368 matches found
Exploit for Special Element Injection in Google Android
!python-static-badgehttps://img.shields.io/badge/Python-blue?...
PT-2024-23976 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions prior to the March 2024 patch Description: The issue is related to a missing permission check that allows bypassing restrictions on adding new Wi-Fi connections. This could lead to local escalation of privilege with no...
South Korean ERP Vendor's Server Hacked to Spread Xctdoor Malware
An unnamed South Korean enterprise resource planning ERP vendor's product update server has been found to be compromised to deliver a Go-based backdoor dubbed Xctdoor. The AhnLab Security Intelligence Center ASEC, which identified the attack in May 2024, did not attribute it to a known threat act...
Fedora 38 : dotnet8.0 (2024-1ef4b14811)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-1ef4b14811 advisory. This is the March 2024 monthly update for .NET 8 for Fedora. Release Notes: https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.3/8.0.3.md Tenable...
CISA Known Exploited Vulnerability Catalog March 2024
Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog, prioritize remediation of listed vulnerabilities, and reduce...
CISA Known Exploited Vulnerability Catalog March 2024
For a detailed CISAs KEV Catalog, download the pdf file here Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog,...
visit.freiburg.de Cross Site Scripting vulnerability OBB-3891054
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
royale-chulan.hotels-in-kuala-lumpur.com Cross Site Scripting vulnerability OBB-3891034
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
avomm.com Cross Site Scripting vulnerability OBB-3890929
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
alanstewartproductions.be Cross Site Scripting vulnerability OBB-3890828
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
projetest.com.br Cross Site Scripting vulnerability OBB-3890800
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
nahverkehrsportal.de Cross Site Scripting vulnerability OBB-3890725
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress Xpro Elementor Addons Plugin <= 1.4.2 is vulnerable to Cross Site Scripting (XSS)
Software Xpro Elementor Addons Type Plugin Vulnerable versions = 1.4.2 Fixed in 1.4.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2250 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7f86252c86a0 Credits Francesco Carlucci...
WordPress pageMash > Page Management Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)
Software pageMash Page Management Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31087 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 77d83c9f1a3c Credits Dimas Maulana Required...
WordPress Woocommerce Social Media Share Buttons Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)
Software Woocommerce Social Media Share Buttons Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31109 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2941fe56e84a Credits Dimas Maula...
WordPress Hacklog Down As PDF Plugin <= 2.3.6 is vulnerable to Cross Site Scripting (XSS)
Software Hacklog Down As PDF Type Plugin Vulnerable versions = 2.3.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31090 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 688ae2dee281 Credits Dimas Maulana Required privile...
colchesterfuneral.frontrunnerpro.com Cross Site Scripting vulnerability OBB-3890260
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
proshop-fujioka.co.jp Cross Site Scripting vulnerability OBB-3890240
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
bayceer.uni-bayreuth.de Cross Site Scripting vulnerability OBB-3890135
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
tennoji-itkaikei.ac.jp Cross Site Scripting vulnerability OBB-3889875
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...