Magento Open Source Security Advisory: Patch SUPEE-10975

Magento Commerce 1.14.4.0 and Open Source 1.9.4.0 have been enhanced with critical security updates to address multiple vulnerabilities, including remote code execution RCE, cross-site scripting XSS, cross-site request forgery CSRF, and more. The following issues have been identified and...

wilsdomain.com Cross Site Scripting vulnerability OBB-3927758

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ashraem.confex.com Cross Site Scripting vulnerability OBB-3927664

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield

With the browser becoming the most prevalent workspace in the enterprise, it is also turning into a popular attack vector for cyber attackers. From account takeovers to malicious extensions to phishing attacks, the browser is a means for stealing sensitive data and accessing organizational system...

Get Weekends Back: Put Chrome CVEs like CVE-2024-5274 on Auto-Patching

On May 9th, Google released an emergency update for its Chrome browser to patch a critical zero-day vulnerability, CVE-2024-4671. The "use after free" vulnerability affects the Visuals component of Chrome, which is responsible for rendering and displaying content. CVE-2024-4671 was identified and...

circle.youthop.com Cross Site Scripting vulnerability OBB-3927010

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

lawlincs.co.uk Cross Site Scripting vulnerability OBB-3926577

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

dleex.com Cross Site Scripting vulnerability OBB-3926314

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

RLSA-2024:1687 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTT...

Verizon’s 2024 DBIR Unpacked: From Ransomware Evolution to Supply Chain Vulnerabilities

As we delve into cybersecuritys complex and evolving landscape, the Verizon 2024 Data Breach Investigations Report DBIR offers crucial insights into the mechanisms and motives behind the latest wave of cyberattacks. Qualys is once again proud to contribute to the report, helping to dissect these...

tuttonapoli.net Cross Site Scripting vulnerability OBB-3925241

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

grub2 security update

2.02-0.87.0.26.el7.14 - Replace bugzilla.oracle.com reference Orabug: 35477723 - Backport kernel EFI allocation pacthes Orabug: 34301086 - Add to the list CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 JIRA: OLDIS-16371 - bump SBAT generation JIRA:...

tcmlondon.com Cross Site Scripting vulnerability OBB-3924904

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

peridos.nl Improper Access Control vulnerability OBB-3924044

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

forever-florist-macau.com Cross Site Scripting vulnerability OBB-3923890

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

outfits24.de Cross Site Scripting vulnerability OBB-3923831

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

piriya-international.com Cross Site Scripting vulnerability OBB-3923731

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

mrrogerswindows.com Cross Site Scripting vulnerability OBB-3923577

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

nsvertragingen.nl Improper Access Control vulnerability OBB-3923285

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

musicplusacademy.nl Improper Access Control vulnerability OBB-3923161

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...