Dell Client BIOS Improper Input Validation (DSA-2024-167)
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. Note that Nessus has not tested for this issue but has...
5.1CVSS
6.6AI Score
0.0004EPSS
Dell Client BIOS Multiple Vulnerabilities (DSA-2024-124)
Dell Client Platform BIOS contains multiple Improper Input Validation vulnerabilities in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. Note that Nessus has not tested for this issue but has...
7.5CVSS
6.9AI Score
0.0004EPSS
Dell Client BIOS Improper Input Validation (DSA-2024-125)
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. Note that Nessus has not tested for this issue but has instead...
7.5CVSS
6.8AI Score
0.0004EPSS
RHEL 5 : libxrender (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXrender: Insufficient validation of server responses results out-of-bounds write in...
9.8CVSS
10AI Score
0.014EPSS
RHEL 7 : libxrender (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXrender: Insufficient validation of server responses results out-of-bounds write in...
9.8CVSS
7.9AI Score
0.014EPSS
RHEL 6 : libxrender (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXrender: Insufficient validation of server responses results out-of-bounds write in...
9.8CVSS
10AI Score
0.014EPSS
RHEL 7 : webkitgtk (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. webkitgtk: heap-based buffer overflow (WSA-2015-0001) (CVE-2014-1303) webkitgtk: Processing web content...
9.8CVSS
10AI Score
0.961EPSS
RHEL 6 : webkitgtk (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. WebKit: Improper handling of data types from event objects (CVE-2010-4205) webkitgtk: heap-based buffer...
9.8CVSS
9.6AI Score
0.961EPSS
(RHSA-2024:2736) Moderate: openstack-tripleo-heat-templates and tripleo-ansible update
openstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools (codename heat), which can be used to help deploy OpenStack. Security Fix(es): tripleo-ansible: bind keys are world readable (CVE-2023-6725) For more details about the security issue(s), including the...
6.5AI Score
0.0004EPSS
RHEL 9 : openstack-tripleo-heat-templates and tripleo-ansible update (Moderate) (RHSA-2024:2736)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2736 advisory. openstack-tripleo-heat-templates is a collection of OpenStack Orchestration templates and tools (codename heat), which can be used to help deploy...
6.6CVSS
6.5AI Score
0.0004EPSS
RHEL 6 : libxrender (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXrender: Insufficient validation of server responses results out-of-bounds write in...
10AI Score
0.014EPSS
RHEL 5 : libxrender (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXrender: Insufficient validation of server responses results out-of-bounds write in...
10AI Score
0.014EPSS
RHEL 7 : libxrender (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXrender: Insufficient validation of server responses results out-of-bounds write in...
10AI Score
0.014EPSS
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'aux_gmaps' shortcode in all versions up to, and including, 2.15.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes....
6.4CVSS
5.7AI Score
0.001EPSS
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'aux_gmaps' shortcode in all versions up to, and including, 2.15.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes....
6.4CVSS
5.7AI Score
0.001EPSS
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'aux_gmaps' shortcode in all versions up to, and including, 2.15.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes....
6.4CVSS
5.9AI Score
0.001EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 15, 2024 to April 21, 2024)
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 209 vulnerabilities disclosed in 169...
9.9AI Score
EPSS
Description The plugin is vulnerable to Stored Cross-Site Scripting via the plugin's 'aux_gmaps' shortcode due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject.....
6.4CVSS
5.7AI Score
0.001EPSS
espace-ethique-normandie.fr Cross Site Scripting vulnerability OBB-3915175
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
espace-lumiere.fr Cross Site Scripting vulnerability OBB-3872126
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
espace-design.lu Improper Access Control vulnerability OBB-3845286
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
Anyscale Ray 2.6.3 and 2.8.0 - Server-Side Request Forgery
The Ray Dashboard API is affected by a Server-Side Request Forgery (SSRF) vulnerability in the url parameter of the /log_proxy API endpoint. The API does not perform sufficient input validation within the affected parameter and any HTTP or HTTPS URLs are accepted as...
9.1CVSS
8.6AI Score
0.326EPSS
espace-enchere-sud-aquitaine.fr Improper Access Control vulnerability OBB-3824483
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
espace-diamant.ajaccio.fr Cross Site Scripting vulnerability OBB-3777428
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.1AI Score
espace-ultradanse.fr Cross Site Scripting vulnerability OBB-3728272
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.1AI Score
Oracle Linux 7 : ELSA-2017-1308-1: / kernel (ELSA-2017-13081)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-13081 advisory. The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service (OOPS) by...
7.1AI Score
0.001EPSS
Malicious code in discord.js-v12-lukyy (npm)
-= Per source details. Do not edit below this line.=- Source: ghsa-malware (84f8bf74e566b2971105d1d8482b27bb35a3cd1aa60def4e10b9ae09a4397da8) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
7AI Score
Malicious code in fca-donqdev (npm)
-= Per source details. Do not edit below this line.=- Source: ghsa-malware (8aa466b4d3fe8071af6cbd682f544cd5681044d56a9d7b8816fc38424034230a) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
7AI Score
espace-numerique-entreprises.corsica Cross Site Scripting vulnerability OBB-3570484
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.1AI Score
espace-terroir.ch Cross Site Scripting vulnerability OBB-3524241
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.1AI Score
espace-ultradanse.fr Cross Site Scripting vulnerability OBB-3513703
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.1AI Score
espace-lumiere.fr Cross Site Scripting vulnerability OBB-3503840
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.1AI Score
espace-motos.fr Cross Site Scripting vulnerability OBB-3493242
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.1AI Score
espace-crequi.fr Cross Site Scripting vulnerability OBB-3493240
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.1AI Score
WP Abstracts <= 2.6.2 - Cross-Site Request Forgery
The plugin does not sufficiently verify requests use nonces, leading to a CSRF...
8.8CVSS
6.8AI Score
0.001EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI...
6.7CVSS
6.2AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI...
6.7CVSS
6.2AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI...
6.7CVSS
6.2AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI...
6.7CVSS
6.2AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI...
6.7CVSS
6.2AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI...
6.7CVSS
6.2AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI...
6.7CVSS
6.2AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI...
6.7CVSS
6.2AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI...
6.7CVSS
6.2AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI...
6.7CVSS
6.2AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI...
6.7CVSS
6.2AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI...
6.7CVSS
6.2AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI...
6.7CVSS
6.2AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI...
6.7CVSS
6.2AI Score
0.0004EPSS
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI...
6.7CVSS
6.2AI Score
0.0004EPSS