nicolegoh01.com Cross Site Scripting vulnerability OBB-2354830

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

diagnosticslaboratory.com Cross Site Scripting vulnerability OBB-2354168

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

catabl.com Cross Site Scripting vulnerability OBB-2353962

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ahnenforschung.net Cross Site Scripting vulnerability OBB-2353587

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Go-Attestation Improper Input Validation with attacker-controlled TPM Quote

Impact An improper input validation vulnerability in go-attestation before 0.4.0 allows local users to provide a maliciously-formed Quote over no/some PCRs, causing AKPublic.Verify to succeed despite the inconsistency. Subsequent use of the same set of PCR values in Eventlog.Verify lacks the...

nighttech.us Cross Site Scripting vulnerability OBB-2352044

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

polkit-0.96-CVE-2021-4034 CentOS 7.x already has the RPM pack...

SSRF vulnerability in jupyter-server-proxy

Impact What kind of vulnerability is it? Server-Side Request Forgery SSRF Who is impacted? Any user deploying Jupyter Server or Notebook with jupyter-proxy-server extension enabled. A lack of input validation allowed authenticated clients to proxy requests to other hosts, bypassing the allowedhos...

banancontracting.com Cross Site Scripting vulnerability OBB-2347967

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Worming your way in through IIS - CVE-2022-21907

Worming your way in through IIS - CVE-2022-21907 By Trellix · January 27, 2022 This story was written by Eion Carroll. IIS HTTP Stack History In the first patch Tuesday of 2022, Microsoft released a patch for a wormable vulnerability CVE-2022-21907 within the IIS HTTP stack, or more specifically...

Worming your way in through IIS - CVE-2022-21907

Worming your way in through IIS - CVE-2022-21907 By Trellix · January 27, 2022 This story was written by Eion Carroll. IIS HTTP Stack History In the first patch Tuesday of 2022, Microsoft released a patch for a wormable vulnerability CVE-2022-21907 within the IIS HTTP stack, or more specifically...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

CVE-2021-4034 Polkit's Pkexec CVE-2021-4034 Proof Of Concept a...

Exploit for CVE-2020-4034

CVE-2021-4034 Polkit's Pkexec CVE-2021-4034 Proof Of Concept a...

asuratrench.com Cross Site Scripting vulnerability OBB-2345293

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

norma.uz Cross Site Scripting vulnerability OBB-2344915

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

A week in security (January 17 — 23)

Last week on Malwarebytes Labs: CISA calls for urgent action against critical threats Red Cross begs attackers to “Do the right thing” after family reunion service compromised Update now! Chrome patches critical RCE vulnerability in Safe Browsing Combatting SMS and phone fraud: UK government issu...

roseto.com Cross Site Scripting vulnerability OBB-2344435

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

webmail.grupomoas.com.br Cross Site Scripting vulnerability OBB-2341643

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

sarana.com.pl Cross Site Scripting vulnerability OBB-2339846

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

km-jj.cn Cross Site Scripting vulnerability OBB-2339652

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...