722 matches found
smanuals.com Cross Site Scripting vulnerability OBB-3714774
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Withdrawn Advisory: Mobile Security Framework (MobSF) Vulnerable to Insecure Permissions
Withdrawn Advisory This advisory has been withdrawn because the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for example, use a reverse proxy server...
GHSA-CC8J-6PHR-JV9X Withdrawn Advisory: Mobile Security Framework (MobSF) Vulnerable to Insecure Permissions
Withdrawn Advisory This advisory has been withdrawn because the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for example, use a reverse proxy server...
CVE-2023-42261
Mobile Security Framework MobSF =v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for example,...
PYSEC-2023-310
Mobile Security Framework MobSF =v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for example,...
PYSEC-2023-310
Mobile Security Framework MobSF =v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for example,...
CVE-2023-42261
Mobile Security Framework MobSF =v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for example,...
Mobile Security Framework Security Vulnerability
Mobile Security Framework MobSF is Mobile Security Framework open source an automated all-in-one mobile application . Used for penetration testing, malware analysis and security assessments, it is capable of performing both static and dynamic analysis. A security vulnerability exists in Mobile...
CVE-2023-42261
CVE-2023-42261 affects Mobile Security Framework (MobSF)
PT-2023-28302 · Unknown · Mobile Security Framework
Name of the Vulnerable Software and Affected Versions: Mobile Security Framework MobSF versions =3.7.8 Beta Description: The issue is related to Insecure Permissions. The vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted...
wander-bahnhoefe-brandenburg.de Cross Site Scripting vulnerability OBB-3687498
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
USN-6352-1: Apache Shiro vulnerabilities
It was discovered that Apache Shiro incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to bypass security restrictions. CVE-2020-13933, CVE-2020-17510...
CVE-2023-41050 Information disclosure through Python's "format" functionality in Zope AccessControl
AccessControl provides a general security framework for use in Zope. Python's "format" functionality allows someone controlling the format string to "read" objects accessible recursively via attribute access and subscription from accessible objects. Those attribute accesses and subscriptions use...
CVE-2023-41050
CVE-2023-41050 concerns Zope’s AccessControl. The issue arises when Python’s format functionality can cause format strings to access objects recursively via normal getattr/getitem, bypassing restricted variants and leading to information disclosure. Affected are scenarios where untrusted users ca...
CVE-2023-41050 Information disclosure through Python's "format" functionality in Zope AccessControl
AccessControl provides a general security framework for use in Zope. Python's "format" functionality allows someone controlling the format string to "read" objects accessible recursively via attribute access and subscription from accessible objects. Those attribute accesses and subscriptions use...
Exposure of Sensitive Information to an Unauthorized Actor
AccessControl provides a general security framework for use in Zope. Python's "format" functionality allows someone controlling the format string to "read" objects accessible recursively via attribute access and subscription from accessible objects. Those attribute accesses and subscriptions use...
multiland.cz Cross Site Scripting vulnerability OBB-3593762
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Cyber Signals: Sporting events and venues draw cyberthreats at increasing rates
Today we released the fifth edition of Cyber Signals, spotlighting threats to large venues, and sporting and entertainment events, based on our learnings and telemetry from delivering cybersecurity support to critical infrastructure facilities during the State of Qatar’s hosting of the FIFA World...
msjanitorialservices.com Cross Site Scripting vulnerability OBB-3566042
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
autolife.se Cross Site Scripting vulnerability OBB-3556537
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...