aviastock.com Cross Site Scripting vulnerability OBB-3856144

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

afktrack.afkmods.com Cross Site Scripting vulnerability OBB-3856106

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

dictionary.outlib.com Cross Site Scripting vulnerability OBB-3856011

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

skippermar.com Improper Access Control vulnerability OBB-3855994

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

shop.steinzeitoase.de Improper Access Control vulnerability OBB-3855991

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

seaportmodelworks.com Improper Access Control vulnerability OBB-3855988

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

atca.com.au Cross Site Scripting vulnerability OBB-3855956

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

taxiservicesxm.com Cross Site Scripting vulnerability OBB-3855945

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

retailcrossing.com Cross Site Scripting vulnerability OBB-3855846

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

How CVSS 4.0 changes (or doesn’t) the way we see vulnerability severity

Finding, managing and patching security vulnerabilities on any network, no matter the size, is a tall task. In the first week of 2024 alone, there were 621 new common IT security vulnerabilities and exposures CVEs disclosed worldwide, covering a range of applications, software and hardware that...

revalorise.eu Improper Access Control vulnerability OBB-3855481

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

waimanaloschool.org Cross Site Scripting vulnerability OBB-3855405

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

rawrio.com Cross Site Scripting vulnerability OBB-3855398

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

kitchenerjobs.deangroup.ca Cross Site Scripting vulnerability OBB-3855386

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

blog.buildllc.com Cross Site Scripting vulnerability OBB-3855229

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

cdmoenologie.com Improper Access Control vulnerability OBB-3855160

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-21896

The permission model protects itself against path traversal attacks by calling path.resolve on any paths given by the user. If the path is to be treated as a Buffer, the implementation uses Buffer.from to obtain a Buffer from the result of path.resolve. By monkey-patching Buffer internals, namely...

AZL-35053 CVE-2024-21896 affecting package nodejs for versions less than 20.14.0-1

The permission model protects itself against path traversal attacks by calling path.resolve on any paths given by the user. If the path is to be treated as a Buffer, the implementation uses Buffer.from to obtain a Buffer from the result of path.resolve. By monkey-patching Buffer internals, namely...

UBUNTU-CVE-2024-21896

The permission model protects itself against path traversal attacks by calling path.resolve on any paths given by the user. If the path is to be treated as a Buffer, the implementation uses Buffer.from to obtain a Buffer from the result of path.resolve. By monkey-patching Buffer internals, namely...

de.m-audio.com Cross Site Scripting vulnerability OBB-3854992

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...