36104 matches found
cfj.gov.ar Cross Site Scripting vulnerability OBB-3954242
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
BELL-CVE-2024-7348
Bulletin has no description...
repository.hkust.edu.hk Cross Site Scripting vulnerability OBB-3954036
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
flex.com Cross Site Scripting vulnerability OBB-3954024
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2024-22122
Zabbix allows to configure SMS notifications. AT command injection occurs on "Zabbix Server" because there is no validation of "Number" field on Web nor on Zabbix server side. Attacker can run test of SMS providing specially crafted phone number and execute additional AT commands on modem...
PT-2024-6098 · Zabbix +4 · Zabbix +4
Name of the Vulnerable Software and Affected Versions: Zabbix versions 5.0.0 through 7.0.0rc2 Description: The issue is related to the configuration of SMS notifications in Zabbix, where an AT command injection occurs due to the lack of validation of the Number field. This allows an attacker to...
CVE-2024-42366 VR Overlay RCE
VRCX is an assistant/companion application for VRChat. In versions prior to 2024.03.23, a CefSharp browser with over-permission and cross-site scripting via overlay notification can be combined to result in remote command execution. These vulnerabilities are patched in VRCX 2023.12.24. In additio...
ultratechcement.com Cross Site Scripting vulnerability OBB-3953908
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
VRCX 安全漏洞
VRCX is a helper/companion application for VRChat from the VRCX team. A security vulnerability exists in versions of VRCX prior to 2024.03.23, which stems from the fact that the CefSharp browser with over-privileges and cross-site scripting via override notifications can be used in combination to...
pussyboy.net Cross Site Scripting vulnerability OBB-3953825
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
GLSA-202408-10 : nghttp2: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202408-10 nghttp2: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in nghttp2. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly...
CVE-2024-7518
Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1...
CVE-2024-7518
Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1...
CVE-2024-7518
Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1...
CVE-2024-7518
Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1...
CVE-2024-7518
Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1...
CVE-2024-7518
Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1...
CVE-2024-7518
Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1...
Gorush 安全漏洞
Gorush is a push notification server written in Go by Bo-Yi Wu, an individual developer. A security vulnerability exists in Gorush v1.18.4, which stems from the use of a deprecated version of TLS in the RunHTTPServer function. An attacker can use this vulnerability to intercept and manipulate dat...
Security Vulnerabilities fixed in Thunderbird 128.1 — Mozilla
Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape....