endeavorhall.org Cross Site Scripting vulnerability OBB-3939524
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
drawtite-hitches.com Cross Site Scripting vulnerability OBB-3939520
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
culina.com.sg Cross Site Scripting vulnerability OBB-3939518
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
craterenews.it Cross Site Scripting vulnerability OBB-3939517
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
cca-global.com Cross Site Scripting vulnerability OBB-3939516
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
birdtalker.net Cross Site Scripting vulnerability OBB-3939515
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
almadar.co.il Cross Site Scripting vulnerability OBB-3939513
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
alabamaschoolboards.org Cross Site Scripting vulnerability OBB-3939512
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
santo.cancaonova.com Cross Site Scripting vulnerability OBB-3939509
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
searchfilters.cadth.ca Cross Site Scripting vulnerability OBB-3939510
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
mazsola.iit.uni-miskolc.hu Cross Site Scripting vulnerability OBB-3939507
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
demography.hedgeye.com Cross Site Scripting vulnerability OBB-3939504
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
dobrezakupy.ekonsument.pl Cross Site Scripting vulnerability OBB-3939505
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
afdb.africa-newsroom.com Cross Site Scripting vulnerability OBB-3939503
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
bartlettltd.co.uk Cross Site Scripting vulnerability OBB-3939500
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Fedora 39 : freeipa (2024-1d1b485611)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-1d1b485611 advisory. Fix CVE-2024-2698 and CVE-2024-3183 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
8.1CVSS
7.8AI Score
0.0005EPSS
Debian dla-3849 : emacs - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3849 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3849-1 [email protected] ...
7.1AI Score
0.0004EPSS
Fedora 39 : kitty (2024-c7b79bc227)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-c7b79bc227 advisory. rebuild for rhbz#2292712 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...
7.4AI Score
GLSA-202406-06 : GStreamer, GStreamer Plugins: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202406-06 (GStreamer, GStreamer Plugins: Multiple Vulnerabilities) Multiple vulnerabilities have been discovered in GStreamer, GStreamer Plugins. Please review the CVE identifiers referenced below for details. Tenable has...
8.8CVSS
7.8AI Score
0.0005EPSS
SUSE SLES15 Security Update : frr (SUSE-SU-2024:2245-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2245-1 advisory. - CVE-2023-38406: Fixed nlri length of zero mishandling, aka 'flowspec overflow'. (bsc#1216900) - CVE-2023-47235: Fixed a crash on.....
9.8CVSS
7.9AI Score
0.001EPSS
FreeBSD : frr - Multiple vulnerabilities (07f0ea8c-356a-11ef-ac6d-a0423f48a938)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 07f0ea8c-356a-11ef-ac6d-a0423f48a938 advisory. [email protected] reports: In FRRouting (FRR) through 9.1, there are multiples vulnerabilities. ...
7.6AI Score
0.0004EPSS
FreeBSD : electron29 -- multiple vulnerabilities (0e73964d-053a-481a-bf1c-202948d68484)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 0e73964d-053a-481a-bf1c-202948d68484 advisory. Electron developers report: This update fixes the following vulnerabilities: Tenable has...
8.8CVSS
7.6AI Score
0.001EPSS
Debian dla-3848 : elpa-org - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3848 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3848-1 [email protected] ...
7.1AI Score
0.0004EPSS
dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context due to malformed unicode, it logs the list of audited headers and their values using the nlohmann JSON library. However, due to the way the JSON library is invoked, it throws an uncaught...
7.5CVSS
7.5AI Score
0.0004EPSS
dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context due to malformed unicode, it logs the list of audited headers and their values using the nlohmann JSON library. However, due to the way the JSON library is invoked, it throws an uncaught...
7.5CVSS
0.0004EPSS
CVE-2024-38525 dd-trace-cpp malformed unicode header values may cause crash
dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context due to malformed unicode, it logs the list of audited headers and their values using the nlohmann JSON library. However, due to the way the JSON library is invoked, it throws an uncaught...
7.5CVSS
0.0004EPSS
Summary A server-side request forgery (SSRF) vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details ** CVEID: CVE-2023-50952 DESCRIPTION: **IBM InfoSphere Information Server is vulnerable to server-side request forgery (SSRF). This may allow an authenticated...
5.4CVSS
6.3AI Score
0.0004EPSS
Metasploit Weekly Wrap-Up 06/28/2024
Unauthenticated Command Injection in Netis Router This week's Metasploit release includes an exploit module for an unauthenticated command injection vulnerability in the Netis MW5360 router which is being tracked as CVE-2024-22729. The vulnerability stems from improper handling of the password...
9.8CVSS
9AI Score
0.005EPSS
televizori.ba Cross Site Scripting vulnerability OBB-3939488
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
artgalleryfabrics.com Cross Site Scripting vulnerability OBB-3939486
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: ...
6.5CVSS
0.0004EPSS
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: ...
6.5CVSS
6.3AI Score
0.0004EPSS
USN-6851-1 fixed vulnerabilities in Netplan. The update lead to the discovery of a regression in netplan which caused systemctl enable to fail on systems where systemd is not running. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Andreas Hasenack...
8.2AI Score
Summary Vulnerabilities in Curl could allow a remote attacker to bypass security restrictions (CVE-2024-2466, CVE-2024-2004, CVE-2024-2379) or cause a denial of service (CVE-2024-2398). PowerSC uses Curl as part of PowerSC Trusted Network Connect (TNC). Vulnerability Details ** CVEID:...
7.5AI Score
0.0004EPSS
worldtranscargo.com Cross Site Scripting vulnerability OBB-3939485
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CVE-2024-25031 IBM Storage Defender information disclosure
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: ...
6.5CVSS
0.0004EPSS
Exploit for SQL Injection in Progress Moveit Cloud
CVE-2023-34362: MOVEit Transfer Unauthenticated RCE For a...
9.8CVSS
7.3AI Score
0.969EPSS
Exploit for SQL Injection in Progress Moveit Cloud
CVE-2023-34362: MOVEit Transfer Unauthenticated RCE For a...
9.8CVSS
9.8AI Score
0.969EPSS
ecnp.eu Cross Site Scripting vulnerability OBB-3939483
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Ingress-nginx code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation in...
8.8CVSS
7.2AI Score
0.001EPSS
app.lotterease.com Cross Site Scripting vulnerability OBB-3939482
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
bridalpartytees.com Cross Site Scripting vulnerability OBB-3939481
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
tgpecatsib.tatamotors.com Cross Site Scripting vulnerability OBB-3939480
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletin(s).....
8.8CVSS
8.6AI Score
0.0004EPSS
hanson.ad Cross Site Scripting vulnerability OBB-3939478
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
cecytab.edu.mx Cross Site Scripting vulnerability OBB-3939477
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
gratisspil.dk Cross Site Scripting vulnerability OBB-3939476
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
fysikoaerioellados.gr Cross Site Scripting vulnerability OBB-3939475
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
lasalina.es Cross Site Scripting vulnerability OBB-3939474
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CometBFT is unstability during blocksync when syncing from malicious peer
Name: ASA-2024-008: Instability during blocksync when syncing from malicious peer Component: CometBFT Criticality: Medium (ACMv1: I:Moderate; L: Possible) Affected versions: < v0.38.7 Summary An issue was identified for nodes syncing on an existing network during blocksync in which a malicious.....
6.7AI Score