193.206.192.138 Cross Site Scripting vulnerability OBB-2839125

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

140.128.227.3 Cross Site Scripting vulnerability OBB-2839102

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

130.111.223.103 Cross Site Scripting vulnerability OBB-2839093

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

121.88.5.145 Cross Site Scripting vulnerability OBB-2839069

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

intranet.londonmet.ac.uk Cross Site Scripting vulnerability OBB-2835330

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

tas1.manchester.ac.uk Cross Site Scripting vulnerability OBB-2824897

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

[SECURITY] Fedora 36 Update: xq-0.0.7-5.fc36

Command line XML beautifier and content extractor. Similar to jq...

cutleryworks.co.uk Open Redirect vulnerability OBB-2821069

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

secure.wildlife.alaska.gov Cross Site Scripting vulnerability OBB-2797424

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

[SECURITY] Fedora 35 Update: xq-0.0.7-4.fc35

Command line XML beautifier and content extractor. Similar to jq...

CVE-2022-2131

OpenKM Community Edition in its 6.3.10 version and before was using XMLReader parser in XMLTextExtractor.java file without the required security flags, allowing an attacker to perform a XML external entity injection attack...

tika-core: Regular Expression Denial of Service in standards extractor

In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standa...

metadata-extractor: Out-of-memory when reading a specially crafted JPEG file

When reading a specially crafted JPEG file, metadata-extractor up to 2.16.0 can be made to allocate large amounts of memory that finally leads to an out-of-memory error even for very small inputs. This could be used to mount a denial of service attack against services that use metadata-extractor...

Important: Red Hat Security Advisory: Red Hat Fuse 7.11.0 release and security update

A minor version update from 7.10 to 7.11 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scorin...

[SECURITY] Fedora 36 Update: xq-0.0.7-4.fc36

Command line XML beautifier and content extractor. Similar to jq...

Microsoft-365-Extractor-Suite - A Set Of PowerShell Scripts That Allow For Complete And Reliable Acquisition Of The Microsoft 365 Unified Audit Log

This suite of scripts contains two different scripts that can be used to acquire the Microsoft 365 Unified Audit Log Read the accompanying blog post on https://invictus-ir.medium.com/introduction-of-the-microsoft-365-extractor-suite-b85e148d4bfe 1. Microsoft365Extractor , the original script stem...

cool.greenlearning.ca Cross Site Scripting vulnerability OBB-2692728

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

console.skphost.net Cross Site Scripting vulnerability OBB-2692680

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

consallhall.altimate.co.uk Cross Site Scripting vulnerability OBB-2692662

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

connectuniversities.com Cross Site Scripting vulnerability OBB-2692651

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...