CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2023/12/13 7:15 p.m.•16 views

Cross site scripting

3.3CVSS6.5AI score0.00624EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/12/13 6:30 p.m.•38 views

CVE-2023-6791 PAN-OS: Plaintext Disclosure of External System Integration Credentials

4.9CVSS5.2AI score0.00624EPSS

Palo Alto Networks•added 2023/12/13 5:0 p.m.•31 views

PAN-OS: Plaintext Disclosure of External System Integration Credentials

7.7CVSS6.2AI score0.00624EPSS

Prion•added 2023/12/13 7:15 a.m.•19 views

Authorization

An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error or in the event where debug level logging is enabled in Kibana. Elastic has released Kibana 8.11.2 which resolves this issue. The messages recorded in the log may contain Accou...

4CVSS6.6AI score0.00608EPSS

Exploits0References1Affected Software1

OSV•added 2023/12/07 12:15 p.m.•4 views

CVE-2023-47779

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in CRM Perks. Integration for Constant Contact and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for Constant Contact and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.1.4...

6.1CVSS7.3AI score0.00382EPSS

Hacker One•added 2023/12/07 4:44 a.m.•5 views

PortSwigger Web Security: The role "CI-driven scan initiator" provides excessive read access

The reporter noticed that all authenticated users were able to access certain non-sensitive information such as metadata about third-party integrations. This was found to be by design, and the documentation was updated to clarify the information available to all authenticated users...

6.5AI score

Microsoft Secure•added 2023/12/06 5:0 p.m.•13 views

Microsoft Security Copilot drives new product integrations at Microsoft Ignite to empower security and IT teams

First announced in March 2023, Microsoft Security Copilot—Microsofts first generative AI security product—has sparked major interest. The widespread enthusiasm was on full display after announcing our Early Access Program in October 2023 and sharing our incredible Security Copilot innovations at...

7.6AI score

Microsoft Malware Protection•added 2023/12/06 5:0 p.m.•17 views

Microsoft Security Copilot drives new product integrations at Microsoft Ignite to empower security and IT teams

7.6AI score

Github Security Blog•added 2023/11/27 12:30 p.m.•25 views

Mattermost Improper Access Control vulnerability

Mattermost fails to check if hardened mode is enabled when overriding the username and/or the icon when posting a post. If settings allowed integrations to override the username and profile picture when posting, a member could also override the username and icon when making a post even if the...

4.3CVSS7AI score0.00417EPSS

Exploits0References3Affected Software2

NVD•added 2023/11/27 9:15 a.m.•15 views

CVE-2023-47865

4.3CVSS0.00417EPSS

The Hacker News•added 2023/10/31 11:21 a.m.•39 views

PentestPad: Platform for Pentest Teams

In the ever-evolving cybersecurity landscape, the game-changers are those who adapt and innovate swiftly. Pen test solutions not only supercharge productivity but also provide a crucial layer of objectivity, ensuring efficiency and exceptional accuracy. The synergy between a skilled penetration...

Trend Micro Simply Security•added 2023/10/26 12:0 a.m.•19 views

Strategic Tips to Optimize Cybersecurity Consolidation

Say goodbye to security silos. Organizations are eager to take advantage of cybersecurity consolidation and make their security environments more manageable. Evolving incrementally and adopting a platform that supports third-party integrations are key to reducing cybersecurity complexity...

CNNVD•added 2023/10/25 12:0 a.m.•4 views

Fides Code Issues Vulnerabilities

Fides is an open source privacy engineering platform for managing the implementation of data privacy requests in a runtime environment and the enforcement of privacy regulations in code. A security vulnerability exists in versions of Fides prior to 2.22.1 that stems from allowing custom...

8.2CVSS6.7AI score0.00675EPSS

Exploits0References4

MSRC•added 2023/10/12 7:0 a.m.•17 views

Introducing the Microsoft AI Bug Bounty Program featuring the AI-powered Bing experience

Today at BlueHat we announced the new Microsoft AI bug bounty program with awards up to $15,000. This new bounty program features the AI-powered Bing experience as the first in scope product. The following products and integrations are eligible for bounty awards: AI-powered Bing experiences on...

Qualys Blog•added 2023/09/28 5:10 p.m.•21 views

Qualys Named a Market Leader in GigaOm Radar Report for Application Security Testing

Qualys Web Application Scanning WAS has been named a leader in the GigaOm Radar Report for Application Security Testing, 2023. Web app security is critical for every organization, for attacks on this vector caused 25% of breaches, according to the Verizon 2023 Data Breach Investigations Report. T...

OSSF Malicious Packages•added 2023/09/21 1:39 a.m.•3 views

Malicious code in @zettle-bo/integrations (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1f1d37dda5bbd9abe0b6406a408e4cc6d849f90c1602e3455ce8de0b9fc50fa1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...