idm.id Cross Site Scripting vulnerability OBB-2150639

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

nrc.ac.uk Cross Site Scripting vulnerability OBB-2150273

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

weim.co.kr Cross Site Scripting vulnerability OBB-2150217

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

maaamet.ee Cross Site Scripting vulnerability OBB-2150176

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

greatforest.hu Cross Site Scripting vulnerability OBB-2150085

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

csgo-ranks.com Improper Access Control vulnerability OBB-2149550

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

micronfrance.com Cross Site Scripting vulnerability OBB-2149332

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

media.blubrry.com Open Redirect vulnerability OBB-2148634

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

sega.co.uk Cross Site Scripting vulnerability OBB-2148598

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Are you a victim of the Conti Ransomware?

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Conti Ransomware targets enterprises who have not patched their systems by exploiting old vulnerabilities. Conti Ransomware steals sensitive information from businesses and demands a ransom in exchange. CISA has issued a...

Why You Should Consider QEMU Live Patching

Sysadmins know what the risks are of running unpatched services. Given the choice, and unlimited resources, most hardworking administrators will ensure that all systems and services are patched consistently. But things are rarely that simple. Technical resources are limited, and patching can ofte...

Security Bulletin: Public disclosed vulnerability from OpenSSL affects IBM Netezza Host Management

Summary OpenSSL is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the GENERALNAMEcmp function contain ...

Security Bulletin: Publicly disclosed vulnerabilities from Bind affect IBM Netezza Host Management

Summary Bind is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-25215 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an assertion failure while answering queries for DNAME records. By...

Unpatched Apple Zero-Day Allows Code Execution

A zero-day security vulnerability in Apple’s macOS Finder system could allow remote attackers to trick users into running arbitrary commands, according to researchers – and a silent patch hasn’t fixed it. For those not in the Apple camp, the macOS Finder is the default file manager and GUI...

projnet.com Cross Site Scripting vulnerability OBB-2147066

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

VMware Warns of Ransomware-Friendly Bug in vCenter Server

VMware has released a security update that includes patches for 19 CVE-numbered vulnerabilities that affect the company’s vCenter Server virtualization management platform and its hybrid Cloud Foundation platform for managing VMs and orchestrating containers. They’re all serious, but one –...

Patch vCenter Server “right now”, VMWare expects CVE-2021-22005 exploitation within minutes of disclosure

VMware is urging users of vCenter server to patch no fewer than 19 problems affecting its products. These updates fix a variety of security vulnerabilities, but and one of them is particularly nasty. That would be CVE-2021-22005, a critical file upload vulnerability with a CVSS score of 9.8 out o...

apply.bsischools.org Cross Site Scripting vulnerability OBB-2146466

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

chujiaquanji.com Cross Site Scripting vulnerability OBB-2146370

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Critical vCenter Server File Upload Vulnerability (CVE-2021-22005)

See the Updates section at the end of this post for new information as it comes to light, including reports of exploitation. Description On Tuesday, September 21, 2021, VMware published security advisory VMSA-2021-0020, which includes details on CVE-2021-22005, a critical file upload vulnerabilit...