Lucene search
K

96 matches found

Openbugbounty
Openbugbounty
added 2022/11/06 6:13 p.m.10 views

dpr5ie4jiu1sc.cloudfront.net Cross Site Scripting vulnerability OBB-3040348

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/08/26 11:39 p.m.10 views

dbve060ocfe16.cloudfront.net Cross Site Scripting vulnerability OBB-2866875

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/06/24 6:50 p.m.20 views

d1n598x054kygy.cloudfront.net Cross Site Scripting vulnerability OBB-2675033

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/06/06 10:30 p.m.20 views

dpr5ie4jiu1sc.cloudfront.net Cross Site Scripting vulnerability OBB-2639418

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/04/26 2:26 p.m.11 views

d39pstlceyjgdg.cloudfront.net Cross Site Scripting vulnerability OBB-2559194

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
Openbugbounty
Openbugbounty
added 2022/04/25 11:43 p.m.57 views

dbve060ocfe16.cloudfront.net Cross Site Scripting vulnerability OBB-2558376

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
NVD
NVD
added 2021/08/12 10:15 p.m.11 views

CVE-2020-36363

Amazon AWS CloudFront TLSv1.22019 allows TLSECDHERSAWITHAES128CBCSHA256 and TLSECDHERSAWITHAES256CBCSHA384, which some entities consider to be weak ciphers...

9.8CVSS0.00706EPSS
Exploits0References2
OSV
OSV
added 2021/08/12 10:15 p.m.6 views

CVE-2020-36363

Amazon AWS CloudFront TLSv1.22019 allows TLSECDHERSAWITHAES128CBCSHA256 and TLSECDHERSAWITHAES256CBCSHA384, which some entities consider to be weak ciphers...

9.8CVSS5.8AI score0.00706EPSS
Exploits0References2
Prion
Prion
added 2021/08/12 10:15 p.m.14 views

Design/Logic Flaw

Amazon AWS CloudFront TLSv1.22019 allows TLSECDHERSAWITHAES128CBCSHA256 and TLSECDHERSAWITHAES256CBCSHA384, which some entities consider to be weak ciphers...

7.5CVSS9.3AI score0.00706EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/08/12 9:13 p.m.79 views

CVE-2020-36363

CVE-2020-36363 concerns Amazon AWS CloudFront where TLSv1.2_2019 configurations allow weak ciphers TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384. The root cause is the inclusion of these CBC-based ciphers in the CloudFront TLS policy, which is cited as a security...

9.8CVSS9.3AI score0.00706EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/08/12 9:13 p.m.15 views

CVE-2020-36363

Amazon AWS CloudFront TLSv1.22019 allows TLSECDHERSAWITHAES128CBCSHA256 and TLSECDHERSAWITHAES256CBCSHA384, which some entities consider to be weak ciphers...

9.5AI score0.00706EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/08/12 12:0 a.m.5 views

Amazon AWS CloudFront 加密问题漏洞

Amazon AWS CloudFront is a content delivery network that provides basic services from Amazon.com, Inc.'s Web Services system. A security vulnerability exists in Amazon AWS CloudFront TLSv1.2 2019, where a related component uses a weak cryptographic algorithm resulting in a security risk...

9.8CVSS8.3AI score0.00706EPSS
Exploits0References2
Kitploit
Kitploit
added 2021/08/06 12:30 p.m.198 views

WARCannon - High Speed/Low Cost CommonCrawl RegExp In Node.js

WARCannon was built to simplify and cheapify the process of 'grepping the internet'. With WARCannon, you can: Build and test regex patterns against real Common Crawl data Easily load Common Crawl datasets for parallel processing Scale compute capabilities to asynchronously crunch through WARCs at...

7.1AI score
Exploits0References1
Hacker One
Hacker One
added 2021/07/24 2:50 p.m.66 views

Reddit: S3 bucket Upload on studio.redditinc.com (s3-r-w.ap-east-1.amazonaws.com)

Greetings team, Found a s3 bucket that belongs to studio.redditinc.com and properly not configured. bucket name:- s3-r-w.ap-east-1.amazonaws.com Bucket Source:-studio.redditinc.com Steps To reproduce:- In terminal , " dig studio.redditinc.com " will get the CNAME as d326d3e45wj426.cloudfront.net...

0.8AI score
Exploits0
WPVulnDB
WPVulnDB
added 2021/06/16 12:0 a.m.23 views

W3 Total Cache < 2.1.3 - Authenticated Stored XSS

The plugin did not sanitise or escape some of its CDN settings, allowing high privilege users to use JavaScript in them, which will be output in the page, leading to an authenticated Stored Cross-Site Scripting issue PoC Vulnerable parameters: cnames= 1, cdncnames= 2, cdncnames= 3. CDN Type:...

4.8CVSS0.1AI score0.00622EPSS
Exploits2References1Affected Software1
wpexploit
wpexploit
added 2021/06/16 12:0 a.m.506 views

W3 Total Cache < 2.1.3 - Authenticated Stored XSS

The plugin did not sanitise or escape some of its CDN settings, allowing high privilege users to use JavaScript in them, which will be output in the page, leading to an authenticated Stored Cross-Site Scripting issue Vulnerable parameters: &cdncnames= 1, cdncnames= 2, cdncnames= 3. CDN Type:...

4.8CVSS0.1AI score0.00622EPSS
Exploits2References1
Rapid7 Blog
Rapid7 Blog
added 2021/04/05 2:0 p.m.43 views

What’s New in InsightAppSec and tCell: Q1 2021 in Review

2021 is off and running! The big question on the corporate world’s mind is, of course, “What will work life look like at the end of 2021?” With vaccines rolling out around the world, another shift is set to take place around when and where people put in their hours. As offices slowly start to...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/03/16 1:2 p.m.46 views

Rapid7 Announces Release of New tCell Amazon CloudFront Agent

Cloud-native approaches to building, hosting, and delivering web applications are growing rapidly. Content delivery networks CDNs such as Amazon CloudFront are on the rise, pushing content closer to end users to improve the performance of web applications. To protect web applications security tea...

7.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/10/27 10:52 a.m.8 views

d6cc7id2l8lbn.cloudfront.net Cross Site Scripting vulnerability OBB-1454200

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/09/30 4:35 p.m.9 views

d15k3om16n459i.cloudfront.net Cross Site Scripting vulnerability OBB-1375039

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
Rows per page
Query Builder