mantlestates.com Cross Site Scripting vulnerability OBB-3934750
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
bioracer.com Cross Site Scripting vulnerability OBB-3934749
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Patch Tuesday, June 2024 “Recall” Edition
Microsoft today released updates to fix more than 50 security vulnerabilities in Windows and related software, a relatively light Patch Tuesday this month for Windows users. The software giant also responded to a torrent of negative feedback on a new feature of Redmond's flagship operating system.....
9.8CVSS
7.9AI Score
EPSS
kenkai.com Cross Site Scripting vulnerability OBB-3934748
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Securing Online Business Transactions: Essential Tools and Practices
Enhance your online transaction security with encryption, VPNs, and authentication. Understand threats, address vulnerabilities, and use secure payment gateways. Stay compliant with PCI DSS and regulatory standards to protect your business and build customer...
7.4AI Score
Exploit for Deserialization of Untrusted Data in Clear Clearml
_____ _ __ __ _ _____ ____ _...
8.8CVSS
9AI Score
0.001EPSS
Creating Secure CRM Pipelines in Construction: Best Practices and Essential Strategies
Secure your construction company's CRM pipeline to protect client data and streamline operations. A specialized CRM enhances communication, reduces errors, and supports scalable growth with advanced security features and automation...
7.3AI Score
Jupyter Server Proxy allows users to run arbitrary external processes alongside their notebook server and provide authenticated web access to them. Versions of 3.x prior to 3.2.4 and 4.x prior to 4.2.0 have a reflected cross-site scripting (XSS) issue. The /proxy endpoint accepts a host path...
9.6CVSS
EPSS
Jupyter Server Proxy allows users to run arbitrary external processes alongside their notebook server and provide authenticated web access to them. Versions of 3.x prior to 3.2.4 and 4.x prior to 4.2.0 have a reflected cross-site scripting (XSS) issue. The /proxy endpoint accepts a host path...
9.6CVSS
8.4AI Score
EPSS
serviceuptime.com Cross Site Scripting vulnerability OBB-3934744
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CVE-2012-3381 affecting package sblim-sfcb 1.4.9-20
CVE-2012-3381 affecting package sblim-sfcb 1.4.9-20. No patch is available...
6.8AI Score
0.0004EPSS
CVE-2012-2653 affecting package arpwatch 2.1a15-51
CVE-2012-2653 affecting package arpwatch 2.1a15-51. No patch is available...
9.5AI Score
0.011EPSS
CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5
CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...
7.5CVSS
7AI Score
0.001EPSS
CVE-2016-2124 affecting package samba 4.12.5-6
CVE-2016-2124 affecting package samba 4.12.5-6. No patch is available...
5.9CVSS
6.8AI Score
0.002EPSS
CVE-2016-4912 affecting package openslp 2.0.0-26
CVE-2016-4912 affecting package openslp 2.0.0-26. No patch is available...
7.5CVSS
7.7AI Score
0.002EPSS
CVE-2016-1000104 affecting package mod_fcgid 2.3.9-21
CVE-2016-1000104 affecting package mod_fcgid 2.3.9-21. No patch is available...
8.8CVSS
8.9AI Score
0.008EPSS
CVE-2016-2568 affecting package polkit 0.119-3
CVE-2016-2568 affecting package polkit 0.119-3. No patch is available...
7.8CVSS
7.9AI Score
0.0004EPSS
CVE-2016-8681 affecting package libdwarf for versions less than 0.9.0
CVE-2016-8681 affecting package libdwarf for versions less than 0.9.0. A patched version of the package is...
5.5CVSS
6AI Score
0.001EPSS
CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10
CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10. A patched version of the package is...
7.5CVSS
7.8AI Score
0.732EPSS
CVE-2022-3857 affecting package syslinux 6.04-10
CVE-2022-3857 affecting package syslinux 6.04-10. No patch is available...
5.5CVSS
5.5AI Score
0.001EPSS
CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10
CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10. A patched version of the package is...
7.5CVSS
7.8AI Score
0.732EPSS
CVE-2022-43552 affecting package cmake 3.21.4-10
CVE-2022-43552 affecting package cmake 3.21.4-10. No patch is available...
5.9CVSS
8AI Score
0.001EPSS
CVE-2023-23916 affecting package cmake 3.21.4-10
CVE-2023-23916 affecting package cmake 3.21.4-10. No patch is available...
6.5CVSS
8.3AI Score
0.001EPSS
CVE-2023-23915 affecting package cmake 3.21.4-10
CVE-2023-23915 affecting package cmake 3.21.4-10. No patch is available...
6.5CVSS
8AI Score
0.001EPSS
CVE-2016-3709 affecting package libxml2 2.9.14-3
CVE-2016-3709 affecting package libxml2 2.9.14-3. This CVE either no longer is or was never...
6.1CVSS
9.2AI Score
0.001EPSS
CVE-2016-2568 affecting package polkit 0.116-7
CVE-2016-2568 affecting package polkit 0.116-7. No patch is available...
7.8CVSS
7.5AI Score
0.0004EPSS
CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10
CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10
CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
brainmedia.com Cross Site Scripting vulnerability OBB-3934743
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
New cups packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/cups-2.4.9-i586-1_slack15.0.txz: Upgraded. This update fixes bugs and a security issue: When starting the cupsd server with a...
4.4CVSS
7.3AI Score
EPSS
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-115.12.0esr-i686-1_slack15.0.txz: Upgraded. This update contains security fixes and improvements. For...
7AI Score
EPSS
TellYouThePass Ransomware Exploits Critical PHP Flaw, Patch NOW
Urgent alert for PHP users: Update your server immediately to protect against the newly exploited CVE-2024-4577 by...
9.8CVSS
7AI Score
0.249EPSS
CVE-2024-35225 Jupyter Server Proxy has a reflected XSS issue in host parameter
Jupyter Server Proxy allows users to run arbitrary external processes alongside their notebook server and provide authenticated web access to them. Versions of 3.x prior to 3.2.4 and 4.x prior to 4.2.0 have a reflected cross-site scripting (XSS) issue. The /proxy endpoint accepts a host path...
9.6CVSS
EPSS
The Futurio Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘header_size’ attribute within the Advanced Text Block widget in all versions up to, and including, 2.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated....
6.4CVSS
5.7AI Score
EPSS
The Futurio Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘header_size’ attribute within the Advanced Text Block widget in all versions up to, and including, 2.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated....
6.4CVSS
EPSS
The Events Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Basic Slider, Upcoming Events, and Schedule widgets in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This...
6.4CVSS
5.7AI Score
EPSS
The Events Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Basic Slider, Upcoming Events, and Schedule widgets in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This...
6.4CVSS
EPSS
Jupyter Server Proxy has a reflected XSS issue in host parameter
Impact There is a reflected cross-site scripting (XSS) issue in jupyter-server-proxy[1]. The /proxy endpoint accepts a host path segment in the format /proxy/<host>. When this endpoint is called with an invalid host value, jupyter-server-proxy replies with a response that includes the value o...
9.6CVSS
5.8AI Score
EPSS
CVE-2024-29018 vulnerabilities
Vulnerabilities for packages: conftest, loki, wolfictl, datadog-agent, crossplane, kaniko, syft, cadvisor, goreleaser, docker-compose, buildkitd, aactl, melange, buf, tkn, kargo, prometheus, dagger, ko, grype, trivy, kubescape, zot, telegraf, ctop, spire-server,...
5.9CVSS
5.9AI Score
0.0004EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: doppler-kubernetes-operator, envoy-ratelimit, nodetaint, kots, kubernetes-csi-external-attacher, cilium-cli, kubeadm-bootstrap-controller, kubernetes-csi-livenessprobe, timestamp-authority, kubernetes-csi-external-snapshotter, haproxy-ingress,...
7.5AI Score
GHSA-MRWW-27VC-GGHV vulnerabilities
Vulnerabilities for packages: vault, kine, caddy, keda, kots, kube-bench, temporal-server, amass, k3s, spicedb, telegraf, src, trillian, step-ca, argo-workflows,...
7.5AI Score
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: envoy-ratelimit, nodetaint, kots, kubernetes-csi-external-attacher, kubernetes-csi-livenessprobe, haproxy-ingress, tctl, scorecard, gitlab-runner, aactl, bom, wireguard-go, nri-prometheus, kyverno, mc, terraform, prometheus, cert-manager, skaffold, thanos, kpt,...
7.5CVSS
9AI Score
0.732EPSS
GHSA-95PR-FXF5-86GV vulnerabilities
Vulnerabilities for packages: wolfictl, goreleaser, aactl, melange, apko, flux-source-controller, gitsign, tkn, slsa-verifier, skaffold, falcoctl, ko, falco, vexctl, policy-controller, neuvector-sigstore-interface, kubescape, zot, tekton-chains, zarf,...
7.5AI Score
GHSA-2C7C-3MJ9-8FQH vulnerabilities
Vulnerabilities for packages: cloudflared, kots, dex, sops, flux-kustomize-controller, cosign, tekton-pipelines, aactl, flux-source-controller, gitsign, cilium-envoy, vault, keda, kyverno, oauth2-proxy, external-secrets-operator, tkn, rekor, slsa-verifier, fulcio, traefik, argo-workflows,...
7.5AI Score
GHSA-JQ35-85CJ-FJ4P vulnerabilities
Vulnerabilities for packages: loki, k3d, scorecard, goreleaser, tekton-pipelines, aactl, bom, k3s, slsa-verifier, prometheus, cert-manager, skaffold, falco, chartmuseum, kpt, kubescape, tekton-chains, ctop, paranoia,...
7.5AI Score
GHSA-MQ39-4GV4-MVPX vulnerabilities
Vulnerabilities for packages: conftest, loki, wolfictl, datadog-agent, crossplane, kaniko, syft, cadvisor, goreleaser, docker-compose, buildkitd, aactl, melange, buf, tkn, kargo, prometheus, dagger, ko, grype, trivy, kubescape, zot, telegraf, ctop, spire-server,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: doppler-kubernetes-operator, envoy-ratelimit, nodetaint, kubernetes-csi-external-attacher, kubeadm-bootstrap-controller, kubernetes-csi-livenessprobe, kubernetes-csi-external-snapshotter, haproxy-ingress, go-licenses, secrets-store-csi-driver-provider-azure, tctl,...
7.8AI Score
0.0004EPSS
CVE-2024-27304 vulnerabilities
Vulnerabilities for packages: vault, kine, caddy, keda, kots, kube-bench, temporal-server, amass, k3s, spicedb, telegraf, src, trillian, step-ca, argo-workflows,...
9.8CVSS
9.7AI Score
0.0004EPSS
CVE-2023-46402 vulnerabilities
Vulnerabilities for packages: flux-notification-controller, pulumi-kubernetes-operator, melange, argo-workflows,...
7.5CVSS
7.7AI Score
0.0005EPSS
Vulnerabilities for packages: aws-ebs-csi-driver, nodetaint, spark-operator, cluster-autoscaler, kubernetes-dns-node-cache, node-feature-discovery, kubernetes-csi-driver-hostpath, calico, local-static-provisioner, ip-masq-agent,...
2.7CVSS
4.3AI Score
0.0004EPSS