11967 matches found
CVE-2019-5711
...
CVE-2019-5703
...
[SECURITY] Fedora 30 Update: kernel-5.4.12-100.fc30
The kernel meta package...
detectadblock.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1071096 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
geelongchamber.com.au Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1071062 Security Researcher metamorfosec Helped patch 1957 vulnerabilities Received 9 Coordinated Disclosure badges Received 31 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting geelongchamber.com.au...
golang-protobuf:jsonfuzz: Null-dereference READ with empty stacktrace
Detailed Report: https://oss-fuzz.com/testcase?key=5153923757506560 Project: golang-protobuf Fuzzing Engine: libFuzzer Fuzz Target: jsonfuzz Job Type: libfuzzerasangolang-protobuf Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x000000000000 Crash State: NULL Sanitizer: addre...
AntiCheat-Testing-Framework - Framework To Test Any Anti-Cheat
Framework to test any Anti-Cheat on the market. This can be used as Template or Code Base to test any Anti-Cheat and learn along the way. The entry level to reverse AntiCheats and Cheats is quite high, therefore, I'm realeasing all the code I developed during my research. The main idea is to help...
WordPress Plugin Time Capsule 1.21.16 - Authentication Bypass
Exploit Title: Wordpress Time Capsule Plugin 1.21.16 - Authentication Bypass Date: 2020-01-16 Exploit Author: B. Canavate Vendor Homepage: https://wptimecapsule.com/ Software Link: https://wptimecapsule.com/ Version: Wordpress Time Capsule Plugin 1.21.16 Tested on: LAMP stack with most recent...
Foxit PDF Reader JavaScript field keystroke action remote code execution vulnerability
Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user t...
ammer.holdings Improper Access Control vulnerability
Open Bug Bounty ID: OBB-1067980 Security Researcher devl00p Helped patch 2581 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting ammer.holdings website a...
access.hardwoods-inc.com Improper Access Control vulnerability
Open Bug Bounty ID: OBB-1067941 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
Huawei GaussDB Detection (Linux/Unix SSH Login)
SSH login-based detection of Huawei GaussDB. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
genomichealthjobs.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1066031 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution Exploit (2)
Exploit for multiple platform in category web applications !/usr/bin/python3 Exploits the Citrix Directory Traversal Bug: CVE-2019-19781 You only need a listener like netcat to catch the shell. Shout out to the team: Rob Simon, Justin Elze, Logan Sampson, Geoff Walton, Christopher Paschen, Kevin...
EasyBook < 1.2.2 - Multiple Vulnerabilities
Multiple vulnerabilities was discovered in the 'EasyBook – Directory & Listing WordPress Theme', tested version — v1.2.1: - Unauthenticated Reflected XSS - Authenticated Persistent XSS - IDOR December 27th, 2019 - Envato Contacted January 6th, 2020 - Envato Investigating January ??th, 2020 -...
mvca.k12.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1063454 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
CityBook < 2.3.4 - Multiple Vulnerabilities
Multiple vulnerabilities was discovered in the 'CityBook - Directory & Listing WordPress Theme', tested version — v2.3.3: - Unauthenticated Reflected XSS - Authenticated Persistent XSS - IDOR Edit WPScanTeam: December 27h, 2019 - Envato Contacted January 6th, 2020 - Envato Investigating January...
CityBook < 2.3.4 - Multiple Vulnerabilities
Multiple vulnerabilities was discovered in the 'CityBook - Directory & Listing WordPress Theme', tested version — v2.3.3: - Unauthenticated Reflected XSS - Authenticated Persistent XSS - IDOR Edit WPScanTeam: December 27h, 2019 - Envato Contacted January 6th, 2020 - Envato Investigating January...
nl.mojacarestates.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1058649 Security Researcher devl00p Helped patch 2581 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting nl.mojacarestates.com...
CVE-2019-20276
...