Lucene search
K

129 matches found

OSV
OSV
added 2026/06/23 12:59 p.m.5 views

JLSEC-2026-617 Open redirect in the HTTP.jl static file server canonical redirects

Description The static file server's canonical 301 redirects index-file strip, directory trailing-slash add, and file trailing-slash strip built the Location header verbatim from the un-normalized request target. Request-target validation only requires a leading /, has no CTL bytes, and the...

5.8AI score
Exploits0References2
MSRC
MSRC
added 2026/05/27 12:0 a.m.12 views

A shared responsibility: Protecting customers through Coordinated Vulnerability Disclosure

In recent weeks several zero-day vulnerabilities have been publicly disclosed. The details of these vulnerabilities were not shared with Microsoft prior to release, and the disclosures put our customers at unnecessary risk...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/24 3:26 p.m.108 views

coordinated-disclosure

coordinated-disclosure A Claude Code skill + plugin marketpla...

5.6AI score
Exploits0
MSRC
MSRC
added 2025/07/15 7:0 a.m.31 views

Congratulations to the MSRC 2025 Most Valuable Security Researchers!

The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s Most Valuabl...

7.5AI score
Exploits0
Openbugbounty
Openbugbounty
added 2025/03/30 10:47 a.m.1 views

freemmorpglist.com Cross Site Scripting vulnerability OBB-4041246

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/03/13 4:0 p.m.4 views

How MSRC coordinates vulnerability research and disclosure while building community

In an era where discovering and rapidly mitigating security vulnerabilities is more important than ever before, the Microsoft Security Response Center MSRC is at the center of this work. MSRC focuses on investigating vulnerabilities, coordinating their disclosure, and releasing security updates t...

7.1AI score
Exploits0
MSRC
MSRC
added 2024/08/06 7:0 a.m.14 views

Congratulations to the MSRC 2024 Most Valuable Security Researchers!

The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s 100 Most...

7.5AI score
Exploits0
Github Security Blog
Github Security Blog
added 2024/05/03 8:26 p.m.19 views

sagemaker-python-sdk Command Injection vulnerability

Impact The capturedependencies function in sagemaker.serve.saveretrive.version100.save.utils module before version 2.214.3 allows for potentially unsafe Operating System OS Command Injection if inappropriate command is passed as the “requirementspath” parameter. This consequently may allow an...

7.8CVSS8.2AI score0.01143EPSS
Exploits0References5Affected Software1
Microsoft Secure
Microsoft Secure
added 2024/05/01 6:0 p.m.10 views

“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps

Microsoft discovered a path traversal-affiliated vulnerability pattern in multiple popular Android applications that could enable a malicious application to overwrite files in the vulnerable application’s home directory. The implications of this vulnerability pattern include arbitrary code...

7.5AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/04/03 9:35 a.m.6 views

karriereundfamilie.com Cross Site Scripting vulnerability OBB-3897599

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/04/03 6:44 a.m.12 views

chanlist.xyz Cross Site Scripting vulnerability OBB-3896828

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/04/02 3:24 p.m.14 views

cesar.or.at Cross Site Scripting vulnerability OBB-3896553

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/03/26 10:6 a.m.5 views

romdb.vampier.net Cross Site Scripting vulnerability OBB-3886975

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/02/14 11:44 a.m.10 views

cosplaywho.com Cross Site Scripting vulnerability OBB-3852524

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/12/12 11:58 a.m.5 views

greenbeltmovement.org Cross Site Scripting vulnerability OBB-3811155

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/12/06 6:59 p.m.12 views

mannav.com Improper Access Control vulnerability OBB-3804521

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/12/06 3:12 a.m.3 views

ngobox.org Cross Site Scripting vulnerability OBB-3804192

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/12/04 9:31 p.m.2 views

lars-danielsson.com Improper Access Control vulnerability OBB-3803123

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/11/26 9:41 p.m.5 views

camptecnologico.com Improper Access Control vulnerability OBB-3794959

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
MSRC
MSRC
added 2023/11/20 8:0 a.m.13 views

Celebrating ten years of the Microsoft Bug Bounty program and more than $60M awarded

This year marks the tenth anniversary of the Microsoft Bug Bounty Program, an essential part of our proactive strategy to protect customers from security threats. Since its inception in 2013, Microsoft has awarded more than $60 million to thousands of security researchers from 70 countries. These...

7.5AI score
Exploits0
Rows per page
Query Builder