHSA-V7WG-CPWC-24M4 vulnerabilities

Vulnerabilities for packages:...

GHSA-9V7R-X7CV-V437 vulnerabilities

Vulnerabilities for packages:...

CVE-2023-45857 vulnerabilities

Vulnerabilities for packages:...

GHSA-C429-5P7V-VGJP vulnerabilities

Vulnerabilities for packages:...

GHSA-WF5P-G6VW-RHXX vulnerabilities

Vulnerabilities for packages:...

GHSA-77F3-6546-6RJ7 vulnerabilities

Vulnerabilities for packages:...

GHSA-HPQG-7FJP-436P vulnerabilities

Vulnerabilities for packages:...

GHSA-RCJ8-JX65-7C4R vulnerabilities

Vulnerabilities for packages:...

CVE-2024-0409 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-0229 vulnerabilities

Vulnerabilities for packages:...

GHSA-2X93-8973-5MGQ vulnerabilities

Vulnerabilities for packages:...

CVE-2024-31083 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: skaffold, eksctl, clusterctl, secrets-store-csi-driver-provider-gcp, kpt, q, cri-tools, logstash-exporter, terraform-docs, kaf, ferretdb, kubernetes-dashboard, mage, sonobuoy, vault-k8s, istio-operator, capslock, wait-for-port, flux-source-controller, http-echo,...

GHSA-XW73-RW38-6VJC vulnerabilities

Vulnerabilities for packages: skaffold, eksctl, skopeo, goreleaser, trivy, kubeflow-katib, cri-tools, scorecard, crane, cosign, dagger, guac, k3s, aactl, kubevela, zot, up, docker-credential-gcr, flux-image-reflector-controller, gitlab-runner, kots, policy-controller, tekton-chains, telegraf,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: skaffold, eksctl, nri-couchbase, clusterctl, nri-mssql, secrets-store-csi-driver-provider-gcp, kpt, task, q, cri-tools, logstash-exporter, terraform-docs, thanos-operator, kaf, ferretdb, k3s, kubernetes-dashboard, mage, prometheus-mongodb-exporter, sonobuoy, capslock,....

CVE-2018-10237 vulnerabilities

Vulnerabilities for packages:...

CVE-2020-8908 vulnerabilities

Vulnerabilities for packages: trino, maven, gradle,...

CVE-2022-42003 vulnerabilities

Vulnerabilities for packages:...

CVE-2022-46337 vulnerabilities

Vulnerabilities for packages: logstash-integration-jdbc,...

CVE-2023-33202 vulnerabilities

Vulnerabilities for packages: gradle,...

CVE-2023-52428 vulnerabilities

Vulnerabilities for packages: dependency-track,...

CVE-2024-29133 vulnerabilities

Vulnerabilities for packages: trino, cassandra-reaper,...

CVE-2024-30171 vulnerabilities

Vulnerabilities for packages: gradle, jenkins,...

GHSA-288C-CQ4H-88GQ vulnerabilities

Vulnerabilities for packages:...

GHSA-3X8X-79M2-3W2W vulnerabilities

Vulnerabilities for packages:...

GHSA-6QVW-249J-H44C vulnerabilities

Vulnerabilities for packages:...

GHSA-7G45-4RM6-3MM3 vulnerabilities

Vulnerabilities for packages: trino, maven, gradle,...

GHSA-FX2C-96VJ-985V vulnerabilities

Vulnerabilities for packages:...

GHSA-H4H5-3HR4-J3G2 vulnerabilities

Vulnerabilities for packages: trino, dotty,...

GHSA-MM8H-8587-P46H vulnerabilities

Vulnerabilities for packages:...

GHSA-WJXJ-5M7G-MG7Q vulnerabilities

Vulnerabilities for packages: gradle,...

CVE-2023-49568 vulnerabilities

Vulnerabilities for packages: goreleaser, scorecard, go-licenses, kubevela, argo-cd, gitness, zot, kots, gomplate, bom, src-fingerprint, apko, gitsign, nuclei, tekton-pipelines, pulumi-kubernetes-operator, pulumi, flux-kustomize-controller, pulumi-language-java, pulumi-language-yaml,...

GHSA-J225-CVW7-QRX7 vulnerabilities

Vulnerabilities for packages:...

CVE-2024-5150 Login with phone number <= 1.7.26 - Authentication Bypass due to Missing Empty Value Check

The Login with phone number plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.26. This is due to the 'activation_code' default value is empty, and the not empty check is missing in the 'lwp_ajax_register' function. This makes it possible for...

CVE-2024-5204 Swiss Toolkit For WP <= 1.0.7 - Authenticated (Contributor+) Authentication Bypass

The Swiss Toolkit For WP plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.7. This is due to the plugin storing custom data in post metadata without an underscore prefix. This makes it possible for authenticated attackers with contributor-level and...

engelke-elektro.de Cross Site Scripting vulnerability OBB-3931425

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

K000139810: Oracle Java vulnerability CVE-2024-20919

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK:.....

JVN#22182715: Redmine DMSF Plugin vulnerable to path traversal

Redmine DMSF Plugin provided by Kontron contains a path traversal vulnerability (CWE-22). ## Impact When the affected version of the plugin is enabled on the Redmine instance, the logged-in user may obtain or delete arbitrary files on the server (within the privilege of the Redmine process). ##...

dailylivenews.in Cross Site Scripting vulnerability OBB-3931420

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

parakme.de Cross Site Scripting vulnerability OBB-3931419

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-5437 SourceCodester Simple Online Bidding System save_category cross site scripting

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as problematic. Affected is the function save_category of the file /admin/index.php?page=categories. The manipulation of the argument name leads to cross site scripting. It is possible to launch...

eirene.de Cross Site Scripting vulnerability OBB-3931416

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-36472

In GNOME Shell through 45.7, a portal helper can be launched automatic...

CVE-2024-3657

A flaw was found in 389-ds-base. A specially-crafted LDAP query can po...

dev.biozidauswaschung.de Cross Site Scripting vulnerability OBB-3931415

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...