8 matches found
EUVD-2018-10582
Malware in sbrugna...
maxwell-digital.com Cross Site Scripting vulnerability OBB-3951109
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Reverse-Engineering the Redactions in the Ghislaine Maxwell Deposition
Slate magazine was able to cleverly read the Ghislaine Maxwell deposition and reverse-engineer many of the redacted names. Weve long known that redacting is hard in the modern age, but most of the failures to date have been a result of not realizing that covering digital text with a black bar...
Default credentials
Missing password verification in the web interface on Gigaset Maxwell Basic VoIP phones with firmware 2.22.7 would allow a remote attacker in the same network as the device to change the admin password without authentication and without knowing the original password...
CVE-2018-18871
Missing password verification in the web interface on Gigaset Maxwell Basic VoIP phones with firmware 2.22.7 would allow a remote attacker in the same network as the device to change the admin password without authentication and without knowing the original password...
CVE-2018-18871
CVE-2018-18871 affects Gigaset Maxwell Basic VoIP phones (firmware 2.22.7). The web interface lacks password verification, allowing a remote attacker on the same network to change the admin password without authentication. This is a network-accessible issue with high impact to confidentiality and...
faculty.maxwell.syr.edu XSS vulnerability
Vulnerable URL: http://faculty.maxwell.syr.edu/jishnu/quiz2.asp?start=new&p1;=&c1;=1%22%27--!%3E%3CScript%20/K/%3EconfirmOPENBUGBOUNTY%3C/Script%20/K/%3E&p2;=&c2;= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:|...
bitcoin -- denial of service
Gregory Maxwell reports: On July 7th I will be making public details of several serious denial of service vulnerabilities which have fixed in recent versions of Bitcoin Core, including including CVE-2015-3641. I strongly recommend anyone running production nodes exposed to inbound connections fro...