best.itour.ru Cross Site Scripting vulnerability OBB-3931382
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
heimatverein-fechenheim.de Cross Site Scripting vulnerability OBB-3931381
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
itour.ru Cross Site Scripting vulnerability OBB-3931380
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
obnovlenie.ru Cross Site Scripting vulnerability OBB-3931379
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
церебро.рф Cross Site Scripting vulnerability OBB-3931378
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
oauthv2.gbooking.ru Cross Site Scripting vulnerability OBB-3931377
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
dropmefiles.com Cross Site Scripting vulnerability OBB-3931376
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
comnews-conferences.ru Cross Site Scripting vulnerability OBB-3931375
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
for-gun.ru Cross Site Scripting vulnerability OBB-3931374
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
altius.ru Cross Site Scripting vulnerability OBB-3931371
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
wilda.ru Cross Site Scripting vulnerability OBB-3931372
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
contentatscale.ai Cross Site Scripting vulnerability OBB-3931369
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
headmatch.de Cross Site Scripting vulnerability OBB-3931367
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
vetandlife.ru Cross Site Scripting vulnerability OBB-3931368
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Citrix Workspace app for Mac Security Bulletin for CVE-2024-5027
A vulnerability has been discovered in Citrix Workspace app for Mac, which, if exploited, may result in elevation of privilege from a local authenticated user to a root user. Affected Versions: The following supported versions of Citrix Workspace app for Mac are affected by the vulnerability: ...
6.5AI Score
CVE-2023-37411 IBM Aspera Faspex cross-site scripting
IBM Aspera Faspex 5.0.0 through 5.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...
6.1AI Score
ttdonw.cat Cross Site Scripting vulnerability OBB-3931366
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying userPassword using malformed input. Mitigation Mitigation for this issue is either not available or the currently available options don't meet.....
6.4AI Score
Fake Antivirus Sites Spread Malware Disguised as Avast, Malwarebytes, Bitdefender
By Deeba Ahmed Trellix research exposes the dangers of fake antivirus websites disguised as legitimate security software but harbouring malware. Learn… This is a post from HackRead.com Read the original post: Fake Antivirus Sites Spread Malware Disguised as Avast, Malwarebytes,...
7.4AI Score
CVE-2024-28793 IBM Engineering Workflow Management cross-site scripting
IBM Engineering Workflow Management 7.0.2 and 7.0.3 is vulnerable to stored cross-site scripting. Under certain configurations, this vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...
5.8AI Score
How Researchers Cracked an 11-Year-Old Password to a $3 Million Crypto Wallet
Thanks to a flaw in a decade-old version of the RoboForm password manager and a bit of luck, researchers were able to unearth the password to a crypto wallet containing a...
7.4AI Score
(RHSA-2024:3385) Moderate: Red Hat JBoss EAP 7.4.14 XP 4.0.2.GA security release
This asynchronous patch is a security update zip for the JBoss EAP XP 4.0.2 runtime distribution for use with EAP 7.4.14. Security Fix(es): jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies (CVE-2023-26049) jetty-server: OutOfMemoryError for large multipart...
7.1AI Score
0.002EPSS
Lattice-Based Cryptosystems and Quantum Cryptanalysis
Quantum computers are probably coming, though we don't know when--and when they arrive, they will, most likely, be able to break our standard public-key cryptography algorithms. In anticipation of this possibility, cryptographers have been working on quantum-resistant public-key algorithms. The...
7.2AI Score
In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlan_remove_one priv is netdev private data and it cannot be used after free_netdev() call. Using priv after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of the function....
6.9AI Score
0.0004EPSS
What is an Infosec Audit and Why Does Your Company Need One?
By Uzair Amir Uncover IT security weaknesses and ensure compliance with infosec audits. Regular audits protect your data from breaches &… This is a post from HackRead.com Read the original post: What is an Infosec Audit and Why Does Your Company Need...
7.4AI Score
CVE-2024-5411 Command Injection
Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command injection.This issue affects IAP-420 version 2.01e and...
7.2AI Score
CVE-2024-5410 Stored Cross-Site Scripting
Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and...
6.4AI Score
Trusted relationship attacks: trust, but verify
IT outsourcing market continues to demonstrate strong growth globally – such services are becoming increasingly popular. But along with the advantages, such as saved time and resources, delegating non-core tasks creates new challenges in terms of information security. By providing third-party...
7.8AI Score
Mattermost is vulnerable to Improper Access Control. The vulnerability is due to a failure to perform proper access control, allowing a guest to retrieve metadata of a public playbook run linked to a channel they have guest access to via the RHSRuns GraphQL...
6.8AI Score
Cops Are Just Trolling Cybercriminals Now
Police are using subtle psychological operations against ransomware gangs to sow distrust in their ranks—and trick them into emerging from the...
7.2AI Score
Exposure Of Sensitive Information To An Unauthorized Actor
Mattermost is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. The vulnerability is due to a lack of proper authorization checks in the /api/v4/groups//channels//link endpoint, allowing users to learn members of an AD/LDAP group linked to a team by adding the group to a...
6.7AI Score
hrbazaar.ru Cross Site Scripting vulnerability OBB-3931357
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
artus.ru Cross Site Scripting vulnerability OBB-3931356
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
12n.ru Cross Site Scripting vulnerability OBB-3931354
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
12news.ru Cross Site Scripting vulnerability OBB-3931355
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
staff-hub.ru Cross Site Scripting vulnerability OBB-3931353
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
dsgners.ru Cross Site Scripting vulnerability OBB-3931352
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
kozhindev.com Cross Site Scripting vulnerability OBB-3931351
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
mitula.ru Cross Site Scripting vulnerability OBB-3931350
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
nedvizhimost.mitula.ru Cross Site Scripting vulnerability OBB-3931349
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
sibinetweek.ru Cross Site Scripting vulnerability OBB-3931348
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
double24.ru Cross Site Scripting vulnerability OBB-3931347
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
abc-medicina.com Cross Site Scripting vulnerability OBB-3931346
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
software: busybox 1.36.1 OS: ROSA-CHROME package_evr_string: busybox-1.36.1-3 CVE-ID: CVE-2022-30065 BDU-ID: 2023-02631 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the copyvar function of the BusyBox suite of UNIX command line utilities is related to incorrect processing of a template...
8.1AI Score
0.011EPSS
(RHSA-2024:3369) Important: Errata Advisory for Red Hat OpenShift GitOps v1.10.6 security update
Errata Advisory for Red Hat OpenShift GitOps v1.10.6 Security Fix(es): CVE-2024-31989 argocd: unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. For more details about the security issue(s), including the impact, a CVSS score,...
7.3AI Score
0.037EPSS
(RHSA-2024:3368) Important: Errata Advisory for Red Hat OpenShift GitOps v1.12.3 security update
Errata Advisory for Red Hat OpenShift GitOps v1.12.3 Security Fix(es): CVE-2024-31989 argocd: unprivileged pod in a different namespace on the same cluster could connect to the Redis server. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and...
7.3AI Score
0.037EPSS
Software: libsolv 0.7.11 OS: ROSA Virtualization 2.1 package_evr_string: libsolv-0.7.11 CVE-ID: CVE-2021-44568 BDU-ID: 2023-05482 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the resolve_dependencies function of the libsolv library is related to writing beyond buffer boundaries in memory....
6.8AI Score
0.004EPSS
mocodo is vulnerable to SQL Injection. The vulnerability is due to improper sanitization of the sql_case input field in /web/generate.php, allowing remote attackers to execute arbitrary SQL commands and potentially command injection, leading to remote code execution (RCE) under certain...
8.5AI Score
vxe-table is vulnerable to Cross Site Scripting (XSS). The vulnerability is due to inadequate sanitization of user-supplied input within the inputValue argument of the export function in the vxe-textarea component. It allows malicious actors to execute arbitrary JavaScript code within the context.....
6.8AI Score
0.0004EPSS
Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM memory, thus potentially....
7.8CVSS
7.8AI Score