The WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ttbm_new_place_save' function in all versions up to, and including, 1.7.1. This makes it possible for...
6.9AI Score
CVE-2010-4756 affecting package glibc 2.35-7
CVE-2010-4756 affecting package glibc 2.35-7. This CVE either no longer is or was never...
6.4AI Score
0.008EPSS
CVE-2010-4226 affecting package cpio 2.13-5
CVE-2010-4226 affecting package cpio 2.13-5. This CVE either no longer is or was never...
6.8AI Score
0.003EPSS
CVE-2007-3205 affecting package php 7.4.14-3
CVE-2007-3205 affecting package php 7.4.14-3. This CVE either no longer is or was never...
6.9AI Score
0.065EPSS
CVE-2007-6353 affecting package exiv2 0.28.0-1
CVE-2007-6353 affecting package exiv2 0.28.0-1. No patch is available...
6.4AI Score
0.021EPSS
CVE-2007-1397 affecting package fish 3.6.2-1
CVE-2007-1397 affecting package fish 3.6.2-1. This CVE either no longer is or was never...
6.5AI Score
0.171EPSS
CVE-2007-1397 affecting package fish 3.1.2-4
CVE-2007-1397 affecting package fish 3.1.2-4. This CVE either no longer is or was never...
7.5AI Score
0.171EPSS
CVE-2010-2642 affecting package t1lib 5.1.2-28
CVE-2010-2642 affecting package t1lib 5.1.2-28. No patch is available...
6.6AI Score
0.086EPSS
CVE-2007-3205 affecting package php 8.1.28-1
CVE-2007-3205 affecting package php 8.1.28-1. No patch is available...
6.7AI Score
0.065EPSS
CVE-2010-4226 affecting package cpio 2.13-3
CVE-2010-4226 affecting package cpio 2.13-3. This CVE either no longer is or was never...
7.5AI Score
0.003EPSS
CVE-2007-4559 affecting package python3 3.7.16-1
CVE-2007-4559 affecting package python3 3.7.16-1. No patch is available...
8.1AI Score
0.025EPSS
CVE-2010-4756 affecting package glibc 2.28-24
CVE-2010-4756 affecting package glibc 2.28-24. This CVE either no longer is or was never...
7.5AI Score
0.008EPSS
9.7AI Score
0.002EPSS
7.5AI Score
GHSA-2G68-C3QC-8985 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, kubeflow-jupyter-web-app, py3-werkzeug, superset, kubeflow-volumes-web-app,...
7.5AI Score
GHSA-84PR-M4JR-85G5 vulnerabilities
Vulnerabilities for packages: kubeflow-jupyter-web-app, py3-flask-cors,...
7.5AI Score
CVE-2024-34069 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, kubeflow-jupyter-web-app, py3-werkzeug, superset, kubeflow-volumes-web-app,...
7.7AI Score
0.0004EPSS
GHSA-H75V-3VVJ-5MFJ vulnerabilities
Vulnerabilities for packages: reflex, kubeflow-jupyter-web-app, kubeflow-pipelines-visualization-server, pytorch, superset, dask-gateway, kubeflow-volumes-web-app,...
7.5AI Score
GHSA-G4MX-Q9VG-27P4 vulnerabilities
Vulnerabilities for packages: kubeflow-jupyter-web-app, jwt-tool, kubeflow-volumes-web-app, py3-tensorflow-serving-api,...
7.5AI Score
GHSA-JJG7-2V4V-X38H vulnerabilities
Vulnerabilities for packages: kubeflow-jupyter-web-app, kubeflow-pipelines-visualization-server, py3-cassandra-medusa, dask-gateway, kubeflow-katib, kubeflow-pipelines, az, k8s-sidecar, kubeflow-volumes-web-app, ggshield, py3-idna, confluent-docker-utils,...
7.5AI Score
Vulnerabilities for packages: kubeflow-jupyter-web-app, kubeflow-pipelines-visualization-server, py3-cassandra-medusa, dask-gateway, kubeflow-katib, kubeflow-pipelines, az, k8s-sidecar, kubeflow-volumes-web-app, ggshield, py3-idna, confluent-docker-utils,...
6.5AI Score
CVE-2024-34064 vulnerabilities
Vulnerabilities for packages: reflex, kubeflow-jupyter-web-app, kubeflow-pipelines-visualization-server, pytorch, superset, dask-gateway, kubeflow-volumes-web-app,...
5.6AI Score
0.0004EPSS
CVE-2023-45803 vulnerabilities
Vulnerabilities for packages: kubeflow-jupyter-web-app, jwt-tool, kubeflow-volumes-web-app, py3-tensorflow-serving-api,...
5.4AI Score
0.0004EPSS
Vulnerabilities for packages: kubeflow-jupyter-web-app, py3-flask-cors,...
5.5AI Score
0.0004EPSS
GHSA-9WX4-H78V-VM56 vulnerabilities
Vulnerabilities for packages: kubeflow-jupyter-web-app, az, k8s-sidecar, kubeflow-volumes-web-app, confluent-docker-utils,...
7.5AI Score
CVE-2024-35195 vulnerabilities
Vulnerabilities for packages: kubeflow-jupyter-web-app, az, k8s-sidecar, kubeflow-volumes-web-app, confluent-docker-utils,...
5.8AI Score
0.0004EPSS
GHSA-V845-JXX5-VC9F vulnerabilities
Vulnerabilities for packages: kubeflow-jupyter-web-app, dask-gateway, kube-downscaler, k8s-sidecar, kubeflow-volumes-web-app,...
7.5AI Score
CVE-2023-43804 vulnerabilities
Vulnerabilities for packages: kubeflow-jupyter-web-app, dask-gateway, kube-downscaler, k8s-sidecar, kubeflow-volumes-web-app,...
8AI Score
0.001EPSS
GHSA-HRFV-MQP8-Q5RW vulnerabilities
Vulnerabilities for packages: py3-tensorflow-serving-api, py3-werkzeug, kubeflow-jupyter-web-app,...
7.5AI Score
CVE-2023-46136 vulnerabilities
Vulnerabilities for packages: py3-tensorflow-serving-api, py3-werkzeug, kubeflow-jupyter-web-app,...
7.7AI Score
0.001EPSS
The Login with phone number plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.26. This is due to the 'activation_code' default value is empty, and the not empty check is missing in the 'lwp_ajax_register' function. This makes it possible for...
7.2AI Score
CVE-2024-5204 Swiss Toolkit For WP <= 1.0.7 - Authenticated (Contributor+) Authentication Bypass
The Swiss Toolkit For WP plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.7. This is due to the plugin storing custom data in post metadata without an underscore prefix. This makes it possible for authenticated attackers with contributor-level and...
7.1AI Score
engelke-elektro.de Cross Site Scripting vulnerability OBB-3931425
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
K000139810: Oracle Java vulnerability CVE-2024-20919
Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK:.....
5.9AI Score
0.0005EPSS
dailylivenews.in Cross Site Scripting vulnerability OBB-3931420
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
parakme.de Cross Site Scripting vulnerability OBB-3931419
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CVE-2024-5437 SourceCodester Simple Online Bidding System save_category cross site scripting
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as problematic. Affected is the function save_category of the file /admin/index.php?page=categories. The manipulation of the argument name leads to cross site scripting. It is possible to launch...
6.4AI Score
eirene.de Cross Site Scripting vulnerability OBB-3931416
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
dev.biozidauswaschung.de Cross Site Scripting vulnerability OBB-3931415
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
silvesterreisen.de Cross Site Scripting vulnerability OBB-3931413
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Nautobot is a Network Source of Truth and Network Automation Platform. A user with permissions to view Dynamic Group records (extras.view_dynamicgroup permission) can use the Dynamic Group detail UI view (/extras/dynamic-groups/<uuid>/) and/or the members REST API view...
7AI Score
webservices.mx Cross Site Scripting vulnerability OBB-3931410
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
dashboard.chamtest.tourone.de Cross Site Scripting vulnerability OBB-3931409
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Wiz launches new data center in UAE, supercharging global operations in the region
Organizations in the region can now benefit from Wiz's cloud security platform while maintaining their data sovereignty and privacy...
7.3AI Score
dasbrombeerhaus.de Cross Site Scripting vulnerability OBB-3931408
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
dartliga-as.de Cross Site Scripting vulnerability OBB-3931407
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
An issue discovered in 360 V6G, 360 T5G, 360 T6M, and 360 P1 routers allows attackers to hijack TCP sessions which could lead to a denial of...
7AI Score
An issue discovered in routers running Openwrt 18.06, 19.07, 21.02, 22.03 and beyond allows attackers to hijack TCP sessions which could lead to a denial of...
7AI Score
dalui.de Cross Site Scripting vulnerability OBB-3931406
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
SimpleSAMLphp Information Disclosure vulnerability
Background SimpleSAMLphp 1.17 includes a preview of the new user interface to be included in the future version 2.0. This new user interface can be enabled by setting the usenewui configuration option to true, and it includes a new admin interface in a module called admin, which can be disabled....
6.8AI Score