CVE-2019-18491

...

Amazon Linux AMI : patch (ALAS-2019-1312)

doedscript in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638 , but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.CVE-2018-20969 GNU patch through 2.7.6 is vulnerable to OS shell...

CVE-2017-9688

...

machinery-trader.nl Open Redirect vulnerability

Security Researcher Elicx Helped patch 30 vulnerabilities Received 2 Coordinated Disclosure badges , a holder of 2 badges for responsible and coordinated disclosure, found a security vulnerability affecting machinery-trader.nl website and its users. Following coordinated and responsible...

caltechcampuspubs.library.caltech.edu Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1001151 Security Researcher error404 Helped patch 533 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting...

microlab.at Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1001110 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Joomla! 3.4.6 - Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: Joomla! 3.4.6 - Remote Code Execution Google Dork: N/A Date: 2019-10-02 Exploit Author: Alessandro Groppo Vendor Homepage: https//www.joomla.it/ Software Link: https://downloads.joomla.org/it/cms/joomla3/3-4-6 Version: 3.0.0 --...

topcon-medical.ru Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-995906 Security Researcher metamorfosec Helped patch 1976 vulnerabilities Received 9 Coordinated Disclosure badges Received 32 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting topcon-medical.ru...

Wordpress Soliloquy Lite 2.5.6 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Soliloquy Lite 2.5.6 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\soliloquy-lite" Exploit Author: Unk9vvN Vendor Homepage: https://soliloquywp.com/ Software Link:...

acebizventures.com Improper Access Control vulnerability

Security Researcher Gh05tPT Helped patch 6844 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting acebizventures.com website and its users. Following...

[SECURITY] Fedora 30 Update: jackson-annotations-2.10.0-1.fc30

Core annotations used for value types, used by Jackson data-binding package...

3ddesign.e-monsite.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-989233 Security Researcher Gh05tPT Helped patch 6873 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting 3ddesign.e-monsite.com...

Joomla 3.4.6 Remote Code Execution

Exploit Title: Joomla 3.4.6 - 'configuration.php' Remote Code Execution Google Dork: N/A Date: 2019-10-02 Exploit Author: Alessandro Groppo @Hacktive Security Vendor Homepage: https//www.joomla.it/ Software Link: https://downloads.joomla.org/it/cms/joomla3/3-4-6 Version: 3.0.0 -- 3.4.6 Tested on:...

Fedora 31 : python38 (2019-d11594bf0a)

This is a beta preview of Python 3.8 Python 3.8 is still in development. This release, 3.8.0b4 is the last of four planned beta release previews. Beta release previews are intended to give the wider community the opportunity to test new features and bug fixes and to prepare their projects to...

Joomla! 3.4.6 - 'configuration.php' Remote Code Execution

Exploit Title: Joomla 3.4.6 - 'configuration.php' Remote Code Execution Google Dork: N/A Date: 2019-10-02 Exploit Author: Alessandro Groppo @Hacktive Security Vendor Homepage: https//www.joomla.it/ Software Link: https://downloads.joomla.org/it/cms/joomla3/3-4-6 Version: 3.0.0 -- 3.4.6 Tested on:...

RUSTSEC-2019-0030 Incorrect implementation of the Streebog hash functions

Internal update-sigma function was implemented incorrectly and depending on debug-assertions it could've caused an incorrect result or panic for certain inputs...

apripleyandco.co.uk Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-985389 Security Researcher Sameull Helped patch 272 vulnerabilities Received 3 Coordinated Disclosure badges , a holder of 3 badges for responsible and coordinated disclosure, found a security vulnerability affecting apripleyandco.co.uk website and its users. Following...

Tellion TE01-005H HomeHub Router Remote Configuration Disclosure

!/usr/bin/perl -w Tellion TE01-005H HomeHub Router Remote Configuration Disclosure Copyright 2019 c Todor Donev Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that Todor Donev is not liabl...

institucional.hcdiputados-ba.gov.ar Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-982251 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

CVE-2019-9252

In libavc there is a possible out of bounds read due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-73339042...