An heap overflow vulnerability was discovered in Bytecode alliance wasm-micro-runtime v.1.2.3 allows a remote attacker to cause a denial of service via the wasm_loader_prepare_bytecode function in...
7.5CVSS
7.1AI Score
0.001EPSS
The Easy Forms for Mailchimp WordPress plugin through 6.8.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is...
4.8CVSS
6AI Score
0.0004EPSS
A vulnerability classified as problematic has been found in yikes-inc-easy-mailchimp-extender Plugin up to 6.8.5. This affects an unknown part of the file admin/partials/ajax/add_field_to_form.php. The manipulation of the argument field_name/merge_tag/field_type/list_id leads to cross site...
6.1CVSS
6AI Score
0.001EPSS
The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape a parameter before outputting it back in the page when the debug option is enabled, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as...
6.1CVSS
6.2AI Score
0.001EPSS
The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape some of its from parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite.....
4.8CVSS
5.8AI Score
0.0005EPSS
The Easy Forms for Mailchimp WordPress plugin before 6.8.8 does not sanitise and escape some parameters before outputting them back in the response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as...
6.1CVSS
6.2AI Score
0.001EPSS
The Easy Forms for Mailchimp WordPress plugin before 6.8.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...
5.4CVSS
6AI Score
0.001EPSS
Bytecode Alliance wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) before 1.3.0 can have an "double free or corruption" error for a valid WebAssembly module because push_pop_frame_ref_offset is...
5.5CVSS
7AI Score
0.0004EPSS
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in YIKES, Inc. Easy Forms for Mailchimp plugin <= 6.8.8...
6.1CVSS
6.1AI Score
0.0005EPSS
Payara Micro Community 5.2021.6 Directory Traversal
Payara Micro Community 5.2021.6 and below contains a directory traversal...
7.5CVSS
7.5AI Score
0.155EPSS
Micro Focus UCMDB - Remote Code Execution
Micro Focus UCMDB is susceptible to remote code execution. Impacted products include Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions, and Operations Bridge (containerized) 2020.05, 2019.08,...
9.8CVSS
9.8AI Score
0.233EPSS
Micro Focus Operations Bridge Reporter - Remote Code Execution
Micro Focus Operations Bridge Reporter 10.40 is susceptible to remote code execution. An attacker can potentially execute malware, obtain sensitive information, modify data, and/or execute unauthorized operations without entering necessary...
9.8CVSS
9.9AI Score
0.964EPSS
Trend Micro Threat Discovery Appliance 2.6.1062r1 - Authentication Bypass
Trend Micro Threat Discovery Appliance 2.6.1062r1 is vulnerable to a directory traversal vulnerability when processing a session_id cookie, which allows a remote, unauthenticated attacker to delete arbitrary files as root. This can be used to bypass authentication or cause a...
9.8CVSS
9.6AI Score
0.967EPSS
Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution
Micro Focus Operations Bridge Manager in versions 2020.05 and below is vulnerable to remote code execution via UCMDB. The vulnerability allows remote attackers to execute arbitrary code on affected installations of Data Center Automation. An attack requires network access and authentication as a...
8.8CVSS
9AI Score
0.837EPSS
CVE-2023-38831 PoC (Proof Of Concept) This is an easy to use...
7.8CVSS
8.3AI Score
0.381EPSS
Super Micro Detection (Windows)
According to the WMI information, the remote Windows host appears to be running on hardware manufactured by Super Micro. Since it is physically accessible through the network, ensure that its configuration matches your organization's security...
2.8AI Score
TensorFlow is an open source platform for machine learning. The GatherNd function takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. This issue has been...
9.1CVSS
6.7AI Score
0.001EPSS
inc-conso.fr Cross Site Scripting vulnerability OBB-3872425
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an...
5.9CVSS
5.7AI Score
0.008EPSS
Super Micro detection (dmidecode)
According to the DMI information, the remote host contains hardware manufactured by Super Micro. Since it is physically accessible through the network, ensure that its configuration matches your organization's security...
1.1AI Score
CVE-2024-0552 Intumit inc. SmartRobot - Remote Code Execution
Intumit inc. SmartRobot's web framwork has a remote code execution vulnerability. An unauthorized remote attacker can exploit this vulnerability to execute arbitrary commands on the remote...
9.8CVSS
10AI Score
0.002EPSS
Trend Micro Control Manager Detection
Trend Micro Control Manager, a centralized threat and data protection management application, is installed on the remote Windows...
1.5AI Score
Trend Micro OfficeScan Client Version
The remote host is running TrendMicro OfficeScan client, an embedded HTTP server used by TrendMicro antivirus...
1AI Score
Micro Focus Network Automation Detection
Micro Focus Network Automation (formerly HP Network Automation), a web-based application for automating IT processes, is running on the remote...
1.2AI Score
xen is vulnerable to Information Disclosure. Under specific micro architectural circumstances, an attacker is able to potentially access sensitive user...
5.5CVSS
6.7AI Score
0.001EPSS
Server Side Request Forgery (SSRF) vulnerability in NebulaGraph Studio version 3.7.0, allows remote attackers to gain sensitive...
7.5CVSS
7.4AI Score
0.001EPSS
Micro Focus NetIQ Access Manager Installed (Windows)
Micro Focus NetIQ Access Manager is installed on the remote Windows...
7.1AI Score
micro-mobility.fr Cross Site Scripting vulnerability OBB-3865043
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
micro-tronik.com Cross Site Scripting vulnerability OBB-3901748
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Trend Micro Control Manager CmdProcessor.exe Detection
CmdProcessor.exe is one of the processes spawned by the Trend Micro Control Manager. It's responsible for sending XML instructions, formed by other processes, to managed products and processing product registration. It also sends alerts, performs scheduled tasks, and applies Outbreak Prevention...
1.1AI Score
Trend Micro ServerProtect Information Server Detection
The Trend Micro ServerProtect Information Server is running on the remote...
0.9AI Score
Trend Micro OfficeScan Web Interface Detection
Trend Micro OfficeScan, an enterprise security platform, is running on the remote host. It is possible to extract version information if login credentials are...
2AI Score
Trend Micro Control Manager Detection (uncredentialed)
Trend Micro Control Manager, a centralized threat and data protection management application, is running on the remote...
1.3AI Score
Trend Micro Message Routing Framework Detection
Trend Micro Message Routing Framework (MRF) is running on the remote host. MRF is a component of the Trend Micro Infrastructure (TMI), which itself is a component of the Trend Micro Control Manager Architecture. MRF interacts with Control Manager 2.x agents to communicate with managed products. It....
1AI Score
Trend Micro Smart Protection Server Detection
The remote host is running Trend Micro Smart Protection Server, an in-the-cloud based, advanced protection solution that leverages file reputation and web reputation technology to detect security...
0.6AI Score
Code Insert Manager (Q2W3 Inc Manager) <= 2.5.3 - Reflected Cross-Site Scripting
Description The Code Insert Manager (Q2W3 Inc Manager) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 2.5.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
5.8CVSS
6.7AI Score
0.0004EPSS
@workos-inc/authkit-nextjs vulnerable to Session Fixation. This vulnerability is due to the improper handling of expired sessions within session.ts. This allowing an attacker to reuse an expired session by controlling the x-workos-session...
4.8CVSS
6.8AI Score
0.0004EPSS
Micro Focus NetIQ Access Manager Installed (Linux)
Micro Focus NetIQ Access Manager is installed on the remote Linux...
7.1AI Score
Trend Micro Deep Security Agent Installed (Linux)
Trend Micro Deep Security Agent which provides application control, anti-malware, web reputation service, firewall, intrusion prevention, integrity monitoring, and log inspection protection is installed on the remote Linux...
1.3AI Score
Trend Micro Apex One Server Installed (Windows)
Trend Micro Apex One, a server for managing endpoint protection agents, is installed on the remote Windows...
2.2AI Score
Trend Micro Worry-Free Business Security Detection
The web console for Trend Micro Worry-Free Business Security (WFBS), a commercial antivirus server application for Windows, is running on the remote...
1.5AI Score
Trend Micro SafeSync for Enterprise (SSFE) Detection
Trend Micro SafeSync for Enterprise, an enterprise data management application, is running on the remote...
1.1AI Score
Trend Micro ScanMail for Exchange Installation Detection
Trend Micro ScanMail for Exchange (SMEX), an email security and filtering application built on top of Microsoft Exchange, is installed on the remote Windows...
1AI Score
Trend Micro Deep Security Manager Installed (Windows)
Trend Micro Deep Security Manager, a web-based management console that administrators use to configure security policy and deploy protection, is installed on the remote Windows...
1.9AI Score
Trend Micro Deep Security Agent Installed (Windows)
Trend Micro Deep Security Agent which provides application control, anti-malware, web reputation service, firewall, intrusion prevention, integrity monitoring, and log inspection protection is installed on the remote Windows...
1.8AI Score
Explore AI-Driven Cybersecurity with Trend Micro, Using NVIDIA NIM
Discover Trend Micro's integration of NVIDIA NIM to deliver an AI-driven cybersecurity solution for next-generation data centers. Engage with experts, explore demos, and learn strategies for securing AI data centers and optimizing cloud...
7.3AI Score
DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or...
7.5CVSS
7.5AI Score
0.024EPSS
A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Item/Configure permission to access and capture credentials they are not entitled to. See the following Jenkins security advisory for details: * ...
6.5CVSS
7AI Score
0.001EPSS
A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. See the following Jenkins security advisory for details: * ...
6.5CVSS
6.7AI Score
0.001EPSS
[SECURITY] Fedora 39 Update: dotnet8.0-8.0.105-1.fc39
.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...
7.1AI Score