Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

curl: CVE-2021-22876: Automatic referer leaks credentials

Summary: When using the --referer ';auto' feature the current URL is copied as-is to the referrer header of the subsequent request. The recommendation 1 is to strip these along with the URL fragment. I can imagine this may, in rare cases, result in unwanted/unexpected disclosure of credentials e....

Important: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links...

newbeginningsrestorationofbaltimore.com Cross Site Scripting vulnerability OBB-1446115

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

40.zazzfreebies.com Cross Site Scripting vulnerability OBB-1329191

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

c-sharpcorner.com Cross Site Scripting vulnerability OBB-1240749

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

threepeaks.com.tw Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-987227 Security Researcher KhanJanny Helped patch 3053 vulnerabilities Received 9 Coordinated Disclosure badges Received 38 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting threepeaks.com.tw website...

Security update for kconfig, kdelibs4 (important)

openSUSE Security Update: Security update for kconfig, kdelibs4 Announcement ID: openSUSE-SU-2019:1851-2 Rating: important References: 1144600 Cross-References: CVE-2019-14744 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: Th...

bac-frankfurt.com XSS vulnerability

Vulnerable URL: http://bac-frankfurt.com/index.php?tacoma=webpart.pages.BacPage=3202=3202&=%22%3E%3Csvg%3E%3Cscript%3E/%3C@/%3Eprompt/OPENBUGBOUNTY/%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at 01.12.2017 Latest check for patch:| 01.12.2017 19:26 GMT Vulnerability type:| XSS...

alinesternphotography.com XSS vulnerability

Vulnerable URL:...

mybangvan.com XSS vulnerability

Vulnerable URL: http://mybangvan.com/tour/?nats=" Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 4332665 VIP website status:| No Check mybangvan.com SSL connection:| Grade: F Coordinated Disclosure Timeline:...

Remote code execution from a writable share.

Description All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. Patch Availability A patch addressing this defect has been...

denhelder.nl XSS vulnerability

Vulnerable URL: https://www.denhelder.nl/zoeken?query='"--!a="".constructor.prototype;a.charAt=a.trim;$eval"a,confirmOPENBUGBOUNTY,b"KNOXSS Details: Description| Value ---|--- Patched:| Yes, at 16.08.2017 Latest check for patch:| 16.08.2017 09:34 GMT Vulnerability type:| XSS Vulnerability status:...

dentaladres.com XSS vulnerability

Vulnerable URL: http://www.dentaladres.com/index.php?do=catalog/results=%3C/script%3E%3Cscript%3Ealert%28%22OPENBUGBOUNTY%22%29%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 14:20 GMT Vulnerability type:| XSS Vulnerability status...

Microsoft Windows (x86) - 'afd.sys' Local Privilege Escalation (MS11-046)

/ Exploit Title: Windows x86 all versions AFD privilege escalation MS11-046 Date: 2016-10-16 Exploit Author: Tomislav Paskalev Vulnerable Software: Windows XP SP3 x86 Windows XP Pro SP2 x64 Windows Server 2003 SP2 x86 Windows Server 2003 SP2 x64 Windows Server 2003 SP2 Itanium-based Systems Windo...

greymouthpetroleum.co.nz XSS vulnerability

Vulnerable URL: http://www.greymouthpetroleum.co.nz/signup.php?company="=Truck Driver=2016-05-13=2016-05-13 17:01:58=No Details: Description| Value ---|--- Patched:| Yes, at 16.07.2017 Latest check for patch:| 16.07.2017 22:50 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

dinfiol.se XSS vulnerability

Vulnerable URL: http://dinfiol.se/index.asp?lang=en" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 13372761 VIP website status:| No Check dinfiol.se SSL connection:| Grade: F...

aleitamento.com.br XSS vulnerability

Vulnerable URL: http://www.aleitamento.com.br/busca/default.asp?q=Pai" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 12432060 VIP website status:| No Check aleitamento.com.br SSL...

ebi.ac.uk XSS vulnerability

Vulnerable URL: http://www.ebi.ac.uk/ols/v2/browse.do?ontName=%22%3E%3Cimg%20src=x%20onerror=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 27018 VIP website status:| Yes Check...

secure.emp-shop.no XSS vulnerability

Vulnerable URL: https://secure.emp-shop.no/loglogin/%22';prompt'XSSPOSED';a='/ Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 529476 Google Pagerank| 0 VIP website status:| No Check secure.emp-shop.no SSL...