165 matches found
scotttruemd.com Cross Site Scripting vulnerability OBB-3230834
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Cracking the code in the boardroom
Former FBI Special Agent, Scott Augenbaum talks about how CISOs can successfully communicate with the board to implement more preventative protection...
IdentityModel 安全漏洞
Scott Brady IdentityModel is a Scott Brady open source application. A library of helper programs for tokens and encryption. A security vulnerability exists in IdentityModel before 1.3.0, which can be exploited by an attacker to modify and forge authentication tokens...
rannochscott.co.uk Cross Site Scripting vulnerability OBB-1398814
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
GHSA-JP46-FW6C-3PM9 Directory Traversal in scott-blanch-weather-app
Affected versions of scott-blanch-weather-app resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable...
Directory Traversal in scott-blanch-weather-app
Affected versions of scott-blanch-weather-app resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable...
Who’s Behind the ‘Web Listings’ Mail Scam?
In December 2018, KrebsOnSecurity looked at how dozens of U.S. political campaigns, cities and towns had paid a shady company called Web Listings Inc. after receiving what looked like a bill for search engine optimization SEO services rendered on behalf of their domain names. The story concluded...
Top 5 Reasons to Attend Qualys Security Conference 2020 San Francisco
Are you interested in exploring the profound impact of digital transformation on the security industry, and how that impact affects practitioners? Are you planning to be in San Francisco during RSA Conference week? If yes, join us at Qualys Security Conference 2020 San Francisco on February 25!...
scottmcguire.ca Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1088888 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
Arbitrary Code Execution
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...
Arbitrary Code Execution
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...
scott-blanch-weather-app path traversal vulnerability
scott-blanch-weather-app is a Node.js weather app built with Express. A path traversal vulnerability exists in scott-blanch-weather-app. An attacker can exploit this vulnerability by placing a '... /' sequence in the URL to gain access to the file system...
CVE-2017-16184
scott-blanch-weather-app is a sample Node.js app using Express 4. scott-blanch-weather-app is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...
Important: Red Hat Security Advisory: Red Hat Satellite 6 security, bug fix, and enhancement update
An update is now available for Red Hat Satellite 6.2 for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...
Motherboard Digital Security Guide
This digital security guide by Motherboard is very good. I put alongside EFF's "Surveillance Self-Defense" and John Scott-Railton's "Digital Security Low Hanging Fruit." There's also "Digital Security and Privacy for Human Rights Defenders." There are too many of these...
scott-montevideo.com.uy XSS vulnerability
Vulnerable URL: http://www.scott-montevideo.com.uy/prod.php?cat=11%27%22%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at 27.11.2017 Latest check for patch:| 27.11.2017 21:39 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...
Directory Traversal
Overview Affected versions of scott-blanch-weather-app resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the...
Microsoft Edge Scripting Engine - Memory Corruption (MS16-129) Exploit
Exploit for windows platform in category dos / poc !-- Source: http://www.security-assessment.com/files/documents/advisory/edgechakramemcorruption.pdf Name: Microsoft Edge Scripting Engine Memory Corruption Vulnerability MS16-129 CVE: CVE-2016-7202 Vendor Website: http://www.microsoft.com/ Date...
Important: Red Hat Security Advisory: Red Hat JBoss Web Server 3.0.3 Service Pack 1 security update
Updated packages that provide Red Hat JBoss Web Server 3.0.3 Service Pack 1 and fixes two security issues and a bug with ajp processors are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...
Important: Red Hat Security Advisory: Red Hat JBoss Web Server 3.0.3 Service Pack 1 security update
Updated packages that provide Red Hat JBoss Web Server 3.0.3 Service Pack 1 and fixes two security issues and a bug with ajp processors are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...