aalborgstift.dk Cross Site Scripting vulnerability OBB-2841857

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

WordPress plugin Advanced Database Cleaner 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2022-33737

The OpenVPN Access Server installer creates a log file readable for everyone, which from version 2.10.0 and before 2.11.0 may contain a random generated admin password...

CVE-2022-33737

The OpenVPN Access Server installer creates a log file readable for everyone, which from version 2.10.0 and before 2.11.0 may contain a random generated admin password...

motolandshop.de Cross Site Scripting vulnerability OBB-2731222

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ude-sanheiz.de Cross Site Scripting vulnerability OBB-2717711

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-1412

The Log WPMail WordPress plugin through 0.1 saves sent email in a publicly accessible directory using predictable filenames, allowing any unauthenticated visitor to obtain potentially sensitive information like generated passwords...

CVE-2021-27783

User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed...

CVE-2021-43206

A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 through 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's client username and IP via same origin HTTP requests...

New Scam Utilizing AI-Generated Images to Represent Fake Law Firm

By Deeba Ahmed Hackread.com earlier reported a website designed by software engineer Philip Wang that can create realistic faces of people… This is a post from HackRead.com Read the original post: New Scam Utilizing AI-Generated Images to Represent Fake Law Firm...

PT-2022-9211 · Anycubic · Anycubic Chitubox Anycubic Plugin

Name of the Vulnerable Software and Affected Versions: AnyCubic Chitubox AnyCubic Plugin version 1.0.0 Description: A heap-based buffer overflow issue exists in the readDatHeadVec functionality. This can be triggered by a specially-crafted GF file, leading to a heap buffer overflow. An attacker c...

MantisBT 安全漏洞

MantisBT is MantisBT Mantisbt team of a Web-based open source defect tracking system . The system provides project management and defect tracking services in the form of Web operations. MantisBT version before 2.25.3 has a security vulnerability that stems from the lack of neutralization of formu...

szcodos.ecer.com Cross Site Scripting vulnerability OBB-2498061

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

libde265 1.0.8, was discovered to contain a heap-use-after-free in put_qpel_fallback

Description libde265 1.0.8, was discovered to contain a heap-use-after-free in putqpelfallback fallback-motion.cc ENV - Version : 1.0.8 - Commit : 45904e5667c5bf59c67fcdc586dfba110832894c - OS : Ubuntu 18.04 - Configure : cmake -DCMAKEBUILDTYPE=Debug -DCMAKECXXCOMPILER=clang++-10...

fgblearning.it Cross Site Scripting vulnerability OBB-2468029

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Watch out for LinkedIn fakes who want to get connected

Despite continued warnings of deepfake chaos during major events, things haven’t worked out the way some thought. Those video deepfakes are bad, and they remain bad. Quite simply, nobody is fooled - or at least, nobody able to make a mistaken snap judgement in a way that matters. As much as we ov...

turismo.catanduvas.sc.gov.br Cross Site Scripting vulnerability OBB-2451364

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Open Web Analytics Server 安全漏洞

Open Web Analytics Server is an open source alternative for commercial web analytics tools such as Google Analytics. A security vulnerability exists in Open Web Analytics version 1.7.4, which stems from the use of php-generated files instead of the expected php sequences that are not processed by...

[SECURITY] Fedora 36 Update: annobin-10.57-3.fc36

This package contains the tools needed to annotate binary files created by compilers, and also the tools needed to examine those annotations. One of the tools is a plugin for GCC that records information about the security options that were in effect when the binary was compiled. Note - the plugi...

3 Reasons to Join Rapid7’s Cloud Security Summit

The world of the cloud never stops moving — so neither can cloud security. In the face of rapidly evolving technology and a constantly changing threat landscape, keeping up with all the latest developments, trends, and best practices in this emerging practice is more vital than ever. Enter Rapid7...