11967 matches found
usapaint.co.kr Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1057232 Security Researcher error404 Helped patch 526 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting usapaint.co.kr website and...
Sony Playstation 4 (PS4) 6.72 - WebKit Code Execution (PoC)
Sony Playstation 4 PS4 6.72 - WebKit Code Execution PoC / badhoist ============ Exploit implementation of CVE-2018-4386. Obtains addrof/fakeobj and arbitrary read/write primitives. Supports PS4 consoles on 6.XX. May also work on older firmware versions, but I am not sure. Bug was fixed in firmwar...
CVE-2019-4997
...
CVE-2019-4999
CVE-2019-4999 entry is rejected/not used and does not represent an active vulnerability.
CVE-2019-4957
...
CVE-2019-4933
...
CVE-2019-4823
...
CVE-2019-4839
...
CVE-2019-4825
...
CVE-2019-4828
...
CVE-2019-4763
...
Exploit for Code Injection in Vbulletin
Mass-Pwn-vBulletin Identify vulnerable RCE vBulletin 5.0.0 -...
silvertentacle.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1051963 Security Researcher howardpotts Helped patch 258 vulnerabilities Received 3 Coordinated Disclosure badges Received 1 recommendations , a holder of 3 badges for responsible and coordinated disclosure, found a security vulnerability affecting silvertentacle.com websi...
CVE-2019-16781 Stored cross-site scripting (XSS) in WordPress block editor
In WordPress before 5.3.1, authenticated users with lower privileges like contributors can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admin opening the affected post in the editor leading to XSS...
Chinese Hackers Bypassing Two-Factor Authentication
Interesting story of how a Chinese state-sponsored hacking group is bypassing the RSA SecurID two-factor authentication system. How they did it remains unclear; although, the Fox-IT team has their theory. They said APT20 stole an RSA SecurID software token from a hacked system, which the Chinese...
The Decade Big-Money Email Scams Took Over
In the last few years, the "Nigerian prince" scams have gotten a major upgrade...
CVE-2019-5566
...
CVE-2019-5569
...
CVE-2019-5552
...
Red Hat JBoss Enterprise Application Platform 7.x < 7.2.5 Multiple Vulnerabilities
The version of Red Hat JBoss Enterprise Application Platform EAP installed on the remote host is 7.x prior to 7.2.5. It is therefore, affected my multiple vulnerabilities as referenced in the RHSA-2019:4021 advisory: - undertow: HTTP/2: large amount of data requests leads to denial of service...