6655 matches found
SUSE-SU-2022:0729-1 Security update for SUSE Manager Server 4.2
This update fixes the following issues: spacewalk-java: - Version 4.2.33-1 handle npe when syncing ubuntu errata bsc1196619 susemanager-sync-data: - Version 4.2.11-1 change centos 8 eol urls to vault which still work How to apply this update: 1. Log in as root user to the SUSE Manager server. 2...
Exposure of home directory through shescape on Unix with Bash
Impact The issue allows for exposure of the home directory on Unix systems when using Bash with the escape or escapeAll functions from the shescape API with the interpolation option set to true. Other tested shells, Dash and Zsh, are not affected. javascript const cp = require"childprocess"; cons...
metzgerei-weichart.de Improper Access Control vulnerability OBB-2397271
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
schulz-zahnarzt.de Improper Access Control vulnerability OBB-2395996
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
BD Pyxis
1. EXECUTIVE SUMMARY CVSS v3 7.0 Vendor: Becton, Dickinson and Company BD Equipment: Pyxis Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain access to electronic protected health information ePHI or other...
brainwashed.com Cross Site Scripting vulnerability OBB-2389762
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
The Bug Report - February 2022 Edition
The Bug Report - February 2022 By Jesse Chick · March 2, 2022 Your Cybersecurity Comic Relief Image courtesy of https://toggl.com/ Why am I here? Welcome back to the Bug Report, stubby-month edition! For those in the audience unfamiliar with our shtick, every month we compile a shortlist of the t...
Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
Summary Actions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture. • Patch all systems. Prioritize patching known exploited vulnerabilities. • Implement multi-factor authentication. • Use antivirus software. • Develop internal contact lists and...
h-yobikou.com Cross Site Scripting vulnerability OBB-2387520
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
All Vulnerabilities for dyna.boe.ttct.edu.tw Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| dyna.boe.ttct.edu.tw ---|--- Open Bug...
tributes.com Cross Site Scripting vulnerability OBB-2386841
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CISA warns of cyberespionage by Iranian APT “MuddyWater”
Cybersecurity agencies in the US and UK have issued a joint cybersecurity advisory CSA on MuddyWater, a government-sponsored Iranian advanced persistent threat APT actor. The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, the US Cyber Command Cyber...
tpfs.ps Cross Site Scripting vulnerability OBB-2383358
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
Summary Actions to Take Today to Protect Against Malicious Activity Search for indicators of compromise. Use antivirus software. Patch all systems. Prioritize patching known exploited vulnerabilities. Train users to recognize and report phishing attempts. Use multi-factor authentication. Note: th...
GSD-2022-1000284 Risk in WISP version general
In Netonix WISP version general a Risk exists in the Firmware update frequency/method/stability that can be attacked via N/A resulting in risk of use of older protocols / slower firmware patching speed / rushed instable updates...
CAN-2022-1000284 Risk in WISP version general
In Netonix WISP version general a Risk exists in the Firmware update frequency/method/stability that can be attacked via N/A resulting in risk of use of older protocols / slower firmware patching speed / rushed instable updates...
lg.arbitr.gov.ua Cross Site Scripting vulnerability OBB-2382726
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
carrimini.it Cross Site Scripting vulnerability OBB-2380907
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
assoapriti.it Cross Site Scripting vulnerability OBB-2380811
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
ughstorefirenze.it Cross Site Scripting vulnerability OBB-2380511
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...