Lucene search
K

36 matches found

Openbugbounty
Openbugbounty
added 2022/03/07 12:15 p.m.7 views

bespokejewellerysafes.co.uk Improper Access Control vulnerability OBB-2414177

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2021/12/16 7:16 p.m.14 views

‘Tropic Trooper’ Reemerges to Target Transportation Outfits

They’ve been an active threat group since 2011, but a recent uptick in activity from Earth Centaur – previously known as Tropic Trooper – aimed specifically at transportation and government agencies is setting off alarm bells among experts. Trend Micro researchers have been tracking Tropic...

7.3AI score
Exploits0References7
Openbugbounty
Openbugbounty
added 2020/09/28 4:11 p.m.7 views

bespokeeyewear.co.uk Improper Access Control vulnerability OBB-1370938

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

0.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/09/22 6:34 a.m.8 views

bespokenature.co.uk Cross Site Scripting vulnerability OBB-1354542

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/08/21 9:16 a.m.12 views

bespokepropertiesmanagement.com Improper Access Control vulnerability OBB-1268117

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

1AI score
Exploits0
RustSec
RustSec
added 2020/01/08 12:0 p.m.22 views

bespoke Cell implementation allows obtaining several mutable references to the same data

The custom implementation of a Cell primitive in the affected versions of this crate does not keep track of mutable references to the underlying data. This allows obtaining several mutable references to the same object which may result in arbitrary memory corruption, most likely use-after-free. T...

9.1CVSS3.5AI score0.0141EPSS
Exploits1Affected Software1
OSV
OSV
added 2020/01/08 12:0 p.m.64 views

RUSTSEC-2020-0045 bespoke Cell implementation allows obtaining several mutable references to the same data

The custom implementation of a Cell primitive in the affected versions of this crate does not keep track of mutable references to the underlying data. This allows obtaining several mutable references to the same object which may result in arbitrary memory corruption, most likely use-after-free. T...

9.1CVSS9.1AI score0.0141EPSS
Exploits1References3
OSV
OSV
added 2020/01/08 12:0 p.m.40 views

RUSTSEC-2020-0046 bespoke Cell implementation allows obtaining several mutable references to the same data

The custom implementation of a Cell primitive in the affected versions of this crate does not keep track of mutable references to the underlying data. This allows obtaining several mutable references to the same object which may result in arbitrary memory corruption, most likely use-after-free. T...

5.5CVSS5.4AI score0.00374EPSS
Exploits1References3
Microsoft Secure
Microsoft Secure
added 2019/11/14 5:0 p.m.61 views

Changing security incident response by utilizing the power of the cloud—DART tools, techniques, and procedures: part 1

This is the first in a blog series discussing the tools, techniques, and procedures that the Microsoft Detection and Response Team DART use to investigate cybersecurity incidents at our customer organizations. Today, we introduce the team and give a brief overview of each of the tools that utiliz...

6.6AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/06/12 2:34 p.m.12 views

traditionalbespokefurniture.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-630651 Description| Value ---|--- Affected Website:| traditionalbespokefurniture.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6...

Exploits0
n0where
n0where
added 2017/08/25 4:57 p.m.67 views

Proxy Aware PowerShell C2 Framework: PoshC2

PoshC2 is a proxy aware C2 framework written completely in PowerShell to aid penetration testers with red teaming, post-exploitation and lateral movement. The tools and modules were developed off the back of our successful PowerShell sessions and payload types for the Metasploit Framework...

0.2AI score
Exploits0References2
Openbugbounty
Openbugbounty
added 2016/07/25 6:48 p.m.9 views

kraftoriginals.co.uk XSS vulnerability

Vulnerable URL: http://www.kraftoriginals.co.uk/bespoke-cufflink-search.htm?search="search=+ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 8116833 VIP website status:| No Check...

6.2AI score
Exploits0
NVD
NVD
added 2014/10/19 10:55 a.m.12 views

CVE-2014-7346

The Bespoke aka com.magzter.bespoke application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS5.9AI score0.00266EPSS
Exploits0References3
Prion
Prion
added 2014/10/19 10:55 a.m.10 views

Information disclosure

The Bespoke aka com.magzter.bespoke application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS6.4AI score0.00266EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2014/10/19 10:0 a.m.37 views

CVE-2014-7346

The CVE-2014-7346 entry concerns the Bespoke Android app (com.magzter.bespoke) version 3.0, which does not verify X.509 certificates when establishing SSL connections. The root cause is missing certificate validation, enabling potential man‑in‑the‑middle attackers to spoof servers and extract sen...

5.4CVSS6AI score0.00266EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/10/19 10:0 a.m.21 views

CVE-2014-7346

The Bespoke aka com.magzter.bespoke application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9AI score0.00266EPSS
Exploits0References3
Rows per page
Query Builder