Lucene search
K

2331 matches found

Positive Technologies
Positive Technologies
added 2023/07/10 12:0 a.m.6 views

PT-2023-25417 · Unknown · Phpgurukul Online Shopping Portal

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Shopping Portal version 1.0 Description: A critical issue has been found in the Registration Page component of the affected software, leading to improper restriction of excessive authentication attempts. This can be exploite...

9.1CVSS7.2AI score0.00574EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2023/07/08 6:14 a.m.4 views

Improve Your Security WordPress Spam Protection With CleanTalk Anti-Spam

Every website owner or webmaster grapples with the issue of spam on their website forms. The volume of spam can be so overwhelming that finding useful information within it becomes quite challenging. What exacerbates this issue is that spam can populate your public pages, appearing in comments an...

6.6AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/07/07 2:18 a.m.3 views

SUSE CVE-2023-37210

A website could prevent a user from exiting full-screen mode via alert and prompt calls. This could lead to user confusion and possible spoofing attacks. This vulnerability affects Firefox 115...

6.5CVSS6.1AI score0.00237EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2023/07/06 10:55 p.m.35 views

Sentry CORS misconfiguration

Impact The Sentry API incorrectly returns the access-control-allow-credentials: true HTTP header if the Origin request header ends with the system.base-hostname option of Sentry installation. This only affects installations that have system.base-hostname option explicitly set, as it is empty by...

6.8CVSS6.6AI score0.00543EPSS
Exploits0References8Affected Software1
Opera Security Advisories
Opera Security Advisories
added 2023/07/06 12:0 a.m.12 views

Debunking misinformation about Opera’s browsers

Privacy, Security Debunking misinformation about Opera’s browsers Share July 6th, 2023 At Opera, we take the privacy and security of our users very seriously. As a European company, we have to be compliant with the GDPR – one of the strongest, if not the strongest, data protection frameworks in t...

8.8CVSS6.9AI score0.05036EPSS
Exploits4References1
OSV
OSV
added 2023/07/05 10:15 a.m.2 views

CVE-2023-37210

A website could prevent a user from exiting full-screen mode via alert and prompt calls. This could lead to user confusion and possible spoofing attacks. This vulnerability affects Firefox 115...

6.5CVSS7.4AI score0.00237EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/07/05 9:1 a.m.13 views

CVE-2023-3482

When Firefox is configured to block storage of all cookies, it was still possible to store data in localstorage by using an iframe with a source of 'about:blank'. This could have led to malicious websites storing tracking data without permission. This vulnerability affects Firefox 115...

6.4AI score0.0048EPSS
Exploits0References3
Mozilla
Mozilla
added 2023/07/04 12:0 a.m.166 views

Security Vulnerabilities fixed in Firefox 115 — Mozilla

When Firefox is configured to block storage of all cookies, it was still possible to store data in localstorage by using an iframe with a source of 'about:blank'. This could have led to malicious websites storing tracking data without permission. An attacker could have triggered a use-after-free...

8.8CVSS7.8AI score0.00696EPSS
Exploits1References13Affected Software1
Malwarebytes
Malwarebytes
added 2023/07/03 2:0 a.m.15 views

A week in security (June 26 - July 2)

Last week on Malwarebytes Labs: A proxyjacking campaign is looking for vulnerable SSH servers New technique can defeat voice authentication "after only six tries" "Free" Evil Dead Rise movie scam lurks in Amazon listings Spyware app LetMeSpy hacked, tracked user data posted online Online safety...

7.2AI score
Exploits0
CNNVD
CNNVD
added 2023/06/30 12:0 a.m.5 views

MediaWiki 安全漏洞

MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems.CheckUser extension is one of the user information checking extensions. A security vulnerability...

9.8CVSS8.1AI score0.00953EPSS
Exploits1References3
Malwarebytes
Malwarebytes
added 2023/06/28 3:0 a.m.14 views

Why blocking ads is good for your digital health

Online content is largely powered and paid for by advertising. Almost every site you visit, every forum you browse, and even the online stores you buy things from is an advert extravaganza, and they dont just stop at showing cool offers for shirts at 50% off. The scaffolding the adverts sit on go...

7.2AI score
Exploits0
OSV
OSV
added 2023/06/27 11:5 a.m.9 views

OESA-2023-1368 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: An issue was discovered in drivers/media/dvb-core/dvbfrontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASKRUNNING. In dvbfrontendgetevent, waiteventinterruptible is called; the condition is...

5.5CVSS7.1AI score0.00413EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/06/27 12:0 a.m.2 views

PT-2023-7868

Name of the Vulnerable Software and Affected Versions Microsoft Edge affected versions not specified Description The issue is related to a security feature bypass in Microsoft Edge, allowing a remote attacker to bypass security restrictions by loading a malicious web page or file. This is due to...

4.3CVSS4.5AI score0.00863EPSS
Exploits0References13
Code423n4
Code423n4
added 2023/06/23 12:0 a.m.14 views

Missing slippage protection leads to potential sandwich of small transfers or blocking the swap feature

Lines of code Vulnerability details Impact The swap module is invoked with a default of coinswaptypes.InputCoin: transferredCoin, Address: recipient.String, coinswaptypes.OutputCoin: swapCoins, Address: recipient.String. The swap module makes sure that in tokens of the swap are limitted to...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/06/20 12:0 a.m.55 views

SUSE SLES12: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2023:2537-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2537-1 advisory. The SUSE Linux Enterprise 12 SP4 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were...

7.8CVSS6.8AI score0.16642EPSS
Exploits0References43
Mageia
Mageia
added 2023/06/19 4:29 p.m.128 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.117 and fixes atleast the following security issues: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs CVE-2022-48425. An out-of-bounds memory access flaw was found in...

7.8CVSS8.1AI score0.12966EPSS
Exploits9References8
OSV
OSV
added 2023/06/17 11:5 a.m.2 views

OESA-2023-1353 kernel security update

The Linux Kernel image for RaspberryPi. Security Fixes: An issue was discovered in drivers/media/dvb-core/dvbfrontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASKRUNNING. In dvbfrontendgetevent, waiteventinterruptible is called; the condition is...

5.5CVSS7.1AI score0.00413EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/06/14 8:15 a.m.25 views

CVE-2023-30631

Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server. The configuration option proxy.config.http.pushmethodenabled didn't function. However, by default the PUSH method is blocked in the ipallow configuration file.This issue affects Apache Traffic Server:...

7.5CVSS7.1AI score0.02005EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/06/14 12:0 a.m.38 views

SUSE SLES12: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2023:2501-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2501-1 advisory. The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...

7.8CVSS6.8AI score0.16642EPSS
Exploits0References69
Tenable Nessus
Tenable Nessus
added 2023/06/13 12:0 a.m.33 views

Fedora 38 : kernel (2023-75b22000cd)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-75b22000cd advisory. The 6.3.7 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...

5.5CVSS7AI score0.00413EPSS
Exploits0References2
Rows per page
Query Builder