Tuesday, July 2, 2024 Security Releases
Summary The Node.js project will release new versions of the 22.x, 20.x, 18.x releases lines on or shortly after, Tuesday, July 2, 2024 in order to address: 1 high severity issues. 2 medium severity issues. 3 low severity issues. Node.js fetch will be upgraded to undici v6.19.2 on Node.js 18.x...
7AI Score
marysedemay.com Cross Site Scripting vulnerability OBB-3939713
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
renobains.com Cross Site Scripting vulnerability OBB-3939712
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
A vulnerability classified as problematic was found in Ingenico Estate Manager 2023. Affected by this vulnerability is an unknown functionality of the file /emgui/rest/preferences/PREF_HOME_PAGE/sponsor/3/ of the component New Widget Handler. The manipulation of the argument URL leads to cross...
2.4CVSS
EPSS
A vulnerability classified as problematic was found in Ingenico Estate Manager 2023. Affected by this vulnerability is an unknown functionality of the file /emgui/rest/preferences/PREF_HOME_PAGE/sponsor/3/ of the component New Widget Handler. The manipulation of the argument URL leads to cross...
2.4CVSS
3.4AI Score
EPSS
CVE-2024-6415 Ingenico Estate Manager New Widget cross site scripting
A vulnerability classified as problematic was found in Ingenico Estate Manager 2023. Affected by this vulnerability is an unknown functionality of the file /emgui/rest/preferences/PREF_HOME_PAGE/sponsor/3/ of the component New Widget Handler. The manipulation of the argument URL leads to cross...
2.4CVSS
EPSS
A vulnerability classified as problematic has been found in Parsec Automation TrakSYS 11.x.x. Affected is an unknown function of the file TS/export/contentpage of the component Export Page. The manipulation of the argument ID leads to direct request. It is possible to launch the attack remotely....
5.3CVSS
EPSS
A vulnerability classified as problematic has been found in Parsec Automation TrakSYS 11.x.x. Affected is an unknown function of the file TS/export/contentpage of the component Export Page. The manipulation of the argument ID leads to direct request. It is possible to launch the attack remotely....
5.3CVSS
5.4AI Score
EPSS
CVE-2019-20633 affecting package patch 2.7.6-8
CVE-2019-20633 affecting package patch 2.7.6-8. No patch is available...
5.5CVSS
5.8AI Score
0.001EPSS
CVE-2016-2568 affecting package polkit 0.119-3
CVE-2016-2568 affecting package polkit 0.119-3. No patch is available...
7.8CVSS
7.9AI Score
0.0004EPSS
CVE-2023-39326 affecting package golang for versions less than 1.21.6-1
CVE-2023-39326 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...
5.3CVSS
7.3AI Score
0.001EPSS
CVE-2023-24536 affecting package golang for versions less than 1.21.6-1
CVE-2023-24536 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...
7.5CVSS
7.3AI Score
0.005EPSS
CVE-2023-45284 affecting package golang for versions less than 1.21.6-1
CVE-2023-45284 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...
5.3CVSS
7.3AI Score
0.001EPSS
CVE-2023-44487 affecting package golang for versions less than 1.21.6-1
CVE-2023-44487 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...
7.5CVSS
7.3AI Score
0.732EPSS
CVE-2016-8681 affecting package libdwarf for versions less than 0.9.0
CVE-2016-8681 affecting package libdwarf for versions less than 0.9.0. A patched version of the package is...
5.5CVSS
6AI Score
0.001EPSS
CVE-2023-44487 affecting package flannel for versions less than 0.14.0-18
CVE-2023-44487 affecting package flannel for versions less than 0.14.0-18. A patched version of the package is...
7.5CVSS
7.8AI Score
0.732EPSS
CVE-2023-25801 affecting package tensorflow for versions less than 2.11.1-1
CVE-2023-25801 affecting package tensorflow for versions less than 2.11.1-1. A patched version of the package is...
8CVSS
9.9AI Score
0.0004EPSS
CVE-2023-25660 affecting package tensorflow for versions less than 2.11.1-1
CVE-2023-25660 affecting package tensorflow for versions less than 2.11.1-1. A patched version of the package is...
7.5CVSS
9.1AI Score
0.001EPSS
CVE-2023-25658 affecting package tensorflow for versions less than 2.11.1-1
CVE-2023-25658 affecting package tensorflow for versions less than 2.11.1-1. A patched version of the package is...
7.5CVSS
9.1AI Score
0.001EPSS
CVE-2023-3817 affecting package rust for versions less than 1.68.2-5
CVE-2023-3817 affecting package rust for versions less than 1.68.2-5. A patched version of the package is...
5.3CVSS
6.3AI Score
0.002EPSS
CVE-2023-29406 affecting package golang for versions less than 1.20.7-1
CVE-2023-29406 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
6.5CVSS
7.3AI Score
0.001EPSS
CVE-2023-29403 affecting package golang for versions less than 1.20.7-1
CVE-2023-29403 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
7.8CVSS
7.3AI Score
0.001EPSS
CVE-2023-24538 affecting package golang for versions less than 1.19.8-1
CVE-2023-24538 affecting package golang for versions less than 1.19.8-1. A patched version of the package is...
9.8CVSS
10AI Score
0.003EPSS
CVE-2022-3857 affecting package syslinux 6.04-10
CVE-2022-3857 affecting package syslinux 6.04-10. No patch is available...
5.5CVSS
5.5AI Score
0.001EPSS
CVE-2022-3162 affecting package keda 2.4.0-20
CVE-2022-3162 affecting package keda 2.4.0-20. No patch is available...
6.5CVSS
7AI Score
0.001EPSS
CVE-2022-41725 affecting package msft-golang for versions less than 1.19.6-1
CVE-2022-41725 affecting package msft-golang for versions less than 1.19.6-1. A patched version of the package is...
7.5CVSS
9.1AI Score
0.001EPSS
CVE-2023-25761 affecting package junit 4.13-5
CVE-2023-25761 affecting package junit 4.13-5. No patch is available...
5.4CVSS
7.5AI Score
0.001EPSS
CVE-2022-45639 affecting package sleuthkit 4.9.0-4
CVE-2022-45639 affecting package sleuthkit 4.9.0-4. No patch is available...
7.8CVSS
7.5AI Score
0.004EPSS
CVE-2022-47021 affecting package opusfile 0.12-2
CVE-2022-47021 affecting package opusfile 0.12-2. No patch is available...
7.8CVSS
7.7AI Score
0.0005EPSS
CVE-2018-14628 affecting package samba 4.12.5-6
CVE-2018-14628 affecting package samba 4.12.5-6. No patch is available...
4.3CVSS
5.1AI Score
0.001EPSS
CVE-2017-11548 affecting package libao 1.2.0-24
CVE-2017-11548 affecting package libao 1.2.0-24. No patch is available...
5.5CVSS
7.5AI Score
0.002EPSS
CVE-2022-4123 affecting package podman 4.1.1-21
CVE-2022-4123 affecting package podman 4.1.1-21. No patch is available...
3.3CVSS
4.3AI Score
0.0004EPSS
CVE-2022-4055 affecting package xdg-utils 1.1.3-7
CVE-2022-4055 affecting package xdg-utils 1.1.3-7. No patch is available...
7.4CVSS
7.5AI Score
0.001EPSS
CVE-2021-3672 affecting package pgbouncer 1.16.1-1
CVE-2021-3672 affecting package pgbouncer 1.16.1-1. No patch is available...
5.6CVSS
7AI Score
0.002EPSS
CVE-2022-42969 affecting package python-py 1.10.0-3
CVE-2022-42969 affecting package python-py 1.10.0-3. No patch is available...
7.5CVSS
7.7AI Score
0.007EPSS
CVE-2022-36069 affecting package poetry 1.0.10-2
CVE-2022-36069 affecting package poetry 1.0.10-2. No patch is available...
7.3CVSS
7.3AI Score
0.001EPSS
CVE-2022-1615 affecting package samba 4.12.5-6
CVE-2022-1615 affecting package samba 4.12.5-6. No patch is available...
5.5CVSS
5.9AI Score
0.001EPSS
CVE-2022-36033 affecting package jsoup 1.11.3-3
CVE-2022-36033 affecting package jsoup 1.11.3-3. No patch is available...
6.1CVSS
8AI Score
0.001EPSS
CVE-2021-3670 affecting package samba 4.12.5-6
CVE-2021-3670 affecting package samba 4.12.5-6. No patch is available...
6.5CVSS
6.8AI Score
0.003EPSS
CVE-2020-17049 affecting package samba 4.12.5-6
CVE-2020-17049 affecting package samba 4.12.5-6. No patch is available...
6.6CVSS
7.9AI Score
0.027EPSS
CVE-2021-33463 affecting package yasm 1.3.0-15
CVE-2021-33463 affecting package yasm 1.3.0-15. No patch is available...
5.5CVSS
5.6AI Score
0.001EPSS
CVE-2021-33460 affecting package yasm 1.3.0-15
CVE-2021-33460 affecting package yasm 1.3.0-15. No patch is available...
5.5CVSS
5.6AI Score
0.001EPSS
CVE-2021-33458 affecting package yasm 1.3.0-15
CVE-2021-33458 affecting package yasm 1.3.0-15. No patch is available...
5.5CVSS
5.6AI Score
0.001EPSS
CVE-2021-33454 affecting package yasm for versions less than 1.3.0-15
CVE-2021-33454 affecting package yasm for versions less than 1.3.0-15. No patch is available...
5.5CVSS
5.6AI Score
0.001EPSS
CVE-2021-3738 affecting package samba 4.12.5-6
CVE-2021-3738 affecting package samba 4.12.5-6. No patch is available...
8.8CVSS
7.9AI Score
0.002EPSS
CVE-2021-23192 affecting package samba 4.12.5-6
CVE-2021-23192 affecting package samba 4.12.5-6. No patch is available...
7.5CVSS
7.6AI Score
0.001EPSS
CVE-1999-0901 affecting package ypserv 4.1-4
CVE-1999-0901 affecting package ypserv 4.1-4. No patch is available...
6.9AI Score
0.0004EPSS
CVE-2019-17414 affecting package vino 3.22.0-20
CVE-2019-17414 affecting package vino 3.22.0-20. No patch is available...
7.5CVSS
7.7AI Score
0.002EPSS
CVE-2005-0868 affecting package tn5250 0.17.4-26
CVE-2005-0868 affecting package tn5250 0.17.4-26. No patch is available...
7.3AI Score
0.002EPSS
CVE-2012-3381 affecting package sblim-sfcb 1.4.9-20
CVE-2012-3381 affecting package sblim-sfcb 1.4.9-20. No patch is available...
6.8AI Score
0.0004EPSS