Lucene search
K

36104 matches found

Openbugbounty
Openbugbounty
added 2024/08/10 9:33 a.m.8 views

cfj.gov.ar Cross Site Scripting vulnerability OBB-3954242

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OSV
OSV
added 2024/08/10 5:57 a.m.2 views

BELL-CVE-2024-7348

Bulletin has no description...

7.5CVSS7.6AI score0.01565EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2024/08/09 5:39 p.m.8 views

repository.hkust.edu.hk Cross Site Scripting vulnerability OBB-3954036

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/08/09 4:27 p.m.8 views

flex.com Cross Site Scripting vulnerability OBB-3954024

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Debian CVE
Debian CVE
added 2024/08/09 8:46 a.m.16 views

CVE-2024-22122

Zabbix allows to configure SMS notifications. AT command injection occurs on "Zabbix Server" because there is no validation of "Number" field on Web nor on Zabbix server side. Attacker can run test of SMS providing specially crafted phone number and execute additional AT commands on modem...

9.1CVSS4.7AI score0.01606EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/09 12:0 a.m.7 views

PT-2024-6098 · Zabbix +4 · Zabbix +4

Name of the Vulnerable Software and Affected Versions: Zabbix versions 5.0.0 through 7.0.0rc2 Description: The issue is related to the configuration of SMS notifications in Zabbix, where an AT command injection occurs due to the lack of validation of the Number field. This allows an attacker to...

9.9CVSS6.3AI score0.76618EPSS
Exploits8References100
Vulnrichment
Vulnrichment
added 2024/08/08 4:51 p.m.29 views

CVE-2024-42366 VR Overlay RCE

VRCX is an assistant/companion application for VRChat. In versions prior to 2024.03.23, a CefSharp browser with over-permission and cross-site scripting via overlay notification can be combined to result in remote command execution. These vulnerabilities are patched in VRCX 2023.12.24. In additio...

9CVSS6.8AI score0.00743EPSS
Exploits0References2
Openbugbounty
Openbugbounty
added 2024/08/08 9:30 a.m.11 views

ultratechcement.com Cross Site Scripting vulnerability OBB-3953908

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
CNNVD
CNNVD
added 2024/08/08 12:0 a.m.4 views

VRCX 安全漏洞

VRCX is a helper/companion application for VRChat from the VRCX team. A security vulnerability exists in versions of VRCX prior to 2024.03.23, which stems from the fact that the CefSharp browser with over-privileges and cross-site scripting via override notifications can be used in combination to...

9CVSS6.4AI score0.00743EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2024/08/07 8:38 p.m.12 views

pussyboy.net Cross Site Scripting vulnerability OBB-3953825

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/08/07 12:0 a.m.32 views

GLSA-202408-10 : nghttp2: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202408-10 nghttp2: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in nghttp2. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly...

7.5CVSS7.3AI score0.99999EPSS
Exploits20References5
AlpineLinux
AlpineLinux
added 2024/08/06 1:15 p.m.17 views

CVE-2024-7518

Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1...

8.7AI score0.0048EPSS
Exploits0
NVD
NVD
added 2024/08/06 1:15 p.m.18 views

CVE-2024-7518

Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1...

6.5CVSS0.0048EPSS
Exploits0References4
OSV
OSV
added 2024/08/06 1:15 p.m.3 views

CVE-2024-7518

Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1...

6.5CVSS5.6AI score0.0048EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/08/06 1:15 p.m.14 views

CVE-2024-7518

Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1...

6.5CVSS6.8AI score0.0048EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/08/06 12:38 p.m.24 views

CVE-2024-7518

Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1...

0.0048EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/08/06 12:38 p.m.17 views

CVE-2024-7518

Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1...

8.6AI score0.0048EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/08/06 12:38 p.m.9 views

CVE-2024-7518

Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1...

6.5CVSS7.3AI score0.0048EPSS
Exploits0
CNNVD
CNNVD
added 2024/08/06 12:0 a.m.4 views

Gorush 安全漏洞

Gorush is a push notification server written in Go by Bo-Yi Wu, an individual developer. A security vulnerability exists in Gorush v1.18.4, which stems from the use of a deprecated version of TLS in the RunHTTPServer function. An attacker can use this vulnerability to intercept and manipulate dat...

9.1CVSS6.5AI score0.00308EPSS
Exploits0References2
Mozilla
Mozilla
added 2024/08/06 12:0 a.m.28 views

Security Vulnerabilities fixed in Thunderbird 128.1 — Mozilla

Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape....

9.8CVSS7AI score0.00602EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder