Corona Virus (COVID-19) Banner & Live Data Security Vulnerabilities

field-map.com Cross Site Scripting vulnerability OBB-3938677

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

fbcsarasota.com Cross Site Scripting vulnerability OBB-3938675

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

edicionmedica.ec Cross Site Scripting vulnerability OBB-3938668

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

editions-oriflam.com Cross Site Scripting vulnerability OBB-3938669

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

easternneurology.com Cross Site Scripting vulnerability OBB-3938666

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

correze-decouverte.fr Cross Site Scripting vulnerability OBB-3938659

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Exploit for CVE-2024-33883

CVE-2024-33883 Insufficient Prototype Pollution...

mobilemap.petschge.de Cross Site Scripting vulnerability OBB-3938601

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Authentication Bypasses in MOVEit Transfer and MOVEit Gateway

On June 25, 2024, Progress Software published information on two new vulnerabilities in MOVEit Transfer and MOVEit Gateway: CVE-2024-5806, a critical authentication bypass affecting the MOVEit Transfer SFTP service in a default configuration; and CVE-2024-5805, a critical SFTP-associated...

Takeaways From The Take Command Summit: Understanding Modern Cyber Attacks

In today's cybersecurity landscape, staying ahead of evolving threats is crucial. The State of Security Panel from our Take Command summit held May 21st delved into how artificial intelligence (AI) is reshaping cyber attacks and defenses. The discussion highlighted the dual role of AI in...

Adobe Commerce & Magento - CosmicSting

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code...

libheif vulnerabilities

It was discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-11471) Reza Mirzazade Farkhani discovered that libheif incorrectly handled...

CVE-2024-37354

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix crash on racing fsync and size-extending write into prealloc We have been seeing crashes on duplicate keys in btrfs_set_item_key_safe(): BTRFS critical (device vdb): slot 4 key (450 108 8192) new key (450 108 8192) ...

CVE-2024-37354

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix crash on racing fsync and size-extending write into prealloc We have been seeing crashes on duplicate keys in btrfs_set_item_key_safe(): BTRFS critical (device vdb): slot 4 key (450 108 8192) new key (450 108 8192) ...

CVE-2024-37354

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix crash on racing fsync and size-extending write into prealloc We have been seeing crashes on duplicate keys in btrfs_set_item_key_safe(): BTRFS critical (device vdb): slot 4 key (450 108 8192) new key (450 108...

CVE-2023-37541

HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain...

CVE-2023-37541

HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain...

CVE-2023-37541 HCL Connections is vulnerable to a broken access control vulnerability

HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain...

CVE-2023-37541 HCL Connections is vulnerable to a broken access control vulnerability

HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain...

CVE-2024-37354 btrfs: fix crash on racing fsync and size-extending write into prealloc

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix crash on racing fsync and size-extending write into prealloc We have been seeing crashes on duplicate keys in btrfs_set_item_key_safe(): BTRFS critical (device vdb): slot 4 key (450 108 8192) new key (450 108 8192) ...

CVE-2024-37354 btrfs: fix crash on racing fsync and size-extending write into prealloc

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix crash on racing fsync and size-extending write into prealloc We have been seeing crashes on duplicate keys in btrfs_set_item_key_safe(): BTRFS critical (device vdb): slot 4 key (450 108 8192) new key (450 108 8192) ...

Stolen Singaporean Identities Sold on Dark Web Starting at $8

Singapore citizens, beware! Cybercriminals are targeting your digital identities and KYC data, starting at just $8, putting users at risk of exploitation. Learn how to protect your data, finances, and reputation with strong passwords, multi-factor authentication, and smart online...

Malicious code in banner-jobsub (RubyGems)

-= Per source details. Do not edit below this...

Malicious code in aliyun-live (RubyGems)

-= Per source details. Do not edit below this...

Malicious code in virus-muerto (PyPI)

-= Per source details. Do not edit below this...

Malicious code in sc-concurrent-log-handler (PyPI)

-= Per source details. Do not edit below this...

Malicious code in mlp-data-product-producer (PyPI)

-= Per source details. Do not edit below this...

Malicious code in glovo-data-platform-importer-brain (PyPI)

-= Per source details. Do not edit below this...

Malicious code in glovo-data-platform-declarative-airflow (PyPI)

-= Per source details. Do not edit below this...

Malicious code in glovo-data-platform-declarative (PyPI)

-= Per source details. Do not edit below this...

Malicious code in forenitz (PyPI)

-= Per source details. Do not edit below this...

Malicious code in forenity (PyPI)

-= Per source details. Do not edit below this...

Malicious code in forenith (PyPI)

-= Per source details. Do not edit below this...

Malicious code in forenitq (PyPI)

-= Per source details. Do not edit below this...

Malicious code in data-platform-observability-validation (PyPI)

-= Per source details. Do not edit below this...

Malicious code in data-platform-observability-core (PyPI)

-= Per source details. Do not edit below this...

Malicious code in data-platform-importer-brain (PyPI)

-= Per source details. Do not edit below this...

Malicious code in data-platform-dbt (PyPI)

-= Per source details. Do not edit below this...

Malicious code in data-platform-airflow-recipes (PyPI)

-= Per source details. Do not edit below this...

Malicious code in data-platform-airflow-operators (PyPI)

-= Per source details. Do not edit below this...

From Top Dogs to Unified Pack

Embracing a consolidated security ecosystem Authored by Ralph Wascow Cybersecurity is as unpredictable as it is rewarding. Each day often presents a new set of challenges and responsibilities, particularly as organizations accelerate digital transformation efforts. This means you and your cyber...

Malicious code in watch-ireland-vs-france-live-stream-online-soccer (npm)

-= Per source details. Do not edit below this...

Malicious code in wallet-connect-live-app (npm)

-= Per source details. Do not edit below this...

Malicious code in systemrobotassistant (npm)

-= Per source details. Do not edit below this...

Malicious code in sun-flare (npm)

-= Per source details. Do not edit below this...

Malicious code in pattern.json (npm)

-= Per source details. Do not edit below this...

Malicious code in mytardis-data-module (npm)

-= Per source details. Do not edit below this...

Malicious code in item-shop-data-client (npm)

-= Per source details. Do not edit below this...

Security Bulletin: IBM Jazz for Service Management is vulnerable due to Apache camel-core-3.2.0.jar ( CVE-2024-22371)

Summary IBM Jazz for Service Management is vulnerable due to Apache camel-core-3.2.0.jar. Exposure of sensitive data by crafting a malicious EventFactory and providing a custom ExchangeCreatedEvent that exposes sensitive data. Vulnerability Details ** CVEID: CVE-2024-22371 DESCRIPTION: **Apache...

Malicious code in eslint-plugin-shein-soc-raw (npm)

-= Per source details. Do not edit below this...