174 matches found
EUVD-2005-4518
Malware in sbrugna...
dryades.units.it Cross Site Scripting vulnerability OBB-3879925
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
hainescentre.com Cross Site Scripting vulnerability OBB-3851488
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
hbackathon.de Improper Access Control vulnerability OBB-3767050
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
dealsshops.nl Cross Site Scripting vulnerability OBB-3670044
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
graceryseoul.com Cross Site Scripting vulnerability OBB-3583323
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
afep.com Cross Site Scripting vulnerability OBB-3520833
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
infoalunos.uma.pt Cross Site Scripting vulnerability OBB-3507112
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
espanja-omaisuus.fi Cross Site Scripting vulnerability OBB-3482178
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
bk-chomutov.cz Cross Site Scripting vulnerability OBB-3176128
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
New Timing Attack Against NPM Registry API Could Expose Private Packages
A novel timing attack discovered against the npm's registry API can be exploited to potentially disclose private packages used by organizations, putting developers at risk of supply chain threats. "By creating a list of possible package names, threat actors can detect organizations' scoped privat...
ddsuk.co.uk Cross Site Scripting vulnerability OBB-2870692
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
libreoffice:htmlfuzzer: Bad-cast to SwFormat from SwClient in SwHTMLParser::SetAttr_
Project: git://anongit.freedesktop.org/libreoffice/core Detailed Report: https://oss-fuzz.com/testcase?key=5205016312545280 Project: libreoffice Fuzzing Engine: libFuzzer Fuzz Target: htmlfuzzer Job Type: libfuzzerubsanlibreoffice Platform Id: linux Crash Type: Bad-cast Crash Address:...
fluent-bit:flb-it-fuzz-msgpack_to_gelf_fuzzer_OSSFUZZ: Crash in flb_sds_cat
Project: https://github.com/fluent/fluent-bit.git Detailed Report: https://oss-fuzz.com/testcase?key=5676844333137920 Project: fluent-bit Fuzzing Engine: libFuzzer Fuzz Target: flb-it-fuzz-msgpacktogelffuzzerOSSFUZZ Job Type: libfuzzerubsanfluent-bit Platform Id: linux Crash Type: UNKNOWN READ...
muparser:set_eval_fuzzer: Heap-buffer-overflow in mu::ParserBase::ParseCmdCodeBulk
Project: https://github.com/beltoforion/muparser.git Detailed Report: https://oss-fuzz.com/testcase?key=5758791700971520 Project: muparser Fuzzing Engine: libFuzzer Fuzz Target: setevalfuzzer Job Type: libfuzzerasanmuparser Platform Id: linux Crash Type: Heap-buffer-overflow READ 8 Crash Address:...
libsndfile:sndfile_fuzzer: Use-of-uninitialized-value in psf_log_printf
Detailed Report: https://oss-fuzz.com/testcase?key=4907258079870976 Project: libsndfile Fuzzing Engine: libFuzzer Fuzz Target: sndfilefuzzer Job Type: libfuzzermsanlibsndfile Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: psflogprintf cafreadheader cafopen...
alembic:alembic_dump_info_fuzzer: Segv on unknown address in std::__1::__tree_node_base<void*>* std::__1::__tree_min<std::__1::__tree_node_ba
Project: https://github.com/alembic/alembic.git Detailed Report: https://oss-fuzz.com/testcase?key=5636402992381952 Project: alembic Fuzzing Engine: afl Fuzz Target: alembicdumpinfofuzzer Job Type: aflasanalembic Platform Id: linux Crash Type: Segv on unknown address Crash Address: Crash State:...
dlplibs:key6fuzzer: Segv on unknown address in std::__1::deque<std::__1::deque<boost::variant<libetonyek::MoveTo, libetonyek::L
Detailed Report: https://oss-fuzz.com/testcase?key=5068676089511936 Project: dlplibs Fuzzing Engine: afl Fuzz Target: key6fuzzer Job Type: aflasandlplibs Platform Id: linux Crash Type: Segv on unknown address Crash Address: Crash State: std::1::dequestd::1::dequeboost::variantlibetonyek::MoveTo,...
immer:flex-vector-gc: Crash in immer::detail::rbts::node<int, immer::memory_policy<immer::heap_policy<immer::gc
Project: https://github.com/arximboldi/immer.git Detailed Report: https://oss-fuzz.com/testcase?key=5660697665732608 Project: immer Fuzzing Engine: libFuzzer Fuzz Target: flex-vector-gc Job Type: libfuzzerasanimmer Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x7083eb04e907 Crash...
qt:qtbase_gui_text_qtextdocument_sethtml: Index-out-of-bounds in QUnicodeTables::qGetProp
Detailed Report: https://oss-fuzz.com/testcase?key=5673564766994432 Project: qt Fuzzing Engine: libFuzzer Fuzz Target: qtbaseguitextqtextdocumentsethtml Job Type: libfuzzerubsanqt Platform Id: linux Crash Type: Index-out-of-bounds Crash Address: Crash State: QUnicodeTables::qGetProp QString...