virno.it Cross Site Scripting vulnerability OBB-3558569

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Unleash Spring apps in a flex environment with Azure Spring Apps Consumption and Dedicated plans

In March, we introduced the Consumption pricing plan for Azure Spring Apps allowing you to start from zero and scale to zero vCPU. Today, we are thrilled to announce the public preview of the Standard Dedicated plan! The Standard Dedicated plan provides a fully managed, dedicated environment for...

Serious Unpatched Vulnerability Uncovered in Popular Belkin Wemo Smart Plugs

The second generation version of Belkin's Wemo Mini Smart Plug has been found to contain a buffer overflow vulnerability that could be weaponized by a threat actor to inject arbitrary commands remotely. The issue, assigned the identifier CVE-2023-27217, was discovered and reported to Belkin on...

martincleis.de Cross Site Scripting vulnerability OBB-3265323

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

civilization.org.pl Cross Site Scripting vulnerability OBB-3250924

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Ransomware attacks targeting VMware ESXi servers: everything you need to know

Recent attacks leverage CVE-2021-21974 to install ransomware on VMWare ESXi servers. Security teams are advised to patch and stay vigilant for indicators of compromise...

uepg.br Cross Site Scripting vulnerability OBB-3116258

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

tottyrealty.com Cross Site Scripting vulnerability OBB-3104434

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

faxinal.sc.gov.br Cross Site Scripting vulnerability OBB-2625255

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

How We’re Protecting Customers & Staying Ahead of CVE-2021-44228

CVE-2021-44228 is a high profile vulnerability impacting multiple versions of a widely distributed Java software component, Apache Log4j 2. The specific vulnerability allows for unauthenticated remote code execution. For additional technical information, the team at LunaSec has an excellent...

New Mac malware raises more questions about Apple’s security patching

Apples reputation on security has been taking a beating lately. As mentioned in some of our previous coverage, security researcher Joshua Long recently shone a light on problems with Apples security patching strategy. His findings showed a shocking number of cases where Apple patched a...

Security Bulletin: Public disclosed vulnerability from OpenSSL affects IBM Netezza Host Management

Summary OpenSSL is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the GENERALNAMEcmp function contain ...

Security Bulletin: Publicly disclosed vulnerabilities from Bind affect IBM Netezza Host Management

Summary Bind is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-25215 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an assertion failure while answering queries for DNAME records. By...

WooCommerce Pricing Plugin Allows Malicious Code-Injection

A pair of security vulnerabilities in the WooCommerce Dynamic Pricing and Discounts plugin from Envato could allow unauthenticated attackers to inject malicious code into websites running unpatched versions. This can result in a variety of attacks, including website redirections to phishing pages...

All Vulnerabilities for moodle.chnu.edu.ua Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Security Bulletin: tzdata has been updated to tzdata-2020d to address Fiji and Palestine time zone changes

Summary tzdata is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed Fiji and Palestine time zone changes Vulnerability Details Third Party Entry: 192369 DESCRIPTION: tzdata package for Debian Unspecified CVSS Base score: 5.3 CVSS Temporal Score: See:...

Security Bulletin: Publicly disclosed vulnerability from Bind affects IBM Netezza Host Management

Summary Bind is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-8622 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an assertion failure when attempting to verify a truncated response t...

chinafortune.org.hk Cross Site Scripting vulnerability OBB-1406172

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Security Bulletin: Publicly disclosed vulnerability from Qemu affects IBM Netezza Host Management

Summary Open Source Qemu is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-14364 DESCRIPTION: Xen could allow a local attacker to gain elevated privileges on the system, caused by an out-of-bounds read/write...

koratech.co.kr Cross Site Scripting vulnerability OBB-1390979

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...