247 matches found
auditor-v1
๐ Web Security Auditor v2.0 Mini BurpSuite / OWASP ZAP hech...
IBM: Potential Subdomain Takeover on IBM.com domain.
A potential subdomain takeover on an IBM.com domain was reported to IBM, analyzed, and remediated...
EUVD-2017-5892
Malware in sbrugna...
EUVD-2022-0640
Malicious code in bioql PyPI...
EUVD-2024-47165
Malicious code in bioql PyPI...
Awesome-Bugbounty-Writeups
This is a curated list of bug bounty writeups, specifically focusing on various types of web application vulnerabilities. The repository is organized by vulnerability type, with sections for Cross-Site Scripting XSS, Cross-Site Request Forgery CSRF, Clickjacking, Local File Inclusion LFI, Subdoma...
CVE-2023-36474
Interactsh is an open-source tool for detecting out-of-band interactions. Domains configured with interactsh server prior to version 1.0.0 were vulnerable to subdomain takeover for a specific subdomain, i.e app. Interactsh server used to create cname entries for app pointing to...
CVE-2024-5528
An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages...
BIT-GITLAB-2024-5528 Incomplete Comparison with Missing Factors in GitLab
An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages...
CVE-2024-5528
An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages...
UBUNTU-CVE-2024-5528
An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages...
CVE-2024-5528 Incomplete Comparison with Missing Factors in GitLab
An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages...
CVE-2024-5528
CVE-2024-5528 affects GitLab CE/EE: subdomain takeover in GitLab Pages. Affected versions are: all prior to 16.11.6; 17.0 prior to 17.0.4; and 17.1 prior to 17.1.2. The issue is fixed by upgrading to 16.11.6 or newer, 17.0.4 or newer, and 17.1.2 or newer, respectively (GitLab patch releases exist...
CVE-2024-5528
Removed by vendor...
CVE-2024-5528 Incomplete Comparison with Missing Factors in GitLab
An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages...
Mozilla: Subdomain takeover on a subdomain under firefox.com
The subdomain โโโโ was vulnerable to a subdomain takeover due to its CNAME record pointing to a Fastly-hosted service that was not registered with Fastly. This allowed the researcher to claim and take control of the subdomain...
Mozilla: [ addons-preview-cdn.mozilla.net ] A subdomain takeover is available via unregistered domain in Fastly
The domain addons-preview-cdn.mozilla.net was found to CNAME resolve to addons.allizom.org, which was hosted on Fastly's service. The domain addons-preview-cdn.mozilla.net was not registered within Fastly, resulting in a "Fastly error: unknown domain" message. The vulnerability was demonstrated b...
GO-2022-0372 Subdomain Takeover in Interactsh server in github.com/projectdiscovery/interactsh
Subdomain Takeover in Interactsh server in github.com/projectdiscovery/interactsh...
FreeBSD : Gitlab -- vulnerabilities (acb4eab6-3f6d-11ef-8657-001b217b3468)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the acb4eab6-3f6d-11ef-8657-001b217b3468 advisory. Gitlab reports: An attacker can run pipeline jobs as an arbitrary user Developer user with...
PT-2024-36503 ยท Gitlab ยท Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 16.11.6 GitLab CE/EE versions 17.0 through 17.0.3 GitLab CE/EE versions 17.1 through 17.1.1 Description: An issue was discovered in GitLab CE/EE which allows a subdomain takeover in GitLab Pages. Recommendations...