Lucene search
K

1036 matches found

Positive Technologies
Positive Technologies
added 2025/02/18 12:0 a.m.4 views

PT-2025-7483 · Google +2 · Google Chrome +2

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 133.0.6943.126 Description: The issue allows a remote attacker to potentially exploit heap corruption via a crafted web app, due to a use after free in the Network component. The severity of this issue is...

10CVSS8.3AI score0.00657EPSS
Exploits0References50
Cvelist
Cvelist
added 2024/12/09 11:39 a.m.22 views

CVE-2023-48277 WordPress Super Progressive Web Apps plugin <= 2.2.21 - Broken Access Control vulnerability

Missing Authorization vulnerability in SuperPWA Super Progressive Web Apps super-progressive-web-apps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Progressive Web Apps: from n/a through = 2.2.21...

4.3CVSS0.00584EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 11:39 a.m.15 views

CVE-2023-48277 WordPress Super Progressive Web Apps plugin <= 2.2.21 - Broken Access Control vulnerability

Missing Authorization vulnerability in SuperPWA Super Progressive Web Apps super-progressive-web-apps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Progressive Web Apps: from n/a through = 2.2.21...

4.3CVSS8.6AI score0.00584EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.5 views

WordPress plugin Super Progressive Web Apps 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

4.3CVSS8.7AI score0.00584EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/10/21 12:0 a.m.28 views

Oracle Application Testing Suite (October 2024 CPU)

The versions of Oracle Application Testing Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2024 CPU advisory. - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Load Testing for Web Apps...

8.1CVSS6.3AI score0.00898EPSS
Exploits0References5
NVD
NVD
added 2024/09/18 6:15 p.m.14 views

CVE-2024-45601

Mesop is a Python-based UI framework designed for rapid web apps development. A vulnerability has been discovered and fixed in Mesop that could potentially allow unauthorized access to files on the server hosting the Mesop application. The vulnerability was related to insufficient input validatio...

7.5CVSS0.0028EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/09/18 5:49 p.m.24 views

CVE-2024-45601 Local file Inclusion via static file serving functionality in Mesop

Mesop is a Python-based UI framework designed for rapid web apps development. A vulnerability has been discovered and fixed in Mesop that could potentially allow unauthorized access to files on the server hosting the Mesop application. The vulnerability was related to insufficient input validatio...

7.5CVSS6.8AI score0.0028EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/18 5:49 p.m.17 views

CVE-2024-45601 Local file Inclusion via static file serving functionality in Mesop

Mesop is a Python-based UI framework designed for rapid web apps development. A vulnerability has been discovered and fixed in Mesop that could potentially allow unauthorized access to files on the server hosting the Mesop application. The vulnerability was related to insufficient input validatio...

7.5CVSS0.0028EPSS
Exploits0References2
OSV
OSV
added 2024/09/18 5:49 p.m.14 views

CVE-2024-45601 Local file Inclusion via static file serving functionality in Mesop

Mesop is a Python-based UI framework designed for rapid web apps development. A vulnerability has been discovered and fixed in Mesop that could potentially allow unauthorized access to files on the server hosting the Mesop application. The vulnerability was related to insufficient input validatio...

7.5CVSS6.7AI score0.0028EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/09/13 12:0 a.m.33 views

Security Updates for Microsoft Office Online Server (September 2024)

The Microsoft Office Web Apps installation on the remote host is missing a security update. It is, therefore, affected by the following: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2024-43465 Note that Nessus has not tested for this iss...

7.8CVSS5.6AI score0.008EPSS
Exploits0References2
NVD
NVD
added 2024/09/10 5:15 p.m.24 views

CVE-2024-38194

An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network...

9.9CVSS0.0128EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/10 4:54 p.m.26 views

CVE-2024-38194 Azure Web Apps Elevation of Privilege Vulnerability

...

8.4CVSS0.0128EPSS
Exploits0References1
CVE
CVE
added 2024/09/10 4:54 p.m.83 views

CVE-2024-38194

CVE-2024-38194 represents an Elevation of Privilege vulnerability in Azure Web Apps caused by improper authorization. The CVE is cited as enabling an authenticated attacker to elevate privileges over a network. Connected sources corroborate Azure Web Apps as the affected product and indicate Micr...

9.9CVSS9AI score0.0128EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/10 4:54 p.m.22 views

CVE-2024-38194 Azure Web Apps Elevation of Privilege Vulnerability

...

8.4CVSS8.4AI score0.0128EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2024/09/10 7:0 a.m.24 views

Azure Web Apps Elevation of Privilege Vulnerability

An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network...

9.9CVSS6.8AI score0.0128EPSS
Exploits0
Kaspersky
Kaspersky
added 2024/09/10 12:0 a.m.30 views

KLA73221 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Azure CycleCloud can be exploited remotely to execute...

9.9CVSS8.3AI score0.01595EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/09/10 12:0 a.m.4 views

PT-2024-27899 · Microsoft · Azure Web Apps

Name of the Vulnerable Software and Affected Versions: Azure Web Apps affected versions not specified Description: An authenticated attacker can exploit an improper authorization issue in Azure Web Apps to elevate privileges over a network. Recommendations: At the moment, there is no information...

9.9CVSS6.7AI score0.0128EPSS
Exploits0References6
HackRead
HackRead
added 2024/08/20 10:49 p.m.13 views

New Phishing Attacks Target Eastern European Bank Users on iOS and Android

Cybercriminals exploit Progressive Web Apps PWAs in the latest phishing scam, targeting mobile users in Czechia, Hungary, and…...

7.3AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2024/08/20 10:0 p.m.12 views

An AWS Configuration Issue Could Expose Thousands of Web Apps

Amazon has updated its instructions for how customers should more securely implement AWS's traffic-routing service known as Application Load Balancer, but it's not clear everyone will get the memo...

7.4AI score
Exploits0
NVD
NVD
added 2024/07/12 3:15 p.m.39 views

CVE-2024-39903

Solara is a pure Python, React-style framework for scaling Jupyter and web apps. A Local File Inclusion LFI vulnerability was identified in widgetti/solara, in version 1.35.1, which was fixed in version 1.35.1. This vulnerability arises from the application's failure to properly validate URI...

8.6CVSS0.02884EPSS
Exploits0References2
Rows per page
Query Builder