Lucene search
K

29035 matches found

NVD
NVD
added 2023/12/21 9:15 p.m.18 views

CVE-2023-46648

An insufficient entropy vulnerability was identified in GitHub Enterprise Server GHES that allowed an attacker to brute force a user invitation to the GHES Management Console. To exploit this vulnerability, an attacker would need knowledge that a user invitation was pending. This vulnerability...

8.3CVSS0.00744EPSS
Exploits0References4
Prion
Prion
added 2023/12/21 9:15 p.m.16 views

Authentication flaw

An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed a bypass of Private Mode by using a specially crafted API request. To exploit this vulnerability, an attacker would need network access to the Enterprise Server appliance configured in Private Mode...

5CVSS7.2AI score0.00815EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/12/21 9:15 p.m.21 views

Design/Logic Flaw

An insufficient entropy vulnerability was identified in GitHub Enterprise Server GHES that allowed an attacker to brute force a user invitation to the GHES Management Console. To exploit this vulnerability, an attacker would need knowledge that a user invitation was pending. This vulnerability...

5.1CVSS6.9AI score0.00744EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2023/12/21 9:15 p.m.17 views

Path traversal

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This...

3.3CVSS6.9AI score0.00791EPSS
Exploits0References5Affected Software1
Malwarebytes
Malwarebytes
added 2023/12/21 9:2 p.m.13 views

US pharmacy Rite Aid banned from operating facial recognition systems

Pharmacy chain Rite Aid has been denied the right to run facial recognition systems in its stores for five years, by a Federal Trade Commission FTC ruling. The regulator found so many flaws in the retailers surveillance program that it concluded Rite Aid had failed to implement reasonable...

6.9AI score
Exploits0
Vulnrichment
Vulnrichment
added 2023/12/21 8:45 p.m.15 views

CVE-2023-46645 Path traversal in GitHub Enterprise Server leading to arbitrary file reading when building a GitHub Pages site

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This...

6.8CVSS6.9AI score0.00791EPSS
Exploits0References5
CVE
CVE
added 2023/12/21 8:45 p.m.52 views

CVE-2023-46645

CVE-2023-46645 describes a path traversal vulnerability in GitHub Enterprise Server that enables arbitrary file reading when building a GitHub Pages site. The attacker must have permission to create and build a GitHub Pages site on the affected server. Affected versions include all releases since...

6.8CVSS5.4AI score0.00791EPSS
Exploits0References5Affected Software1
Openbugbounty
Openbugbounty
added 2023/12/21 10:8 a.m.8 views

gardenofedenfloral.com Cross Site Scripting vulnerability OBB-3819574

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/12/21 10:8 a.m.11 views

flowersedmontonab.com Cross Site Scripting vulnerability OBB-3819573

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/12/21 8:53 a.m.9 views

hegesztes.ktk.bme.hu Cross Site Scripting vulnerability OBB-3819391

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/12/21 3:41 a.m.163 views

Urgent: New Chrome Zero-Day Vulnerability Exploited in the Wild - Update ASAP

Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild. The vulnerability, assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug in the WebRTC framework that...

9.6CVSS9.6AI score0.99739EPSS
Exploits19
CNNVD
CNNVD
added 2023/12/21 12:0 a.m.3 views

ClickHouse Number Error Vulnerability

ClickHouse is ClickHouse's fastest and most resource efficient open source database for real-time applications and analytics. ClickHouse suffers from a numeric error vulnerability that stems from the presence of a stack buffer overflow, resulting in an integer underflow and program crash...

7.5CVSS7AI score0.00634EPSS
Exploits0References4
Openbugbounty
Openbugbounty
added 2023/12/20 5:36 p.m.6 views

lautern-frueher.de Improper Access Control vulnerability OBB-3819246

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/12/20 5:18 p.m.8 views

koch-tante.de Improper Access Control vulnerability OBB-3819212

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/12/20 5:1 p.m.8 views

kaleidoskop-suedpark.de Improper Access Control vulnerability OBB-3819173

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/12/20 4:44 p.m.5 views

inspiration69.de Improper Access Control vulnerability OBB-3819137

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/12/20 12:18 p.m.7 views

beershelf.com Improper Access Control vulnerability OBB-3819043

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/12/20 8:44 a.m.12 views

aqocdiitbzn.mee.nu Cross Site Scripting vulnerability OBB-3818977

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2023/12/20 12:0 a.m.162 views

Stable Channel Update for Desktop

The Stable channel has been updated to 120.0.6099.129 for Mac,Linux and 120.0.6099.129/130 to Windows which will roll out over the coming days/weeks. A full list of changes in this build is available in the nulllog. The Extended Stable channel has been updated to 120.0.6099.129 for Mac and...

8.8CVSS9.3AI score0.07356EPSS
Exploits2Affected Software1
Openbugbounty
Openbugbounty
added 2023/12/19 6:34 p.m.11 views

hairapartment.de Improper Access Control vulnerability OBB-3818794

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Rows per page
Query Builder