espace-mandela-lca.com Cross Site Scripting vulnerability OBB-1449506
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence....
-0.1AI Score
The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLE_GIT_HOOKS line....
7.2CVSS
7.2AI Score
0.973EPSS
The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLE_GIT_HOOKS line....
7.2CVSS
0.973EPSS
The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLE_GIT_HOOKS line....
7.3AI Score
0.973EPSS
CISO Stressbusters: 7 tips for weathering the cybersecurity storms
An essential requirement of being a Chief Information Security Officer (CISO) is stakeholder management. In many organizations, security is still seen as a support function; meaning, any share of the budget you receive may be viewed jealously by other departments. Bringing change to an...
-0.6AI Score
CISO Stressbusters: 7 tips for weathering the cybersecurity storms
An essential requirement of being a Chief Information Security Officer (CISO) is stakeholder management. In many organizations, security is still seen as a support function; meaning, any share of the budget you receive may be viewed jealously by other departments. Bringing change to an...
-0.6AI Score
Description of the security update for SharePoint Foundation 2013: October 13, 2020
Description of the security update for SharePoint Foundation 2013: October 13, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
7.5AI Score
0.909EPSS
espace-client.fletesia.fr Cross Site Scripting vulnerability OBB-1334639
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence....
-0.1AI Score
Disinformation Spurs a Thriving Industry as U.S. Election Looms
In the years since the 2016 U.S. Presidential Election, threat actors have pieced together a new playbook for sowing confusion and doubt within the American electorate. On Wednesday, researchers with Cisco Talos released a report [PDF] that details how a number of these new sophisticated campaigns....
-0.3AI Score
Description of the security update for SharePoint Foundation 2013: August 11, 2020
Description of the security update for SharePoint Foundation 2013: August 11, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
6.5AI Score
0.014EPSS
Cisco SD-WAN Solution Software Buffer Overflow Vulnerability (cisco-sa-sdbufof-h5f5VSeL)
According to its self-reported version, Cisco IOS XE SD-WAN Software is affected by a buffer overflow vulnerability. This could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could...
9.8CVSS
10AI Score
0.009EPSS
Chris Vickery: AI Will Drive Tomorrow’s Data Breaches
From malicious hacks to accidental misconfigurations, Chris Vickery has seen it all. But as cybercriminals continue to innovate, Vickery, the director of risk research with UpGuard, said one emerging security threat will “blindside” the world: “fakeable” voices. More bad actors using artificial...
-0.5AI Score
espace-emplois.fr Cross Site Scripting vulnerability OBB-1225367
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence....
-0.1AI Score
The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the....
7.5CVSS
7.7AI Score
0.002EPSS
Zoho ManageEngine ServiceDesk Plus before 11.1 build 11115 allows remote unauthenticated attackers to change the installation status of deployed...
7.5CVSS
7.6AI Score
0.004EPSS
Zoho ManageEngine ServiceDesk Plus before 11.1 build 11115 allows remote unauthenticated attackers to change the installation status of deployed...
7.5CVSS
7.6AI Score
0.004EPSS
Description of the security update for SharePoint Foundation 2013: June 9, 2020
Description of the security update for SharePoint Foundation 2013: June 9, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
6.6AI Score
0.297EPSS
There is a denial of service (DoS) vulnerability in some huawei products when handle TLS and DTLS handshake with certificate. This VT has been deprecated and is therefore no longer...
5.3CVSS
5.3AI Score
0.002EPSS
There is a weak algorithm vulnerability in some Huawei...
0.1AI Score
There is an input validation vulnerability in Huawei Multiple products. This VT has been deprecated and is therefore no longer...
8.8CVSS
8.9AI Score
0.004EPSS
Huawei Data Communication: RCE Vulnerability in Fastjson (huawei-sa-20191204-01-fastjson)
A remote code execution (RCE) vulnerability exists in the open- source JSON parsing library Fastjson. This VT has been deprecated and is therefore no longer...
8.2AI Score
XML parser have two DOS vulnerabilities in some Huawei...
4.7CVSS
5.1AI Score
0.001EPSS
Huawei Data Communication: Five Vulnerabilities in Some Huawei Products (huawei-sa-20191211-01-ssp)
There is an out-of-bounds read vulnerability in some Huawei...
8.6CVSS
5.8AI Score
0.001EPSS
Microsoft had released a Security Advisory 4025685 on June 14 to fix multiple critical security vulnerabilities in such systems as Microsoft Windows XP, Windows Server 2003, Windows VISTA, and Windows...
0.3AI Score
0.975EPSS
Statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc...
9.8CVSS
8AI Score
0.911EPSS
There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure that handles input lengths divisible by, but longer than 256...
5.9CVSS
7.1AI Score
0.008EPSS