A New York Cop Got Injured at a Boxing Match. Now Madison Square Garden Is Banning His Lawyer

Attorney John Scola is representing a police officer who is suing over injuries allegedly sustained while working security at an MSG property in 2025...

EUVD-2022-43082

Malicious code in bioql PyPI...

CVE-2023-48128

An issue in UNITED BOXING GYM mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

BIT-GITLAB-2022-3726

Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12.6 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to trick a user to click on the Swagger OpenAPI viewer and issue HTTP requests that affect the victim's account...

CVE-2023-48128

An issue in UNITED BOXING GYM mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

CVE-2023-48128

An issue in UNITED BOXING GYM mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

CVE-2023-48128

An issue in UNITED BOXING GYM mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

Line Security Breach

Line is an instant messaging platform from Line Inc. A security vulnerability exists in Line version v13.6.1, which stems from a UNITED BOXING GYM applet that may disclose access tokens...

CVE-2023-48128

An issue in UNITED BOXING GYM mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

CVE-2023-48128

An issue in the UNITED BOXING GYM mini-app (Line) v13.6.1 enables attackers to send crafted malicious notifications by leaking the channel access token. The vulnerability affects the mini-app component that handles notifications, with a CVSS-like assessment indicating network access, low confiden...

thai.boxing.club.free.fr Cross Site Scripting vulnerability OBB-3363606

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Design/Logic Flaw

Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12.6 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to trick a user to click on the Swagger OpenAPI viewer and issue HTTP requests that affect the victim's account...

CVE-2022-3726

GitLab CVE-2022-3726 affects GitLab CE/EE, with no sandboxing of OpenAPI/Swagger viewer. Affected versions are 12.6 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. The vulnerability allows an attacker to trick a user into clicking the Swagger OpenAPI viewer, causing HTTP requests...

CVE-2022-3726

Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12.6 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to trick a user to click on the Swagger OpenAPI viewer and issue HTTP requests that affect the victim's account...

CVE-2022-3726

Removed by vendor...

Speculative Code Store Bypass (SCSB) and Floating-Point Value Injection (FPVI) Advisory - Lenovo Support US

No description provided...

Apple WebKit Security Vulnerability

WebKit is an open source web browser engine developed by KDE, Apple and Google. A security vulnerability exists in Apple WebKit, which stems from an application that does not properly implement the force-boxing policy in WebKit. A remote attacker could create a specially crafted web page that wou...

Online Holiday Shopping followed the Hot Topics of 2019: Mobile & Security

Here's what I learned this past holiday season: I'm not alone shopping on my mobile device on Christmas Day and Boxing Day. And while Hollywood actors may take the holidays off, threat actors certainly do not. Let's have a look at some of the numbers. Akamai has a lot of data, but let's look at...

Twitch Has Become a Haven for Live Sports Piracy

As the platform gains more mainstream popularity, illicit livestreams of soccer, boxing, and MMA matches have become trivial to find...

abc.warriorboxing.com XSS vulnerability

Open Bug Bounty ID: OBB-631290 Description| Value ---|--- Affected Website:| abc.warriorboxing.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...