22 matches found
ios-26-activation-research
iOS 26 Activation Lock -- Documented Vulnerabilities Document...
Wordfence Intelligence Weekly WordPress Vulnerability Report (December 2, 2024 to December 8, 2024)
Time to wrap up this year and kick-off the new year with a bang! We’re wrapping up the year with ourEnd of Year Holiday Extravaganza , High-Risk Bonus Blitz Challenge , and Superhero Challenge for the Wordfence Bug Bounty Program. Through January 6th, 2025: All in-scope vulnerability types for...
Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security
Apple has publicly made available its Private Cloud Compute PCC Virtual Research Environment VRE, allowing the research community to inspect and verify the privacy and security guarantees of its offering. PCC, which Apple unveiled earlier this June, has been marketed as the "most advanced securit...
liz-am-bsz-steyr.webopac.at Cross Site Scripting vulnerability OBB-3490645
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
lautenbach.nl Cross Site Scripting vulnerability OBB-2435329
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
TikTok: Information Leakage via TikTok Ads Web Cache Deception
A theoretical web cache deception vulnerability was found on TikTok Ads, that could have resulted in information leakage if clicked on by an authenticated user. We thank @arifmkhls for reporting this to our team and confirming its resolution...
Exploit for Use After Free in Google Chrome
CVE-2021-30573-PoC-Google-Chrome Google Chrome Use After Free...
Urgent Apple iOS and macOS Updates Released to Fix Actively Exploited Zero-Days
Apple on Thursday released security updates to fix multiple security vulnerabilities in older versions of iOS and macOS that it says have been detected in exploits in the wild, in addition to expanding patches for a previously plugged security weakness abused by NSO Group's Pegasus surveillance...
root.moskva.pizzapomodoro.ru Open Redirect vulnerability
Open Bug Bounty ID: OBB-1152882 Security Researcher Gh05tPT Helped patch 6892 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting...
lifeinsurance.ru Open Redirect vulnerability
Open Bug Bounty ID: OBB-1152707 Security Researcher Gh05tPT Helped patch 6892 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting lifeinsurance.ru website...
Microsoft Offers $30K Rewards For Chromium Edge Beta Flaws
Microsoft is calling on researchers to help sniff out any security glitches in the beta version of its new Chromium-based Edge browser before officially pushing it live. The tech company has been working to build a new version of Edge based on Google’s open-source Chromium code, as opposed to its...
steeplejacks.co.uk XSS vulnerability
Open Bug Bounty ID: OBB-713244 Description| Value ---|--- Affected Website:| steeplejacks.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidd...
bsc-eoc.org XSS vulnerability
Open Bug Bounty ID: OBB-667334 Description| Value ---|--- Affected Website:| bsc-eoc.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
avguk.cleverbridge.com Open Redirect vulnerability
Open Bug Bounty ID: OBB-655514 Description| Value ---|--- Affected Website:| avguk.cleverbridge.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...
youmail.com XSS vulnerability
Open Bug Bounty ID: OBB-641541 Description| Value ---|--- Affected Website:| youmail.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden unti...
ipe.rs.gov.br XSS vulnerability
Open Bug Bounty ID: OBB-622108 Description| Value ---|--- Affected Website:| ipe.rs.gov.br Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
pirateaccess.xyz XSS vulnerability
Open Bug Bounty ID: OBB-463323 Description| Value ---|--- Affected Website:| pirateaccess.xyz Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
iservices.pt XSS vulnerability
Open Bug Bounty ID: OBB-253395 Description| Value ---|--- Affected Website:| iservices.pt Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Office 365 security researchers: Double your bounties March-May 2017
Microsoft strives to protect our customers and we’re constantly improving our security posture to meet their needs. We realize the desire of researchers and customers to security test our services to ensure they can trust us and our solutions. We also believe that if a researcher informs us of a...
[Responsible disclosure] How I could have removed all your Facebook notes
Note: This is being published with the permission of Facebook under the responsible disclosure policy. The vulnerability is now fixed. Summary: This blog post is about an Insecure direct object reference vulnerability in Facebook Notes using which attacker could have removed all your notes just b...