CVE-2022-37108

An injection vulnerability in the syslog-ng configuration wizard in Securonix Snypr 6.4 allows an application user with the "Manage Ingesters" permission to execute arbitrary code on remote ingesters by appending arbitrary text to text files that are executed by the system, such as users' crontab...

drinkwisecompany.com Cross Site Scripting vulnerability OBB-2663531

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Microsoft addresses multiple RCE vulnerabilities in their June 2022 Patch Tuesday

Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Microsoft June 2022 Patch Tuesday addressed 55 security flaws. One of them is the Follina which has been addressed in another detailed advisory. Three of them have been rated criticalas per Microsoft and...

icomos.de Cross Site Scripting vulnerability OBB-2646326

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...