Lucene search
K

293 matches found

Prion
Prion
added 2023/05/22 10:15 a.m.12 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Thomas Belser Asgaros Forum plugin = 2.2.0 versions...

6.8CVSS8.7AI score0.00264EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/05/22 9:55 a.m.12 views

CVE-2022-41608 WordPress Asgaros Forum Plugin <= 2.2.0 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Thomas Belser Asgaros Forum plugin = 2.2.0 versions...

5.4CVSS7.2AI score0.00264EPSS
Exploits0References4
Patchstack
Patchstack
added 2023/04/14 12:0 a.m.9 views

WordPress ShiftController Employee Shift Scheduling Plugin <= 4.9.25 is vulnerable to Cross Site Scripting (XSS)

Software ShiftController Employee Shift Scheduling Type Plugin Vulnerable versions = 4.9.25 Fixed in 4.9.26 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1978 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID dde7717ec078...

6.1CVSS5.6AI score0.00433EPSS
Exploits0References3Affected Software1
ICS
ICS
added 2023/04/10 4:8 p.m.67 views

Korenix Jetwave

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Korenix Equipment: Jetwave Vulnerabilities: Command Injection, Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to gain full...

8.8CVSS9.1AI score0.0383EPSS
Exploits3References5
Intel
Intel
added 2023/02/14 12:0 a.m.44 views

QATzip for Intel® QAT Advisory

Summary: A potential security vulnerability in the QATzip software maintained by Intel® for Intel® QuickAssist Technology QAT may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-36369 Description:...

7.8CVSS7.6AI score0.00251EPSS
Exploits0
Openbugbounty
Openbugbounty
added 2022/12/18 3:6 p.m.19 views

thedirectory-thomas-s.co.uk Cross Site Scripting vulnerability OBB-3107375

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Patchstack
Patchstack
added 2022/10/18 12:0 a.m.26 views

WordPress core <= 6.0.2 - Content From Multipart Emails Leak vulnerability

Content From Multipart Emails Leak vulnerability when HTML/plaintext used discovered by Thomas Kräftner in WordPress core versions = 6.0.2. Solution Update the WordPress WordPress wordpress to the latest available version at least 6.0.3...

2.1AI score
Exploits0References2Affected Software1
CNVD
CNVD
added 2022/10/11 12:0 a.m.18 views

LIEF Denial of Service Vulnerability

LIEF is a cross-platform library from the personal developer Romain Thomas. Used for parsing, modifying and abstracting Elf, Pe and MachO formats, a denial of service vulnerability exists in LIEF v0.12.1, which stems from a failure to properly handle incoming error messages in the initandparse...

6.5CVSS4AI score0.00586EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/09/13 12:0 a.m.5 views

LIEF 代码问题漏洞

LIEF is a cross-platform library from the individual developer Romain Thomas. It is used to parse, modify and abstract Elf, Pe and MachO formats. LIEF suffers from a code issue vulnerability that stems from a segmentation violation found in the LIEF::MachO::SegmentCommand::fileoffset function in...

5.5CVSS5.8AI score0.00291EPSS
Exploits1References2
0day.today
0day.today
added 2022/07/21 12:0 a.m.407 views

OctoBot WebInterface 0.4.3 - Remote Code Execution Exploit

Exploit Title: OctoBot WebInterface 0.4.3 - Remote Code Execution RCE Exploit Author: Samy Younsi, Thomas Knudsen Vendor Homepage: https://www.octobot.online/ Software Link: https://github.com/Drakkar-Software/OctoBot Version: 0.4.0beta3 - 0.4.3 Tested on: Linux Ubuntu, CentOs CVE : CVE-2021-3671...

9.8CVSS0.12077EPSS
Exploits4
Openbugbounty
Openbugbounty
added 2022/07/04 6:42 a.m.13 views

thomas-luebow.de Cross Site Scripting vulnerability OBB-2718463

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
CNNVD
CNNVD
added 2022/05/06 12:0 a.m.3 views

bignum 安全漏洞

bignum is an arbitrary precision integral algorithm for Node.js using OpenSSL by Stefan Thomas, a personal developer. A security vulnerability exists in bignum that stems from vulnerability to denial of service DoS attacks...

7.5CVSS7.4AI score0.0141EPSS
Exploits1References4
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/05/04 4:0 p.m.24 views

How a senior product manager is leading the passwordless movement at Microsoft

May 5, 2022, is World Password Day, a day we all use to create awareness around password security. At Microsoft, we choose to celebrate replacing passwords with better and more secure ways to sign in. I can’t think of a better person at Microsoft to represent this journey than Libby Brown, a seni...

7.6AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/04/24 9:58 a.m.9 views

glennthomas.us Cross Site Scripting vulnerability OBB-2548122

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
OSV
OSV
added 2022/03/10 8:21 p.m.2 views

USN-5322-1 subversion vulnerability

Thomas Akesson discovered that Subversion incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.1AI score0.40075EPSS
Exploits1References2
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2022/03/01 12:0 a.m.453 views

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 99 to the stable channel for Windows, Mac and Linux.This will roll out over the coming days/weeks. Chrome 99.0.4844.51 for Windows,Mac and Linux contains a number of fixes and improvements -- a list of changes is available in the lo...

9.6CVSS8.4AI score0.01677EPSS
Exploits5Affected Software1
Kitploit
Kitploit
added 2021/03/31 8:30 p.m.802 views

Rubeus - C# Toolset For Raw Kerberos Interaction And Abuses

Rubeus is a C toolset for raw Kerberos interaction and abuses. It is heavily adapted from Benjamin Delpy's Kekeo project CC BY-NC-SA 4.0 license and Vincent LE TOUX's MakeMeEnterpriseAdmin project GPL v3.0 license. Full credit goes to Benjamin and Vincent for working out the hard components of...

7.7AI score
Exploits0References14
Apache Tomcat
Apache Tomcat
added 2021/03/10 12:0 a.m.47 views

Fixed in Apache Tomcat 10.0.4

Note: The issue below was fixed in Apache Tomcat 10.0.3 but the release vote for the 10.0.3 release candidate did not pass. Therefore, although users must download 10.0.4 to obtain a version that includes a fix for these issues, version 10.0.3 is not included in the list of affected versions...

7.5CVSS7.4AI score0.06687EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2021/01/26 12:0 a.m.6 views

Cody Thomas Mythic Cross-Site Scripting Vulnerability

Cody Thomas Mythic is a Python-based platform used by Cody Thomas Individual Developer to provide solutions to Opsec issues. Cody Thomas Mythic 1.4 suffers from a cross-site scripting vulnerability that allows an attacker to steal remote administrative user sessions or add new users to the admin...

5.4CVSS5.9AI score0.00591EPSS
Exploits1References3
Openbugbounty
Openbugbounty
added 2020/10/29 6:54 a.m.8 views

thomas-guichard.fr Cross Site Scripting vulnerability OBB-1460724

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Rows per page
Query Builder