27947 matches found
allfreecrafts.com Improper Access Control vulnerability OBB-3929779
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
55glass.com Improper Access Control vulnerability OBB-3929771
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
world-heart-federation.org Improper Access Control vulnerability OBB-3929767
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
mountvernonplace.org Improper Access Control vulnerability OBB-3929710
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
lacetra.ch Improper Access Control vulnerability OBB-3929697
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
bme.mgh.harvard.edu Improper Access Control vulnerability OBB-3929611
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
alandunn67.co.uk Improper Access Control vulnerability OBB-3929595
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Fortinet Fortigate Node.js crash over administrative interface (FG-IR-24-017)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-017 advisory. - An improper check or handling of exceptional conditions vulnerability CWE-703 in Fortinet FortiOS version 7.4.1 allows an...
CentOS 8 : gstreamer1-plugins-bad-free (CESA-2024:3060)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3060 advisory. - GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code...
CentOS 8 : libXpm (CESA-2024:2974)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:2974 advisory. - A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer function. This flaw allows a local attacker to...
MGASA-2024-0190 Updated chromium-browser-stable packages fix security vulnerabilities
The chromium-browser-stable package has been updated to the 125.0.6422.60 release. It includes 9 security fixes. Please, do note, only x8664 is supported from now on. i586 support for linux was stopped some years ago and the community is not able to provide patches anymore for the latest Chromium...
bbqhub.net Cross Site Scripting vulnerability OBB-3929557
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
bedinsat.com.br Cross Site Scripting vulnerability OBB-3929551
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
expresscar.am Cross Site Scripting vulnerability OBB-3929539
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-52842 virtio/vsock: Fix uninit-value in virtio_transport_recv_pkt()
In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix uninit-value in virtiotransportrecvpkt KMSAN reported the following uninit-value access issue: ===================================================== BUG: KMSAN: uninit-value in virtiotransportrecvpkt+0x1dfb/0x26...
CVE-2021-47404
In the Linux kernel, the following vulnerability has been resolved: HID: betop: fix slab-out-of-bounds Write in betopprobe Syzbot reported slab-out-of-bounds Write bug in hid-betopff driver. The problem is the driver assumes the device must have an input report but some malicious devices violate...
CVE-2021-47250
In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in netlblcipsov4addstd Reported by syzkaller: BUG: memory leak unreferenced object 0xffff888105df7000 size 64: comm "syz-executor842", pid 360, jiffies 4294824824 age 22.546s hex dump first 32 bytes: 00...
CVE-2021-47397 sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb
In the Linux kernel, the following vulnerability has been resolved: sctp: break out if skbheaderpointer returns NULL in sctprcvootb We should always check if skbheaderpointer's return is NULL before using it, otherwise it may cause null-ptr-deref, as syzbot reported: KASAN: null-ptr-deref in rang...
CVE-2021-47249
In the Linux kernel, the following vulnerability has been resolved: net: rds: fix memory leak in rdsrecvmsg Syzbot reported memory leak in rds. The problem was in unputted refcount in case of error. int rdsrecvmsgstruct socket sock, struct msghdr msg, sizet size, int msgflags ... if...
CVE-2021-47242 mptcp: fix soft lookup in subflow_error_report()
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix soft lookup in subflowerrorreport Maxim reported a soft lookup in subflowerrorreport: watchdog: BUG: soft lockup - CPU0 stuck for 22s! swapper/0:0 RIP: 0010:nativequeuedspinlockslowpath RSP: 0018:ffffa859c0003bc0 EFLAG...