Lucene search
K

113 matches found

OSV
OSV
added 2023/05/02 6:15 p.m.3 views

DEBIAN-CVE-2023-30861

Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches Set-Cookie headers, it may send one client's session...

7.5CVSS7.5AI score0.01261EPSS
Exploits1References1
OSV
OSV
added 2023/05/02 6:15 p.m.1 views

UBUNTU-CVE-2023-30861

Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches Set-Cookie headers, it may send one client's session...

7.5CVSS7AI score0.01261EPSS
Exploits1References10
Openbugbounty
Openbugbounty
added 2022/09/15 11:8 a.m.15 views

walkerbooks.com.au Cross Site Scripting vulnerability OBB-2922918

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OSV
OSV
added 2022/04/24 9:27 p.m.13 views

GSD-2022-1001603 mm/kmemleak: reset tag when compare object pointer

mm/kmemleak: reset tag when compare object pointer This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.19 by commit...

7.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2021/04/21 1:15 p.m.13 views

rubygem-actionpack: possible strong parameters bypass

A flaw was found in rubygem-actionpack. Untrusted hashes of data is possible for values of each, eachvalue, and eachpair which can lead to cases of user supplied information being leaked from Strong Parameters. Applications that use these hashes may inadvertently use untrusted user input. The...

7.5CVSS6.8AI score0.04198EPSS
Exploits1References5
Openbugbounty
Openbugbounty
added 2018/04/18 1:51 a.m.17 views

zuerioberland-tourismus.ch XSS vulnerability

Open Bug Bounty ID: OBB-603483 Description| Value ---|--- Affected Website:| zuerioberland-tourismus.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Kitploit
Kitploit
added 2018/03/24 8:39 p.m.24 views

LeakVM - Research & Pentesting Framework For Android, Run Security Tests Instantly

LeakVM: Run security tests instantly. Why LeakVM : LeakVM fast security test on Android, by skipping the time-consuming build pen-testing laboratories, you can test on real devices or virtual devices. LeakVM makes researchers and pen-testers more productive since they can run the test on real tim...

7.8AI score
Exploits0References16
Openbugbounty
Openbugbounty
added 2018/01/20 9:13 p.m.9 views

tr.wikiloc.com XSS vulnerability

Open Bug Bounty ID: OBB-533694 Description| Value ---|--- Affected Website:| tr.wikiloc.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Hacker One
Hacker One
added 2017/11/24 3:5 p.m.391 views

Ruby on Rails: ActionController::Parameters .each returns an unsafe hash

Rails 5.1.4 The goal of ActionController::Parameters's permit method strong parameters is to prevent accidental trust in the parameters sent by the client. We can therefore not simply create a hash of all the parameters in the params without permitting them first. When we really want to do this...

5CVSS0.4AI score0.04198EPSS
Exploits1
Veracode
Veracode
added 2017/04/12 2:29 a.m.6 views

Cross-site Scripting (XSS)

riotjs is vulnerable to cross-site scripting XSS attacks. This is because of how each is evaluated. It copies the expressions evaluated to the child tags and if this information is controlled by a user, it can execute JavaScript...

5.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/11/02 10:52 a.m.12 views

dance.nyc XSS vulnerability

Vulnerable URL: https://www.dance.nyc/search/?dir=%3C/script%3E%3Cscript%3Ealert'OPENBUGBOUNTY';%3C/script%3E%3Cscript%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 759468 VIP...

6.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2016/05/13 7:36 a.m.10 views

chromium-browser: same origin bypass in blink v8 bindings

The forEachForBinding function in WebKit/Source/bindings/core/v8/Iterable.h in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.102, uses an improper creation context, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

8.8CVSS7.4AI score0.01285EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.33 views

Fedora Update for quagga FEDORA-2007-2196

Check for the Version of quagga OpenVAS Vulnerability Test Fedora Update for quagga FEDORA-2007-2196 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

6.3CVSS7.6AI score0.0174EPSS
Exploits0References2
Rows per page
Query Builder