There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected product versions...
5.9CVSS
0.002EPSS
There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected product versions...
5.9CVSS
5.5AI Score
0.002EPSS
There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected product versions...
5.9CVSS
5.5AI Score
0.002EPSS
There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected product versions...
5.7AI Score
0.002EPSS
gites-espace-detente.com Cross Site Scripting vulnerability OBB-2233268
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.1AI Score
There is an out of bounds write vulnerability in some Huawei ...
7.5CVSS
7.2AI Score
0.001EPSS
There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions...
7.5CVSS
7.4AI Score
0.001EPSS
There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions...
7.5CVSS
0.001EPSS
There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions...
7.5CVSS
7.4AI Score
0.001EPSS
There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions...
7.6AI Score
0.001EPSS
Exploit for Deserialization of Untrusted Data in Solarwinds Orion Platform
CVE-2021-35215 SolarWinds Orion Platform ActionPluginBaseView...
8.9CVSS
8.9AI Score
0.121EPSS
Security Advisory - Out of Bounds Write Vulnerability in Some Huawei Products
There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition. (Vulnerability ID:...
7.5CVSS
6.9AI Score
0.001EPSS
Many individuals know about red groups ‒ moral programmers who test the security protections of an association by dispatching assaults in a controlled climate. Red groups are gone against by blue groups, who are entrusted with assessing an association’s security availability, forestalling red...
-0.4AI Score
A3: Sensitive Data Exposure ❗️ — Top 10 OWASP 2017
A3: Sensitive Data Exposure ❗️ — Top 10 OWASP 2017 Introduction I feel like a lot of mystery surrounds this issue from the top 10 OWASP vulnerabilities. A lot of people seem to wonder which data is sensitive when exposed. Some people seem to think every single API key disclosed in a JS file is a...
7.5CVSS
7.7AI Score
0.001EPSS
The iframe-font-preview.php file of the titan-framework does not properly escape the font-weight and font-family GET parameters before outputting them back in an href attribute, leading to Reflected Cross-Site Scripting...
6.1CVSS
6AI Score
0.002EPSS
The iframe-font-preview.php file of the titan-framework does not properly escape the font-weight and font-family GET parameters before outputting them back in an href attribute, leading to Reflected Cross-Site Scripting...
6.1CVSS
0.002EPSS
The iframe-font-preview.php file of the titan-framework does not properly escape the font-weight and font-family GET parameters before outputting them back in an href attribute, leading to Reflected Cross-Site Scripting...
6.1CVSS
6.1AI Score
0.002EPSS
CVE-2021-24435 Titan Framework <= 1.12.1 - Reflected Cross-Site Scripting (XSS)
The iframe-font-preview.php file of the titan-framework does not properly escape the font-weight and font-family GET parameters before outputting them back in an href attribute, leading to Reflected Cross-Site Scripting...
6.3AI Score
0.002EPSS
Watch what you send on anonymous SMS websites
It's a good idea to try and keep certain things private. For example, people have been using anonymous email services for years. These either hide your real email address, or replace it entirely for specific tasks. Folks will go one step further, setting aliases for each service they sign up to....
-0.5AI Score
WordPress Woosaleskit Bar plugin <= 1.0.0 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Woosaleskit Bar plugin (versions <= 1.0.0). Solution This plugin has been closed as of May 2, 2019 and is not available for download. Reason: Guideline...
3.1AI Score
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Events Shortcodes & Templates For The Events Calendar plugin (versions <= 1.7.1). Solution Update the WordPress Events Shortcodes & Templates For The Events Calendar plugin to the latest...
2AI Score
WordPress Venture Event Manager plugin <= 3.2.4 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Venture Event Manager plugin (versions <= 3.2.4). Solution Update the WordPress Venture Event Manager plugin to the latest available version (at least...
2.1AI Score
WordPress BetterOptin plugin <= 2.0.2 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress BetterOptin plugin (versions <= 2.0.2). Solution This plugin has been closed and is no longer available for...
3.1AI Score
WordPress WP Mobile Menu plugin <= 2.8.2.2 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress WP Mobile Menu plugin (versions <= 2.8.2.2). Solution Update the WordPress WP Mobile Menu plugin to the latest available version (at least...
2AI Score
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Total Sales For Woocommerce plugin (versions <= 1.1). Solution 2021-08-27 - no patched version...
2.1AI Score
WordPress Awesome Support plugin <= 6.0.8 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Awesome Support plugin (versions <= 6.0.8). Solution Update the WordPress Awesome Support plugin to the latest available version (at least...
2.1AI Score
WordPress Icons with Links Widget plugin <= 1.2 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Icons with Links Widget plugin (versions <= 1.2). Solution This plugin has been closed as of July 5, 2021 and is not available for download. This closure is temporary, pending a full...
2.6AI Score
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Request Quote via Whatsapp for Woocommerce plugin (versions <= 1.0.1). Solution This plugin has been closed as of September 25, 2019 and is not available for...
3.9AI Score
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex in WordPress 4k Icons for Visual Composer plugin (versions <= 1.0). Solution This plugin has been closed and is no longer available for...
6.1CVSS
3.1AI Score
0.002EPSS
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Ad Blocker Notify Lite plugin (versions <= 2.4.0). Solution 2021-08-25 - no patched version is available. Deactivate and...
2.5AI Score
Titan Framework <= 1.12.1 - Reflected Cross-Site Scripting (XSS)
The iframe-font-preview.php file of the titan-framework does not properly escape the font-weight and font-family GET parameters before outputting them back in an href attribute, leading to Reflected Cross-Site Scripting issues Edit (WPScanTeam): - The original report mentioned the issue in the...
6.1CVSS
0.1AI Score
0.002EPSS
WordPress Border Loading Bar plugin <= 1.0.1 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Border Loading Bar plugin (versions <= 1.0.1). Solution This plugin has been closed as of September 7, 2021 and is not available for download. This closure is temporary, pending a full...
2.5AI Score
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Facebook Page Feed Timeline plugin (versions <= 1.0). Solution This plugin has been closed as of July 15, 2019 and is not available for download. This closure is permanent. Reason: Author...
2AI Score
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Product Limited Time Availability Date for WooCommerce plugin (versions <= 1.0.1). Solution 2021-08-27 - no patched version...
1.9AI Score
WordPress AMP extensions plugin <= 1.1 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress AMP extensions plugin (versions <= 1.1). Solution 2021-08-25 - no patched version is available. Deactivate and...
2.4AI Score
Titan Framework <= 1.12.1 - Reflected Cross-Site Scripting (XSS)
The iframe-font-preview.php file of the titan-framework does not properly escape the font-weight and font-family GET parameters before outputting them back in an href attribute, leading to Reflected Cross-Site Scripting issues Edit (WPScanTeam): - The original report mentioned the issue in the...
6.1CVSS
0.5AI Score
0.002EPSS
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex in WordPress Disable Image Right Click plugin (versions <= 1.0). Solution Deactivate and delete. This plugin has been closed as of January 6, 2022 and is not available for download. This closure is temporary, pending a full.....
6.1CVSS
1.7AI Score
0.002EPSS
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress W3SCloud Contact Form 7 to Zoho CRM plugin (versions <= 1.1.0). Solution Update the WordPress W3SCloud Contact Form 7 to Zoho CRM plugin to the latest available version (at least...
2AI Score
WordPress Stars Menu plugin <= 1.0.1 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Stars Menu plugin (versions <= 1.0.1). Solution 2021-08-27 - no patched version...
2.2AI Score
WordPress Кнопка Яндекс Денег plugin <= 2.3.3 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Кнопка Яндекс Денег plugin (versions <= 2.3.3). Solution Update the WordPress Кнопка Яндекс Денег plugin to the latest available version (at least...
1.6AI Score
WordPress Affiliate PRO plugin <= 1.3.1 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Affiliate PRO plugin (versions <= 1.3.1). Solution This plugin has been closed and is no longer available for...
3.9AI Score
WordPress tcS3 plugin <= 2.1.1 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress tcS3 plugin (versios <= 2.1.1). Solution 2021-08-27 - no patched version...
2.1AI Score
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress TR Easy Google Analytics plugin (versions <= 1.0.0). Solution This plugin has been closed as of October 23, 2018 and is not available for download. Reason: Guideline...
3.1AI Score
WordPress Titan Framework plugin <= 1.12.1 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Titan Framework plugin (versions <= 1.12.1). Solution This plugin has been closed as of March 16, 2021 and is not available for download. This closure is permanent. Reason: Author...
6.1CVSS
2.7AI Score
0.002EPSS
WordPress Sticky Related Posts <= 1.0 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Sticky Related Posts (versions <= 1.0). Solution This plugin has been closed as of January 28, 2021 and is not available for download. This closure is permanent. Reason: Author...
2.5AI Score
WordPress WebHotelier plugin <= 1.6.0 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress WebHotelier plugin (versions <= 1.6.0). Solution Update the WordPress WebHotelier plugin to the latest available version (at least...
2.2AI Score
WordPress Aoi Tori plugin <= 1.1 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Aoi Tori plugin (versions <= 1.1). Solution 2021-08-25 - no patched version is available. Deactivate and...
2.4AI Score
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex in WordPress Custom Text Selection Colors plugin (versions <= 1.0). Solution Deactivate and delete. This plugin has been closed as of January 6, 2022 and is not available for download. This closure is temporary, pending a ful...
6.1CVSS
2AI Score
0.002EPSS
WordPress Station Pro plugin <= 2.2.1 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability discovered by iohex and WPScanTeam in WordPress Station Pro plugin (versions <= 2.2.1). Solution Update the WordPress Station Pro plugin to the latest available version (at least...
2.2AI Score
Defending Against Malicious Cyber Activity Originating from Tor
Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) and Pre-ATT&CK framework. See the ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques. This advisory—written by the Cybersecurity Security and Infrastructure...
9.2AI Score