content.bautz.de Cross Site Scripting vulnerability OBB-3194104

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

SUSE-SU-2023:0407-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-47929: Fixed NULL pointer dereference bug in the traffic control subsystem bnc1207237. - CVE-2023-23454: Fixed denial or service in cbqclassify in...

JSA10482 - 2011-07 Out of Cycle Security Bulletin: Multiple Products; TLS/SSL Renegotiation Vulnerability (CVE-2009-3555)

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. CVE-2009-3555 summary: The TLS protocol, and the SSL protocol 3.0 and possibly earlier, does not properly associate renegotiation handshakes with an existing connection, which allows...

JSA10512 - 2012-06 Security Bulletin: Pulse Connect Secure (PCS): Open redirect issue

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. An open redirect issue has been found in the Pulse Connect Secure PCS product. The issue is caused by incorrect validation of user input sent to the PCS web server. The issue exists in...

shop.soultunes.de Cross Site Scripting vulnerability OBB-3193694

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

livecamspy.com Cross Site Scripting vulnerability OBB-3192402

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

emedjimurje.net.hr Cross Site Scripting vulnerability OBB-3190454

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

sbwaschsalon-regensburg.de Cross Site Scripting vulnerability OBB-3189485

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Hacking the Tax Code

The tax code isn’t software. It doesn’t run on a computer. But it’s still code. It’s a series of algorithms that takes an input--financial information for the year--and produces an output: the amount of tax owed. It’s incredibly complex code; there are a bazillion details and exceptions and speci...

Nearly 19,000 ESXi Servers Still Vulnerable to CVE-2021-21974

Last week, multiple organizations issued warnings that a ransomware campaign dubbed “ESXiArgs” was targeting VMware ESXi servers, allegedly by leveraging CVE-2021-21974—a nearly two-year-old heap overflow vulnerability. Two years. And yet, Rapid7 research has found that a significant number of ES...

unipiaget.cv Cross Site Scripting vulnerability OBB-3186982

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

leatherchase.com Cross Site Scripting vulnerability OBB-3186975

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

cornerstonecharter.com Cross Site Scripting vulnerability OBB-3185942

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

manavigator.com Cross Site Scripting vulnerability OBB-3185886

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

hanja.pe.kr Cross Site Scripting vulnerability OBB-3185792

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Ransomware attacks targeting VMware ESXi servers: everything you need to know

Recent attacks leverage CVE-2021-21974 to install ransomware on VMWare ESXi servers. Security teams are advised to patch and stay vigilant for indicators of compromise...

kamerakata.de Cross Site Scripting vulnerability OBB-3185628

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Florida hospital takes entire IT systems offline after 'ransomware attack'

Tallahassee Memorial Healthcare TMH, a major hospital system in northern Florida, has reportedly been experiencing an "IT security issue" since Thursday evening, which impacted some of its IT systems. When TMH learned of the issue, it took its entire IT systems offline as a precaution and contact...

Ubuntu 16.04 ESM : Git vulnerabilities (USN-5810-3)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5810-3 advisory. USN-5810-1 fixed several vulnerabilities in Git. This update provides the corresponding update for Ubuntu 16.04 ESM. Tenable has extracted the preceding...

udohow.com Cross Site Scripting vulnerability OBB-3183871

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...