Lucene search

K

Royal Elementor Addons (Elementor Templates, Post Grid, Mega Menu & Header Footer Builder, WooCommerce Builder, Product Grid, Slider, Parallax Image & Other Free Elementor Widgets) Security Vulnerabilities

cvelist
cvelist

CVE-2024-6292

Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...

0.0004EPSS

2024-06-24 09:46 PM
8
cvelist
cvelist

CVE-2024-6291

Use after free in Swiftshader in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...

0.0004EPSS

2024-06-24 09:46 PM
5
cvelist
cvelist

CVE-2024-6290

Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...

0.0004EPSS

2024-06-24 09:46 PM
7
openbugbounty
openbugbounty

flexbox.at Cross Site Scripting vulnerability OBB-3938480

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 09:45 PM
3
openbugbounty
openbugbounty

clintlukensrealty.com Cross Site Scripting vulnerability OBB-3938479

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 09:11 PM
5
openbugbounty
openbugbounty

mrpoc.net Cross Site Scripting vulnerability OBB-3938478

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 09:04 PM
4
openbugbounty
openbugbounty

bluearcher.com Cross Site Scripting vulnerability OBB-3938477

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 09:01 PM
5
openbugbounty
openbugbounty

refurbpro.com Cross Site Scripting vulnerability OBB-3938476

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 08:51 PM
4
openbugbounty
openbugbounty

borrellassociates.com Cross Site Scripting vulnerability OBB-3938475

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 08:46 PM
4
openbugbounty
openbugbounty

uoanbar.edu.iq Cross Site Scripting vulnerability OBB-3938474

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 07:17 PM
5
openbugbounty
openbugbounty

bioindustry.org Cross Site Scripting vulnerability OBB-3938467

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 06:06 PM
4
openbugbounty
openbugbounty

support.realtech.com Cross Site Scripting vulnerability OBB-3938464

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 05:35 PM
4
malwarebytes
malwarebytes

Change Healthcare confirms the customer data stolen in ransomware attack

For the first time since news broke about a ransomware attack on Change Healthcare, the company has released details about the data stolen during the attack. First, a quick refresher: On February 21, 2024, Change Healthcare experienced serious system outages due to a cyberattack. The incident led.....

7.4AI Score

2024-06-24 04:42 PM
2
githubexploit
githubexploit

Exploit for CVE-2024-5806

CVE-2024-5806 Exploit for Progress MOVEit Transfer...

9.1CVSS

7AI Score

EPSS

2024-06-24 04:28 PM
26
openbugbounty
openbugbounty

jkpanchayat.jk.gov.in Cross Site Scripting vulnerability OBB-3938462

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 04:19 PM
6
osv
osv

CodeChecker has a Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store`

Summary ZIP files uploaded to the server-side endpoint handling a CodeChecker store are not properly sanitized. An attacker can exercise a path traversal to make the CodeChecker server load and display files from an arbitrary location on the server machine. Details Target The vulnerable endpoint...

6.5CVSS

6.7AI Score

0.0004EPSS

2024-06-24 04:18 PM
2
github
github

CodeChecker has a Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store`

Summary ZIP files uploaded to the server-side endpoint handling a CodeChecker store are not properly sanitized. An attacker can exercise a path traversal to make the CodeChecker server load and display files from an arbitrary location on the server machine. Details Target The vulnerable endpoint...

6.5CVSS

6.7AI Score

0.0004EPSS

2024-06-24 04:18 PM
3
ibm
ibm

Security Bulletin: A vulnerability in Node.js affects IBM Rational® Application Developer for WebSphere® Software (CVE-2024-27980)

Summary Node.js is used as runtime and SDK for Apache Cordova applications within IBM Rational® Application Developer for WebSphere® Software. Information about security vulnerabilities affecting Node.js has been published in a security bulletin. Vulnerability Details Refer to the security...

7AI Score

EPSS

2024-06-24 04:16 PM
cve
cve

CVE-2024-6287

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite...

7.5CVSS

7.8AI Score

0.0004EPSS

2024-06-24 04:15 PM
7
osv
osv

CVE-2024-6287

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite...

7.5CVSS

7.7AI Score

0.0004EPSS

2024-06-24 04:15 PM
nvd
nvd

CVE-2024-6287

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite...

7.5CVSS

0.0004EPSS

2024-06-24 04:15 PM
6
cve
cve

CVE-2024-6285

Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm-trusted-firmware. An integer underflow in image range check calculations could lead to bypassing address restrictions and loading of images to unallowed...

7.5CVSS

7.5AI Score

0.0004EPSS

2024-06-24 04:15 PM
8
osv
osv

CVE-2024-6285

Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm-trusted-firmware. An integer underflow in image range check calculations could lead to bypassing address restrictions and loading of images to unallowed...

7.5CVSS

7.1AI Score

0.0004EPSS

2024-06-24 04:15 PM
nvd
nvd

CVE-2024-6285

Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm-trusted-firmware. An integer underflow in image range check calculations could lead to bypassing address restrictions and loading of images to unallowed...

7.5CVSS

0.0004EPSS

2024-06-24 04:15 PM
4
openbugbounty
openbugbounty

ucly.fr Cross Site Scripting vulnerability OBB-3938461

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 04:07 PM
8
openbugbounty
openbugbounty

esdes.fr Cross Site Scripting vulnerability OBB-3938460

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 04:04 PM
6
openbugbounty
openbugbounty

axent.com.au Cross Site Scripting vulnerability OBB-3938459

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 03:51 PM
5
ibm
ibm

Security Bulletin: Updating IBM WebSphere Liberty Profile in Identity Insight for security update

Summary Identity Insight customers are advised to update IBM WebSphere Liberty Profile (WLP) to version 24.0.0.6 for security update in WLP. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section Affected Products and Versions Affected Product(s) |...

9.8CVSS

7.3AI Score

0.001EPSS

2024-06-24 03:45 PM
9
cvelist
cvelist

CVE-2024-6287 Incorrect Address Range Calculations

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite...

7.5CVSS

0.0004EPSS

2024-06-24 03:37 PM
6
openbugbounty
openbugbounty

ductmann.co.uk Cross Site Scripting vulnerability OBB-3938458

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 03:35 PM
4
cvelist
cvelist

CVE-2024-6285 Integer Underflow in Memory Range Check in Renesas RCAR

Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm-trusted-firmware. An integer underflow in image range check calculations could lead to bypassing address restrictions and loading of images to unallowed...

7.5CVSS

0.0004EPSS

2024-06-24 03:32 PM
5
vulnrichment
vulnrichment

CVE-2024-6285 Integer Underflow in Memory Range Check in Renesas RCAR

Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm-trusted-firmware. An integer underflow in image range check calculations could lead to bypassing address restrictions and loading of images to unallowed...

7.5CVSS

6.9AI Score

0.0004EPSS

2024-06-24 03:32 PM
1
wordfence
wordfence

Supply Chain Attack on WordPress.org Plugins Leads to 5 Maliciously Compromised WordPress Plugins

On Monday June 24th, 2024 the Wordfence Threat Intelligence team became aware of a plugin, Social Warfare, that was injected with malicious code on June 22, 2024 based on a forum post by the WordPress.org Plugin Review team. We immediately checked the malicious file and uploaded it to our internal....

7.1AI Score

2024-06-24 03:21 PM
3
openbugbounty
openbugbounty

viskefi.com Cross Site Scripting vulnerability OBB-3938457

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 03:20 PM
3
openbugbounty
openbugbounty

knsolutionedu.com Cross Site Scripting vulnerability OBB-3938456

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 03:18 PM
nvd
nvd

CVE-2024-33687

Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the...

0.0004EPSS

2024-06-24 03:15 PM
1
cve
cve

CVE-2024-33687

Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the...

6.4AI Score

0.0004EPSS

2024-06-24 03:15 PM
6
openbugbounty
openbugbounty

miraclus.com Cross Site Scripting vulnerability OBB-3938455

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 03:12 PM
3
aix
aix

Multiple vulnerabilities in IBM Java SDK affect AIX

IBM SECURITY ADVISORY First Issued: Mon Jun 24 15:10:30 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/java_jun2024_advisory.asc Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX...

5.9CVSS

4.6AI Score

0.0004EPSS

2024-06-24 03:10 PM
1
cvelist
cvelist

CVE-2024-33687

Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the...

0.0004EPSS

2024-06-24 03:03 PM
2
vulnrichment
vulnrichment

CVE-2024-33687

Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the...

6.7AI Score

0.0004EPSS

2024-06-24 03:03 PM
thn
thn

Google Introduces Project Naptime for AI-Powered Vulnerability Research

Google has developed a new framework called Project Naptime that it says enables a large language model (LLM) to carry out vulnerability research with an aim to improve automated discovery approaches. "The Naptime architecture is centered around the interaction between an AI agent and a target...

8.3AI Score

2024-06-24 03:03 PM
18
openbugbounty
openbugbounty

basoindia.org Cross Site Scripting vulnerability OBB-3938451

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 02:55 PM
githubexploit
githubexploit

Exploit for CVE-2024-29868

CVE-2024-29868: Use of Cryptographically Weak PRNG in...

7.2AI Score

0.0004EPSS

2024-06-24 02:53 PM
20
openbugbounty
openbugbounty

bbmdr.it Cross Site Scripting vulnerability OBB-3938449

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 02:46 PM
3
openbugbounty
openbugbounty

ediliziapubblicapratese.it Cross Site Scripting vulnerability OBB-3938448

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 02:44 PM
3
openbugbounty
openbugbounty

montealato.it Cross Site Scripting vulnerability OBB-3938447

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-24 02:39 PM
3
ibm
ibm

Security Bulletin: Vulnerability has been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2024-37532)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about an identity spoofing vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...

8.8CVSS

6.5AI Score

0.0004EPSS

2024-06-24 02:21 PM
1
ibm
ibm

Security Bulletin: Security vulnerabilities may affect IBM WebSphere Liberty shipped with IBM CICS TX Standard

Summary Security vulnerabilities may affect IBM WebSphere Liberty shipped with IBM CICS TX Standard. IBM CICS TX Standard has addressed the applicable issue. Vulnerability Details ** CVEID: CVE-2024-22353 DESCRIPTION: **IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 is...

7.5CVSS

7.5AI Score

0.0004EPSS

2024-06-24 02:15 PM
1
cve
cve

CVE-2024-4748

The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request to the application server. The exploitation risk is limited since CRUDDIY is meant to be launched locally. Nevertheless, a user with the project running on their computer might visit a website which...

8.8CVSS

8.9AI Score

0.0004EPSS

2024-06-24 02:15 PM
11
Total number of security vulnerabilities1799689