Windows Server 2008 SP2 And R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold And R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, And 1703, And Windows Server 2016 Security Vulnerabilities
Interesting research: "Hyperlink Hijacking: Exploiting Erroneous URL Links to Phantom Domains": Abstract: Web users often follow hyperlinks hastily, expecting them to be correctly programmed. However, it is possible those links contain typos or other mistakes. By discovering active but erroneous...
caetanobavierabmw.pt Cross Site Scripting vulnerability OBB-3934443
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
businessrescueexpert.co.uk Cross Site Scripting vulnerability OBB-3934440
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
businessbroker.net Improper Access Control vulnerability OBB-3934439
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
cordenperimetersystems.co.uk Cross Site Scripting vulnerability OBB-3934434
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
fjaproducts.com Cross Site Scripting vulnerability OBB-3934435
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
indre44.fr Cross Site Scripting vulnerability OBB-3934433
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
changepeople.org Cross Site Scripting vulnerability OBB-3934432
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
events.armybenevolentfund.org Cross Site Scripting vulnerability OBB-3934430
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
Bypassing 2FA with phishing and OTP bots
Introduction Two-factor authentication (2FA) is a security feature we have come to expect as standard by 2024. Most of today's websites offer some form of it, and some of them won't even let you use their service until you enable 2FA. Individual countries have adopted laws that require certain...
buboquote.com Cross Site Scripting vulnerability OBB-3934423
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
brookstradingcourse.com Cross Site Scripting vulnerability OBB-3934421
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
brooksplace.org Cross Site Scripting vulnerability OBB-3934417
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
florisbooks.co.uk Cross Site Scripting vulnerability OBB-3934416
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
CVE-2022-4055 affecting package xdg-utils 1.1.3-7
CVE-2022-4055 affecting package xdg-utils 1.1.3-7. No patch is available...
7.4CVSS
7.5AI Score
0.001EPSS
CVE-2012-3381 affecting package sblim-sfcb 1.4.9-20
CVE-2012-3381 affecting package sblim-sfcb 1.4.9-20. No patch is available...
6.8AI Score
0.0004EPSS
CVE-2012-2653 affecting package arpwatch 2.1a15-51
CVE-2012-2653 affecting package arpwatch 2.1a15-51. No patch is available...
9.5AI Score
0.011EPSS
CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5
CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...
7.5CVSS
7AI Score
0.001EPSS
CVE-2023-0687 affecting package glibc 2.35-7
CVE-2023-0687 affecting package glibc 2.35-7. This CVE either no longer is or was never...
9.8CVSS
9.6AI Score
0.001EPSS
CVE-2022-1941 affecting package grpc 1.42.0-7
CVE-2022-1941 affecting package grpc 1.42.0-7. This CVE either no longer is or was never...
7.5CVSS
8AI Score
0.002EPSS
CVE-2022-40898 affecting package python-wheel 0.33.6-7
CVE-2022-40898 affecting package python-wheel 0.33.6-7. No patch is available...
7.5CVSS
7.7AI Score
0.003EPSS
CVE-2016-2124 affecting package samba 4.12.5-6
CVE-2016-2124 affecting package samba 4.12.5-6. No patch is available...
5.9CVSS
6.8AI Score
0.002EPSS
CVE-2016-4912 affecting package openslp 2.0.0-26
CVE-2016-4912 affecting package openslp 2.0.0-26. No patch is available...
7.5CVSS
7.7AI Score
0.002EPSS
CVE-2022-43552 affecting package cmake 3.21.4-10
CVE-2022-43552 affecting package cmake 3.21.4-10. No patch is available...
5.9CVSS
8AI Score
0.001EPSS
CVE-2020-27748 affecting package xdg-utils 1.1.3-7
CVE-2020-27748 affecting package xdg-utils 1.1.3-7. No patch is available...
6.5CVSS
7.5AI Score
0.002EPSS
CVE-2019-16707 affecting package hunspell 1.7.0-7
CVE-2019-16707 affecting package hunspell 1.7.0-7. This CVE either no longer is or was never...
6.5CVSS
7AI Score
0.003EPSS
CVE-2010-4756 affecting package glibc 2.35-7
CVE-2010-4756 affecting package glibc 2.35-7. This CVE either no longer is or was never...
6.4AI Score
0.008EPSS
CVE-2023-25153 affecting package k3s for versions less than 1.25.5-7
CVE-2023-25153 affecting package k3s for versions less than 1.25.5-7. This CVE either no longer is or was never...
6.2CVSS
6.9AI Score
0.001EPSS
CVE-2016-1000104 affecting package mod_fcgid 2.3.9-21
CVE-2016-1000104 affecting package mod_fcgid 2.3.9-21. No patch is available...
8.8CVSS
8.9AI Score
0.008EPSS
CVE-2016-2568 affecting package polkit 0.119-3
CVE-2016-2568 affecting package polkit 0.119-3. No patch is available...
7.8CVSS
7.9AI Score
0.0004EPSS
CVE-2016-8681 affecting package libdwarf for versions less than 0.9.0
CVE-2016-8681 affecting package libdwarf for versions less than 0.9.0. A patched version of the package is...
5.5CVSS
6AI Score
0.001EPSS
CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10
CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10. A patched version of the package is...
7.5CVSS
7.8AI Score
0.732EPSS
CVE-2022-3857 affecting package syslinux 6.04-10
CVE-2022-3857 affecting package syslinux 6.04-10. No patch is available...
5.5CVSS
5.5AI Score
0.001EPSS
CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10
CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10. A patched version of the package is...
7.5CVSS
7.8AI Score
0.732EPSS
CVE-2024-23653 affecting package moby-compose for versions less than 2.17.2-7
CVE-2024-23653 affecting package moby-compose for versions less than 2.17.2-7. A patched version of the package is...
9.8CVSS
7.3AI Score
0.001EPSS
CVE-2022-4904 affecting package grpc 1.42.0-7
CVE-2022-4904 affecting package grpc 1.42.0-7. No patch is available...
8.6CVSS
8.9AI Score
0.001EPSS
CVE-2023-23916 affecting package cmake 3.21.4-10
CVE-2023-23916 affecting package cmake 3.21.4-10. No patch is available...
6.5CVSS
8.3AI Score
0.001EPSS
CVE-2023-23915 affecting package cmake 3.21.4-10
CVE-2023-23915 affecting package cmake 3.21.4-10. No patch is available...
6.5CVSS
8AI Score
0.001EPSS
CVE-2021-46023 affecting package rust 1.72.0-7
CVE-2021-46023 affecting package rust 1.72.0-7. This CVE either no longer is or was never...
7.5CVSS
7.6AI Score
0.001EPSS
9.8CVSS
7.7AI Score
0.005EPSS
GHSA-95PR-FXF5-86GV vulnerabilities
Vulnerabilities for packages: ko, zarf, gitsign, vexctl, skaffold, kubescape, falcoctl, spire-server, slsa-verifier, tekton-chains, zot, policy-controller, wolfictl, apko, tkn, aactl, goreleaser, falco, neuvector-sigstore-interface, melange,...
7.5AI Score
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: kubevela, dynamic-localpv-provisioner, haproxy-ingress, prometheus-blackbox-exporter, terraform-provider-azurerm, nats, dotnet, secrets-store-csi-driver, kind, oauth2-proxy, prometheus-elasticsearch-exporter, minio, tomcat, falco, kaf, gitlab-runner,...
7.5CVSS
9AI Score
0.732EPSS
CVE-2024-29018 vulnerabilities
Vulnerabilities for packages: ko, prometheus, ctop, kargo, telegraf, grype, kubescape, loki, spire-server, dagger, up, conftest, zot, wolfictl, tkn, syft, aactl, goreleaser, kaniko, buildkitd, buf, trivy, melange, crossplane, datadog-agent, docker-compose,...
5.9CVSS
5.9AI Score
0.0004EPSS
GHSA-2C7C-3MJ9-8FQH vulnerabilities
Vulnerabilities for packages: argo-workflows, flux-kustomize-controller, gitsign, vexctl, cert-manager, kubescape, spire-server, vault, cloudflared, slsa-verifier, external-secrets-operator, tekton-chains, cosign, argo-cd, tkn, rekor, keda, oauth2-proxy, sops, aactl, tekton-pipelines, falco,...
7.5AI Score
GHSA-JQ35-85CJ-FJ4P vulnerabilities
Vulnerabilities for packages: prometheus, ctop, k3d, skaffold, kpt, cert-manager, kubescape, loki, up, slsa-verifier, tekton-chains, aactl, tekton-pipelines, goreleaser, falco, k3s, bom, scorecard, paranoia,...
7.5AI Score
GHSA-MQ39-4GV4-MVPX vulnerabilities
Vulnerabilities for packages: ko, prometheus, ctop, kargo, telegraf, grype, kubescape, loki, spire-server, dagger, up, conftest, zot, wolfictl, tkn, syft, aactl, goreleaser, kaniko, buildkitd, buf, trivy, melange, crossplane, datadog-agent, docker-compose,...
7.5AI Score
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: nuclei, prometheus-operator, argo-workflows, litefs, runc, vexctl, hubble-ui, golangci-lint, kubevela, k9s, dynamic-localpv-provisioner, nerdctl, weaviate, haproxy-ingress, flux-image-automation-controller, terraform-provider-azurerm, kustomize,...
7.5AI Score
GHSA-R53H-JV2G-VPX6 vulnerabilities
Vulnerabilities for packages: eksctl, kots, up, zarf, flux-helm-controller, helm-operator, k9s, cilium-cli, flux-source-controller, cert-manager, istio-operator, kubescape, zot, chartmuseum, trivy, k8sgpt,...
7.5AI Score
Vulnerabilities for packages: kubernetes-dns-node-cache, consul,...
5.3CVSS
5.5AI Score
0.0004EPSS
7.5AI Score