bloxham.co.uk Cross Site Scripting vulnerability OBB-3934972
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
6msportal.com Cross Site Scripting vulnerability OBB-3934971
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
hotelnordic.com Cross Site Scripting vulnerability OBB-3934970
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Elasticsearch StackOverflow vulnerability
A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of...
4.9CVSS
6.8AI Score
EPSS
Elasticsearch StackOverflow vulnerability
A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of...
4.9CVSS
6.5AI Score
EPSS
hkit.edu.hk Cross Site Scripting vulnerability OBB-3934969
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Transmitted data is logged between the device and the backend service. An attacker could use these logs to perform a replay attack to replicate...
6.5AI Score
EPSS
Transmitted data is logged between the device and the backend service. An attacker could use these logs to perform a replay attack to replicate...
EPSS
Logs storing credentials are insufficiently protected and can be decoded through the use of open source...
6.6AI Score
EPSS
Logs storing credentials are insufficiently protected and can be decoded through the use of open source...
EPSS
Fuji Electric Tellus Lite V-Simulator is vulnerable to an out-of-bounds write, which could allow an attacker to manipulate memory, resulting in execution of arbitrary...
7.8CVSS
EPSS
Fuji Electric Tellus Lite V-Simulator is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary...
7.8CVSS
EPSS
Fuji Electric Tellus Lite V-Simulator is vulnerable to an out-of-bounds write, which could allow an attacker to manipulate memory, resulting in execution of arbitrary...
7.8CVSS
7.7AI Score
EPSS
Fuji Electric Tellus Lite V-Simulator is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary...
7.8CVSS
8AI Score
EPSS
incois.gov.in Cross Site Scripting vulnerability OBB-3934968
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
mtech.am Open Redirect vulnerability OBB-3934967
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
portal.pepsic.bvsalud.org Open Redirect vulnerability OBB-3934965
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
Logs storing credentials are insufficiently protected and can be decoded through the use of open source...
EPSS
realtimerental.com Cross Site Scripting vulnerability OBB-3934964
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CVE-2024-37022 Fuji Electric Tellus Lite V-Simulator Out-of-bounds Write
Fuji Electric Tellus Lite V-Simulator is vulnerable to an out-of-bounds write, which could allow an attacker to manipulate memory, resulting in execution of arbitrary...
7.8CVSS
EPSS
CVE-2024-37029 Fuji Electric Tellus Lite V-Simulator Stack-based Buffer Overflow
Fuji Electric Tellus Lite V-Simulator is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary...
7.8CVSS
EPSS
CVE-2024-37029 Fuji Electric Tellus Lite V-Simulator Stack-based Buffer Overflow
Fuji Electric Tellus Lite V-Simulator is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary...
7.8CVSS
7.7AI Score
EPSS
Transmitted data is logged between the device and the backend service. An attacker could use these logs to perform a replay attack to replicate...
EPSS
The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password...
EPSS
The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password...
7.1AI Score
EPSS
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper length checking, which can result in an OOB (Out-of-Bounds) Write...
8.4CVSS
EPSS
A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of...
4.9CVSS
5.1AI Score
EPSS
A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of...
4.9CVSS
EPSS
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper length checking, which can result in an OOB (Out-of-Bounds) Write...
8.4CVSS
8.4AI Score
EPSS
The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password...
7.5AI Score
EPSS
The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password...
EPSS
Chinese ‘Smishing Triad’ Group Targets Pakistanis with SMS Phishing
Protect yourself from Smishing attacks in Pakistan! Smishing Triad, a notorious cybercriminal group, is targeting Pakistani bank customers with fake Pakistan Post messages. Learn how to identify and avoid these scams to protect your financial...
7.2AI Score
CVE-2024-37280 Elasticsearch StackOverflow vulnerability
A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of...
4.9CVSS
EPSS
CVE-2024-37280 Elasticsearch StackOverflow vulnerability
A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of...
4.9CVSS
6.7AI Score
EPSS
Cyberattack on Swedish Gambling Site During Eurovision Highlights Strategic Threats
Every year, the Eurovision Song Contest captivates millions of viewers across Europe and beyond, turning a simple music competition into a cultural phenomenon. This popularity extends to various forms of betting, with numerous gambling sites offering odds on Eurovision outcomes. Eurovision has...
7.5AI Score
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.0 and prior to versions 1.13.7, 1.14.12, and 1.15.6, the output of cilium-bugtool can contain sensitive data when the tool is run (with the --envoy-dump flag set) against Cilium...
7.9CVSS
EPSS
UERANSIM before 3.2.6 allows out-of-bounds read when a RLS packet is sent to gNodeB with malformed PDU length. This occurs in function readOctetString in src/utils/octet_view.cpp and in function DecodeRlsMessage in...
6.8AI Score
EPSS
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.0 and prior to versions 1.13.7, 1.14.12, and 1.15.6, the output of cilium-bugtool can contain sensitive data when the tool is run (with the --envoy-dump flag set) against Cilium...
7.9CVSS
7.7AI Score
EPSS
UERANSIM before 3.2.6 allows out-of-bounds read when a RLS packet is sent to gNodeB with malformed PDU length. This occurs in function readOctetString in src/utils/octet_view.cpp and in function DecodeRlsMessage in...
EPSS
Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal audit REST API. A remote authenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing...
5.4CVSS
8AI Score
EPSS
A Reflected Cross-Site Scripting (XSS) vulnerability in the blog function of Modern Campus - Omni CMS 2023.1 allows a remote attacker to inject arbitrary scripts or HTML via multiple...
5.7AI Score
EPSS
Dell SCG, versions prior to 5.22.00.00, contain a SQL Injection Vulnerability in the SCG UI for an internal audit REST API. A remote authenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing...
5.4CVSS
EPSS
XPath Injection vulnerabilities in the blog and RSS functions of Modern Campus - Omni CMS 2023.1 allow a remote, unauthenticated attacker to obtain application...
EPSS
A Reflected Cross-Site Scripting (XSS) vulnerability in the blog function of Modern Campus - Omni CMS 2023.1 allows a remote attacker to inject arbitrary scripts or HTML via multiple...
EPSS
XPath Injection vulnerabilities in the blog and RSS functions of Modern Campus - Omni CMS 2023.1 allow a remote, unauthenticated attacker to obtain application...
7.4AI Score
EPSS
CVE-2024-37307 Cilium leaks sensitive information in cilium-bugtool
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.0 and prior to versions 1.13.7, 1.14.12, and 1.15.6, the output of cilium-bugtool can contain sensitive data when the tool is run (with the --envoy-dump flag set) against Cilium...
7.9CVSS
EPSS
grdb.co.uk Cross Site Scripting vulnerability OBB-3934955
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Wordfence Intelligence Weekly WordPress Vulnerability Report (June 3, 2024 to June 9, 2024)
_ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? __Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the...
10CVSS
8.4AI Score
EPSS
lsaw.org Cross Site Scripting vulnerability OBB-3934953
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. Starting in version 2.2.0 and prior to version 2.14.3, if an attacker can trick a logged-in CVAT user into visiting a malicious URL, they can initiate a dataset export or a backup from a...
7.1CVSS
6.8AI Score
EPSS