turismo.catanduvas.sc.gov.br Cross Site Scripting vulnerability OBB-2451364

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-26620

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

UBUNTU-CVE-2021-28276

A Denial of Service vulnerability exists in jhead 3.04 and 3.05 via a wild address read in the ProcessCanonMakerNoteDir function in makernote.c...

impressionsstudio.com Cross Site Scripting vulnerability OBB-2439520

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

DEBIAN-CVE-2021-23556

The package guake before 3.8.5 are vulnerable to Exposed Dangerous Method or Function due to the exposure of executecommand and executecommandbyuuid methods via the d-bus interface, which makes it possible for a malicious user to run an arbitrary command via the d-bus method. Note: Exploitation...

Google Releases Security Updates for Chrome

Google has released Chrome version 99.0.4844.74 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates. Thi...

CVE-2022-24420

creationtimestamp| type| source ---|---|--- 2022-03-12 00:15:09+00:00| seen| https://t.me/cibsecurity/38835 2022-03-23 10:17:52+00:00| seen| https://t.me/truesecator/2762 2022-03-23 13:53:34+00:00| seen| https://t.me/SecLabNews/11819 2022-03-24 10:36:03+00:00| seen| https://t.me/sysodmins/14390...

chantdemonpays.qc.ca Cross Site Scripting vulnerability OBB-2418740

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

RagnarLocker ransomware gang breached 52 critical infrastructure organizations

In a FLASH publication issued by the FBI in coordination with DHS/CISA, the FBI says it has identified at least 52 organizations across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including organizations in the critical manufacturing, energy, financial services,...

OESA-2022-1561 mutt security update

Mutt is a small but very powerful text-based mail client for Unix operating systems. Security Fixes: Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data e.g...

Elections GoRansom – a smoke screen for the HermeticWiper attack

Executive summary On February 24, 2022, Avast Threat Research published a tweet announcing the discovery of new Golang ransomware, which they called HermeticRansom. This malware was found around the same time the HermeticWiper was found, and based on publicly available information from security...

brookemeyerphotography.com Cross Site Scripting vulnerability OBB-2349546

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ravinesassoc.org Cross Site Scripting vulnerability OBB-2348241

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-22932

Apache Karaf obr: commands and run goal on the karaf-maven-plugin have partial path traversal which allows to break out of expected folder. The risk is low as obr: commands are not very used and the entry is set by user. This has been fixed in revision:...

Google Releases Security Updates for Chrome

Google has released Chrome version 97.0.4692.99 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update as so...

Update on WhisperGate, Destructive Malware Targeting Ukraine – Threat Intelligence & Protections Update

Update on WhisperGate, Destructive Malware Targeting Ukraine – Threat Intelligence & Protections Update By Taylor Mullins, Mo Cashman and Raj Samani · January 20, 2022 Recent news reports of a “ransomware” campaign targeting Ukraine has resulted in significant press coverage regarding not only...

Oracle Critical Patch Update Advisory - January 2022

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...

UBUNTU-CVE-2021-40571

The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the ilstboxread function in boxcodeapple.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges...

Night Sky: the new corporate ransomware demanding a sky high ransom

Theres a new ransomware in town—isnt there always?—and its, unsurprisingly, after corporation-sized businesses. Its called Night Sky, and it was first spotted and revealed by MalwareHunterTeam, a group on Twitter who hunts malware online, on the first day of 2022. First day of the year, and a new...

zeitarbeit-jobs-sachsen.de Cross Site Scripting vulnerability OBB-2326152

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...