Twitter Scammers Stole $1,000 From My Friend—So I Hunted Them Down

After scammers duped a friend with a hacked Twitter account and a “deal” on a MacBook, I enlisted the help of a fellow threat researcher to trace the criminals’ offline identities...

July 26, 2023—KB5028254 (OS Build 22621.2070) Preview

July 26, 2023—KB5028254 OS Build 22621.2070 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 22H2, see its update history page. Note Follow @WindowsUpdate to fi...

Whatsapp-Chat-Exporter has Cross-Site Scripting vulnerability in HTML output of chats.

Impact A Cross-Site Scripting XSS vulnerability was found in the HTML output of chats. XSS is intended to be mitigated by Jinja's escape function. However, autoescape=True was missing when setting the environment. Although the actual impact is low, considering the HTML file is being viewed offlin...

Hacks Against Ukraine's Emergency Response Services Rise During Bombings

Data from Cloudflare's free digital defense service, Project Galileo, illuminates new links between online and offline attacks...

CVE-2023-34407

OfflinePlayerService.exe in Harbinger Offline Player 4.0.6.0.2 allows directory traversal as LocalSystem via ..\ in a URL...

CVE-2023-34407

OfflinePlayerService.exe in Harbinger Offline Player 4.0.6.0.2 allows directory traversal as LocalSystem via ..\ in a URL...

CVE-2023-34407

OfflinePlayerService.exe in Harbinger Offline Player 4.0.6.0.2 allows directory traversal as LocalSystem via ..\ in a URL...

Directory traversal

OfflinePlayerService.exe in Harbinger Offline Player 4.0.6.0.2 allows directory traversal as LocalSystem via ..\ in a URL...

CVE-2023-34407

OfflinePlayerService.exe in Harbinger Offline Player 4.0.6.0.2 allows directory traversal as LocalSystem via ..\ in a URL...

Harbinger Offline Player 路径遍历漏洞

Harbinger Offline Player is Harbinger's seamless and highly secure way to access training content without the need for a constant Internet connection. A security vulnerability exists in Harbinger Offline Player version 4.0.6.0.2, which stems from OfflinePlayerService.exe allowing directory...

CVE-2023-34407

OfflinePlayerService.exe in Harbinger Offline Player 4.0.6.0.2 allows directory traversal as LocalSystem via ..\ in a URL...

PT-2023-24859 · Unknown · Harbinger Offline Player

Name of the Vulnerable Software and Affected Versions: Harbinger Offline Player version 4.0.6.0.2 Description: The issue allows directory traversal as LocalSystem via .. in a URL. This can be exploited in OfflinePlayerService.exe. Recommendations: For Harbinger Offline Player version 4.0.6.0.2,...

CVE-2023-34407

The CVE-2023-34407 entry affects Harbinger Offline Player 4.0.6.0.2, specifically OfflinePlayerService.exe, which allows directory traversal via ..\ in a URL. Reported impact is confidentiality loss (C: High) with no impact to integrity or availability, and CVSSv3.1 base score 7.5 (NETWORK, LOW c...

CVE-2023-25750

Under certain circumstances, a ServiceWorker's offline cache may have leaked to the file system when using private browsing mode. This vulnerability affects Firefox 111...

Design/Logic Flaw

Under certain circumstances, a ServiceWorker's offline cache may have leaked to the file system when using private browsing mode. This vulnerability affects Firefox 111...

CVE-2023-25750

CVE-2023-25750 describes an information disclosure in Mozilla Firefox where, under certain conditions, a ServiceWorker offline cache could leak to the file system when private browsing is used. Affected product: Firefox versions older than 111. Root cause details in the connected docs point to le...

CVE-2023-25750

Under certain circumstances, a ServiceWorker's offline cache may have leaked to the file system when using private browsing mode. This vulnerability affects Firefox 111...

CVE-2023-25750

Under certain circumstances, a ServiceWorker's offline cache may have leaked to the file system when using private browsing mode. This vulnerability affects Firefox 111...

CVE-2023-25750

Under certain circumstances, a ServiceWorker's offline cache may have leaked to the file system when using private browsing mode. This vulnerability affects Firefox 111...

offline-online.ch Cross Site Scripting vulnerability OBB-3347346

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...