CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Openbugbounty•added 2024/01/20 11:8 a.m.•8 views

the291.com Cross Site Scripting vulnerability OBB-3839220

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Openbugbounty•added 2024/01/19 9:48 p.m.•5 views

shisha-rauchen.info Improper Access Control vulnerability OBB-3838916

Openbugbounty•added 2024/01/19 8:57 p.m.•7 views

namagolshan.ir Improper Access Control vulnerability OBB-3838815

Openbugbounty•added 2024/01/19 8:24 p.m.•9 views

kopfing.info Improper Access Control vulnerability OBB-3838746

Openbugbounty•added 2024/01/19 7:38 p.m.•5 views

ciprianigroup.it Improper Access Control vulnerability OBB-3838677

Openbugbounty•added 2024/01/19 7:25 p.m.•5 views

centromedicocopiano.it Improper Access Control vulnerability OBB-3838647

Openbugbounty•added 2024/01/19 6:55 p.m.•8 views

carroluigi.it Improper Access Control vulnerability OBB-3838583

Rapid7 Blog•added 2024/01/19 3:40 p.m.•80 views

Critical CVEs in Outdated Versions of Atlassian Confluence and VMware vCenter Server

Rapid7 is highlighting two critical vulnerabilities in outdated versions of widely deployed software this week. Atlassian disclosed CVE-2023-22527, a template injection vulnerability in Confluence Server with a maxed-out CVSS score of 10, while VMware pushed a fresh update to its October 2023...

10CVSS10AI score0.99999EPSS

Exploits121

Github Security Blog•added 2024/01/19 3:28 p.m.•18 views

Validation of `VoteExtensionsEnableHeight` can cause chain halt in Go package github.com/cometbft/cometbft

Summary A vulnerability in CometBFT’s validation logic for VoteExtensionsEnableHeight can result in a chain halt when triggered through a governance parameter change proposal on an ABCI2 Application Chain. If a parameter change proposal including a VoteExtensionsEnableHeight modification is passe...

6.7AI score

Exploits0References3Affected Software1

Malwarebytes•added 2024/01/19 1:2 p.m.•33 views

CISA urges urgent patching of two actively exploited Citrix NetScaler vulnerabilities

The Cybersecurity and Infrastructure Security Agency CISA has added two Citrix NetScaler vulnerabilities to its Known Exploited Vulnerabilities catalog, and it has set the “due date” a week after they were added. Federal Civilian Executive Branch FCEB agencies are handed specific deadlines for wh...

6.5CVSS8.6AI score0.57633EPSS

HackRead•added 2024/01/19 12:32 p.m.•7 views

Critical “PixieFail” Flaws Expose Millions of Devices to Cyberattacks

By Deeba Ahmed Quarkslab Discovers "PixieFail" Vulnerabilities: Critical Flaws in Open Source UEFI Code Require Immediate Patching. This is a post from HackRead.com Read the original post: Critical "PixieFail" Flaws Expose Millions of Devices to Cyberattacks...

7.4AI score

Openbugbounty•added 2024/01/18 7:54 p.m.•6 views

rcm.asso-web.com Cross Site Scripting vulnerability OBB-3837715

Openbugbounty•added 2024/01/18 6:11 p.m.•11 views

cashbi.ru Cross Site Scripting vulnerability OBB-3837662

hivepro•added 2024/01/18 9:49 a.m.•41 views

Citrix Warns of Critical Netscaler Flaws Actively Exploited in Attacks – Urges Immediate Patching

Summary: Two zero-day security vulnerabilities, identified as CVE-2023-6548 and CVE-2023-6549, have been discovered in NetScaler ADC and NetScaler Gateway. These vulnerabilities are actively exploited in the wild. CVE-2023-6548 affects the NetScaler management interface, potentially leading to...

6.4CVSS7.8AI score0.57633EPSS

Openbugbounty•added 2024/01/18 6:7 a.m.•13 views

adesso.com Cross Site Scripting vulnerability OBB-3837489

Openbugbounty•added 2024/01/17 11:56 p.m.•14 views

zlatanotok.hr Improper Access Control vulnerability OBB-3837463