shivangan.co.in Cross Site Scripting vulnerability OBB-2306867

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Medium: kernel-livepatch-4.14.248-189.473

Issue Overview: No CVE associated with this advisory Affected Packages: kernel-livepatch-4.14.248-189.473 Issue Correction: Please ensure you have live patching enabled. Run yum update kernel-livepatch-4.14.248-189.473 or yum update --advisory ALAS2LIVEPATCH-2021-071 to update your system. New...

Medium: kernel-livepatch-4.14.246-187.474

Issue Overview: No CVE associated with this advisory Affected Packages: kernel-livepatch-4.14.246-187.474 Issue Correction: Please ensure you have live patching enabled. Run yum update kernel-livepatch-4.14.246-187.474 or yum update --advisory ALAS2LIVEPATCH-2021-072 to update your system. New...

Microsoft Patch Tuesday December 2021

Hello everyone! Its even strange to talk about other vulnerabilities, while everyone is so focused on vulnerabilities in log4j. But life doesnt stop. Other vulnerabilities appear every day. And of course, there are many critical ones among them that require immediate patching. This episode will b...

Design/Logic Flaw

Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions Sulu users who have access to any subset of the admin UI are able to elevate their privilege. Over the API it was possible for them to give themselves permissions to areas which they did not...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

It is an offensive tool for Apache Solr, exploiting CVE-2021-442...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228-Demo This project for prove and testing zero-d...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4JExploitation-VulnerabiliyCVE-2021-44228. !Untitled...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4JExploitation-VulnerabiliyCVE-2021-44228. !Untitled...

arnoba.ir Cross Site Scripting vulnerability OBB-2300724

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

battlebornbone.com Cross Site Scripting vulnerability OBB-2300705

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2021-44228 - Patching is Recommended for Evolving Zero Day Vulnerability in Apache Log4j that allows remote code execution (RCE)

Akamai has been monitoring the rapidly evolving developments of CVE-2021-44228. We have been working closely with our customers and internal application teams to mitigate the risks posed by the threat of unauthorized remote code execution. This includes deploying an update to our existing Apache...

How We’re Protecting Customers & Staying Ahead of CVE-2021-44228

CVE-2021-44228 is a high profile vulnerability impacting multiple versions of a widely distributed Java software component, Apache Log4j 2. The specific vulnerability allows for unauthenticated remote code execution. For additional technical information, the team at LunaSec has an excellent...

Widespread Exploitation of Critical Remote Code Execution in Apache Log4j

Table of Contents Overview Affected versions Mitigation and detection guidance Rapid7 customers InsightVM and Nexpose InsightIDR and Managed Detection and Response Velociraptor tCell InsightCloudSec IntSights Attacks and campaigns External resources Updates Need clarity on detecting and mitigatin...

illgen-immobilien.de Cross Site Scripting vulnerability OBB-2298875

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

dfragd.com Improper Access Control vulnerability OBB-2298582

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Has your WordPress site been backdoored by a skimmer?

Skimmers and other threat actors are backdooring websites, and WordPress instances in particular, according to a recently released report. Researchers at Sucuri say attackers have developed methods to make sure that their grip on the infected site is not easily removed by applying the next update...

facfdz.com Cross Site Scripting vulnerability OBB-2297286

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

SonicWall Urges Customers to Immediately Patch Critical SMA 100 Flaws

Network security vendor SonicWall is urging customers to update their SMA 100 series appliances to the latest version following the discovery of multiple security vulnerabilities that could be abused by a remote attacker to take complete control of an affected system. The flaws impact SMA 200, 21...

Patch Now: SonicWall Fixes Multiple Vulnerabilities in SMA 100 Devices

Summary On December 7, 2021, SonicWall released a security advisory that includes patching guidance for five vulnerabilities in SonicWall SMA 100 series devices that were discovered by Rapid7 including CVE-2021-20038 which is rated CVSSv3 9.8, critical, as well as several other CVEs discovered by...