Path traversal in webpack-dev-middleware
Summary The webpack-dev-middleware middleware does not validate the supplied URL address sufficiently before returning the local file. It is possible to access any file on the developer's machine. Details The middleware can either work with the physical filesystem when reading the files or it can.....
7.4CVSS
6.3AI Score
0.0004EPSS
Path traversal in webpack-dev-middleware
Summary The webpack-dev-middleware middleware does not validate the supplied URL address sufficiently before returning the local file. It is possible to access any file on the developer's machine. Details The middleware can either work with the physical filesystem when reading the files or it can.....
7.4CVSS
6.4AI Score
0.0004EPSS
Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently before returning the local file. It is possible to access any file on the developer's machine. The middleware can either work with the...
7.4CVSS
7.3AI Score
0.0004EPSS
Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently before returning the local file. It is possible to access any file on the developer's machine. The middleware can either work with the...
7.4CVSS
7.2AI Score
0.0004EPSS
Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently before returning the local file. It is possible to access any file on the developer's machine. The middleware can either work with the...
7.4CVSS
7AI Score
0.0004EPSS
CVE-2024-29180 webpack-dev-middleware Path Traversal vulnerability
Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently before returning the local file. It is possible to access any file on the developer's machine. The middleware can either work with the...
7.4CVSS
7.3AI Score
0.0004EPSS
A vulnerability classified as problematic has been found in MHA Sistemas arMHAzena 9.6.0.0. This affects an unknown part of the component Cadastro Page. The manipulation of the argument Query leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
3.5CVSS
3.6AI Score
0.0004EPSS
A vulnerability classified as critical was found in MHA Sistemas arMHAzena 9.6.0.0. This vulnerability affects unknown code of the component Executa Page. The manipulation of the argument Companhia/Planta/Agente de/Agente até leads to sql injection. The attack can be initiated remotely. The...
6.3CVSS
6.9AI Score
0.0004EPSS
A vulnerability classified as critical was found in MHA Sistemas arMHAzena 9.6.0.0. This vulnerability affects unknown code of the component Executa Page. The manipulation of the argument Companhia/Planta/Agente de/Agente até leads to sql injection. The attack can be initiated remotely. The...
6.3CVSS
7.4AI Score
0.0004EPSS
A vulnerability classified as problematic has been found in MHA Sistemas arMHAzena 9.6.0.0. This affects an unknown part of the component Cadastro Page. The manipulation of the argument Query leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
3.5CVSS
6AI Score
0.0004EPSS
CVE-2024-2480 MHA Sistemas arMHAzena Executa Page sql injection
A vulnerability classified as critical was found in MHA Sistemas arMHAzena 9.6.0.0. This vulnerability affects unknown code of the component Executa Page. The manipulation of the argument Companhia/Planta/Agente de/Agente até leads to sql injection. The attack can be initiated remotely. The...
6.3CVSS
7.1AI Score
0.0004EPSS
CVE-2024-2479 MHA Sistemas arMHAzena Cadastro Page cross site scripting
A vulnerability classified as problematic has been found in MHA Sistemas arMHAzena 9.6.0.0. This affects an unknown part of the component Cadastro Page. The manipulation of the argument Query leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
3.5CVSS
4AI Score
0.0004EPSS
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's blocks in all versions up to, and including, 2.4.6 due to insufficient input sanitization and output escaping on the 'titleTag' user supplied attributes. This makes it...
6.4CVSS
6AI Score
0.0004EPSS
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's blocks in all versions up to, and including, 2.4.6 due to insufficient input sanitization and output escaping on the 'titleTag' user supplied attributes. This makes it...
6.4CVSS
5.7AI Score
0.0004EPSS
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's blocks in all versions up to, and including, 2.4.6 due to insufficient input sanitization and output escaping on the 'titleTag' user supplied attributes. This makes it...
6.4CVSS
5.8AI Score
0.0004EPSS
Summary A Minder user can use the endpoints listed in the issue title to access any repository in the DB, irrespective of who owns the repo and any permissions that user may have. Details...
7.1CVSS
6.3AI Score
0.0004EPSS
Summary A Minder user can use the endpoints listed in the issue title to access any repository in the DB, irrespective of who owns the repo and any permissions that user may have. Details...
7.1CVSS
6.6AI Score
0.0004EPSS
The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the onclick parameter in all versions up to, and including, 1.58.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor...
6.4CVSS
6AI Score
0.0004EPSS
The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the onclick parameter in all versions up to, and including, 1.58.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor...
6.4CVSS
5.6AI Score
0.0004EPSS
berlin-en-ligne.com Cross Site Scripting vulnerability OBB-3859645
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
7.4AI Score
7.4AI Score
Russian Government Software Backdoored to Deploy Konni RAT Malware
An installer for a tool likely used by the Russian Consular Department of the Ministry of Foreign Affairs (MID) has been backdoored to deliver a remote access trojan called Konni RAT (aka UpDog). The findings come from German cybersecurity company DCSO, which linked the activity as originating...
9.4AI Score
7.4AI Score
0.0004EPSS
OpenOLAT 18.1.5 Cross Site Scripting / Privilege Escalation Vulnerabilities
OpenOLAT versions 18.1.4 and below and versions 18.1.5 and below suffer from multiple persistent cross site scripting...
6.3AI Score
0.0004EPSS
The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the onclick parameter in all versions up to, and including, 1.58.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor...
6.4CVSS
5.7AI Score
0.0004EPSS
Post-quantum Cryptography for the Go Ecosystem
filippo.io/mlkem768 is a pure-Go implementation of ML-KEM-768 optimized for correctness and readability. ML-KEM (formerly known as Kyber, renamed because we can't have nice things) is a post-quantum key exchange mechanism in the process of being standardized by NIST and adopted by most of the...
6.8AI Score
The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on multiple AJAX actions in all versions up to, and including, 2.1.9. This makes it possible for authenticated attackers, with...
5.4CVSS
5AI Score
0.001EPSS
The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on multiple AJAX actions in all versions up to, and including, 2.1.9. This makes it possible for authenticated attackers, with...
5.4CVSS
5AI Score
0.001EPSS
The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via currency options in all versions up to, and including, 1.4.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
5.4CVSS
5.2AI Score
0.001EPSS
The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via currency options in all versions up to, and including, 1.4.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
5.4CVSS
5.1AI Score
0.001EPSS
ehe-berlin-brandenburg.de Cross Site Scripting vulnerability OBB-3831741
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via currency options in all versions up to, and including, 1.4.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
5.4CVSS
5.3AI Score
0.001EPSS
The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on multiple AJAX actions in all versions up to, and including, 2.1.9. This makes it possible for authenticated attackers, with...
5.4CVSS
5.3AI Score
0.001EPSS
Description of the security update for SharePoint Server Subscription Edition: January 9, 2024 (KB5002540) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and...
8.8CVSS
9AI Score
0.002EPSS
Leap year not accounted for OLAS and veOLAS contract
Lines of code https://github.com/code-423n4/2023-12-autonolas/blob/2a095eb1f8359be349d23af67089795fb0be4ed1/governance/contracts/veOLAS.sol#L101 Vulnerability details Impact OLAS and veOLAS contract does not account for years with 366 days in it's state variables uint256 public constant oneYear =.....
7AI Score
Researchers Crack Tesla Autopilot with ‘Elon Mode,’ Access Critical Data
By Deeba Ahmed German cybersecurity researchers from Technische Universität Berlin employed a €600 (£520 - $660) tool to gain root access to the ARM64-based circuit board of Tesla's autopilot. This is a post from HackRead.com Read the original post: Researchers Crack Tesla Autopilot with 'Elon...
7.5AI Score
ewen-lbh/ffcss Late-Unicode normalization vulnerability
Summary The function lookupPreprocess() is meant to apply some transformations to a string by disabling characters in the regex [-_ .]. However, due to the use of late Unicode normalization of type NFKD, it is possible to bypass that validation and re-introduce all the characters in the regex [-_.....
5.3CVSS
6.7AI Score
0.0005EPSS
ewen-lbh/ffcss Late-Unicode normalization vulnerability
Summary The function lookupPreprocess() is meant to apply some transformations to a string by disabling characters in the regex [-_ .]. However, due to the use of late Unicode normalization of type NFKD, it is possible to bypass that validation and re-introduce all the characters in the regex [-_.....
5.3CVSS
7.2AI Score
0.0005EPSS
7.4AI Score
0.0004EPSS
Proxy's logic contract relies on code in the constructor
Lines of code 122, 50, 25, 67, 98, 67, 22 Vulnerability details Logic contracts cannot rely on code in their constructors, because proxy contracts do not re-execute the logic contract's constructor - only its initializer. Move all code in the constructor to the initializer function. File:...
7.2AI Score
High risk in integrating Ocean with Curve TriCrypto pool on Arbitrum
Lines of code Vulnerability details Impact The Curve TriCrypto adapter contract enables swapping, adding liquidity, and removing liquidity for the USDT-WBTC-ETH pool on Arbitrum. However, this pool has been flagged for potential exploit risks. Curve Finance issued a warning: This pool might be...
7.1AI Score
berlin-partner.de Cross Site Scripting vulnerability OBB-3803356
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Proxy's logic contract relies on code in the constructor
Lines of code 122, 50, 25, 67, 98, 67, 22 Vulnerability details Impact Logic contracts cannot rely on code in their constructors, because proxy contracts do not re-execute the logic contract's constructor - only its initializer. Move all code in the constructor to the initializer function. File:...
7.2AI Score
berlin-underground.com Improper Access Control vulnerability OBB-3794065
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
Price can be easily inflated/deflated by large depositors in the Market contract
Lines of code https://github.com/code-423n4/2023-11-canto/blob/335930cd53cf9a137504a57f1215be52c6d67cb3/1155tech-contracts/src/bonding_curve/LinearBondingCurve.sol#L21-L22 Vulnerability details Impact An attacker can manipulate/inflate market prices by donating/buying large amounts of tokens which....
7.1AI Score
Description of the security update for SharePoint Server Subscription Edition: November 14, 2023 (KB5002527) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and...
6.8CVSS
7.4AI Score
0.001EPSS
testing submission form - IGNORE
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps Assessed...
7.2AI Score
Arid Viper disguising mobile spyware as updates for non-malicious Android applications
Since April 2022, Cisco Talos has been tracking a malicious campaign operated by the espionage-motivated Arid Viper advanced persistent threat (APT) group targeting Arabic-speaking Android users. In this campaign, the actors leverage custom mobile malware, also known as Android Package files...
7AI Score
berlin-muenzberg.de Improper Access Control vulnerability OBB-3769336
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.9AI Score