2754 matches found
CVE-2021-43786 API token verification can be bypassed
Nodebb is an open source Node.js based forum software. In affected versions incorrect logic present in the token verification step unintentionally allowed master token access to the API. The vulnerability has been patch as of v1.18.5. Users are advised to upgrade as soon as possible...
PT-2021-7057 · Anker · Anker Eufy Homebase 2
Name of the Vulnerable Software and Affected Versions: Anker Eufy Homebase 2 version 2.1.6.9h Description: An authentication bypass issue exists in the get aes key info by packetid function of the home security binary. This is due to a limited number of possible random values. An attacker can...
Windows Installer vulnerability becomes actively exploited zero-day
Sometimes the ways in which malicious code gets in the hands of cybercriminals is frustrating for those in the industry, and incomprehensible to those on the outside. A quick summary of the events in the history of this exploit: A researcher found a flaw in Windows Installer that would allow an...
All Vulnerabilities for qpl.dot.ga.gov Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| qpl.dot.ga.gov ---|--- Open Bug Bounty...
All Vulnerabilities for partnerweb16dev.usda.gov Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
PT-2021-5121
Name of the Vulnerable Software and Affected Versions Microsoft Windows Server versions prior to the patchday that contains the fix for the vulnerability Description The issue is related to an elevation-of-privilege vulnerability in Microsoft Active Directory Domain Services. This vulnerability i...
thewilsonfoundation.org.uk Improper Access Control vulnerability OBB-2227898
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
OPENSUSE-SU-2021:1439-1 Security update for transfig
This update for transfig fixes the following issues: Update to fig2dev version 3.2.8 Patchlevel 8b Aug 2021 - bsc1190618, CVE-2020-21529: stack buffer overflow in the bezierspline function in genepic.c. - bsc1190615, CVE-2020-21530: segmentation fault in the readobjects function in read.c. -...
mytraffictickets.com Improper Access Control vulnerability OBB-2220396
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CLSA-2021-1635459139 Fix CVE(s): CVE-2018-6323, CVE-2017-8421, CVE-2017-15024, CVE-2017-15025, CVE-2017-15022, CVE-2017-15020, CVE-2017-15021, CVE-2017-15225, CVE-2018-18483, CVE-2017-15996, CVE-2018-18484, CVE-2017-12799, CVE-2017-16831, CVE-2017-16832, CVE-2018-1000876, CVE-2018-7208, CVE-2019-14250, CVE-2017-12967, CVE-2019-9075, CVE-2017-17080, CVE-2019-9074, CVE-2018-17794, CVE-2017-17125, CVE-2017-17124, CVE-2017-17121, CVE-2017-6969, CVE-2017-17123, CVE-2018-17358, CVE-2017-6965, CVE-2017-6966, CVE-2018-12641, CVE-2018-8945, CVE-2017-7299, CVE-2018-12699, CVE-2018-10372, CVE-2018-10373, CVE-2019-17451, CVE-2019-17450, CVE-2018-18701, CVE-2018-18700, CVE-2017-7210, CVE-2018-20623, CVE-2017-15938, CVE-2017-15939, CVE-2017-9039, CVE-2017-9038, CVE-2017-14940, CVE-2018-17985, CVE-2018-12700, CVE-2017-9742, CVE-2017-9745, CVE-2017-9744, CVE-2017-9747, CVE-2017-7209, CVE-2017-9749, CVE-2017-9748, CVE-2018-9138, CVE-2017-16828, CVE-2017-16827, CVE-2017-16826, CVE-2017-7614, CVE-2018-6759, CVE-2016-4491, CVE-2017-9044, CVE-2017-9746, CVE-2017-9042, CVE-2017-9040, CVE-2017-9041, CVE-2017-9752, CVE-2017-9753, CVE-2017-9750, CVE-2017-9751, CVE-2017-9756, CVE-2016-4493, CVE-2017-9754, CVE-2017-9755, CVE-2016-4492, CVE-2018-19932, CVE-2017-12458, CVE-2017-12459, CVE-2018-18606, CVE-2018-18607, CVE-2018-18605, CVE-2017-12452, CVE-2017-12453, CVE-2017-12450, CVE-2017-12451, CVE-2017-12456, CVE-2016-4490, CVE-2017-12454, CVE-2017-12455, CVE-2019-14444, CVE-2016-2226, CVE-2017-7224, CVE-2017-7225, CVE-2017-7226, CVE-2017-7227, CVE-2018-18309, CVE-2017-7223, CVE-2017-12449, CVE-2017-12448, CVE-2016-4488, CVE-2016-4489, CVE-2018-17359, CVE-2016-4487, CVE-2018-20671, CVE-2018-20002, CVE-2017-14128, CVE-2017-14129, CVE-2018-7568, CVE-2018-7569, CVE-2017-7302, CVE-2017-7301, CVE-2017-7300, CVE-2018-12934, CVE-2017-8394, CVE-2018-7643, CVE-2018-7642, CVE-2018-17360, CVE-2019-12972, CVE-2018-13033, CVE-2018-19931, CVE-2018-10534, CVE-2018-10535, CVE-2019-9077, CVE-2019-9071, CVE-2019-9070, CVE-2019-9073, CVE-2017-14333, CVE-2018-12698, CVE-2017-14130, CVE-2018-12697, CVE-2018-6543, CVE-2017-9954, CVE-2017-12457, CVE-2017-14939, CVE-2017-14938, CVE-2017-14932, CVE-2017-14930, CVE-2017-8398, CVE-2017-8393, CVE-2017-8395, CVE-2017-14529, CVE-2017-8397, CVE-2017-8396, CVE-2017-13710, CVE-2016-6131
SECURITY UPDATE: - CVE-.patch: backported many upstream patches to fix security issues. - CVE-2016-2226, CVE-2016-4487, CVE-2016-4488, CVE-2016-4489, CVE-2016-4490, CVE-2016-4492, CVE-2016-4493, CVE-2016-6131, CVE-2016-4491, CVE-2017-6965, CVE-2017-6966, CVE-2017-6969, CVE-2017-7209, CVE-2017-721...
redistributioncenter.org Improper Access Control vulnerability OBB-2209240
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
All Vulnerabilities for carscoops.com Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| carscoops.com ---|--- Open Bug Bounty...
tabletcim.com Improper Access Control vulnerability OBB-2202172
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
onlineunlocks.com Improper Access Control vulnerability OBB-2198702
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CLSA-2021-1634922397 Fixed CVE-2020-8284 in curl
trusting FTP PASV responses CVE-2020-8284...
PT-2021-7628 · Ncurses +8 · Ncurses +8
Name of the Vulnerable Software and Affected Versions: ncurses versions 6.3 through 6.3 before patch 20220416 Description: The issue is related to an out-of-bounds read and segmentation violation in the convert strings function in tinfo/read entry.c within the terminfo library. This can allow an...
CVE-2021-40991
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager versions: ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released...
gerbangkurikulum.sma.kemdikbud.go.id Cross Site Scripting vulnerability OBB-2157847
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
jira.oakley.com Cross Site Scripting vulnerability OBB-2154001
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
All Vulnerabilities for cdaction.pl Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| cdaction.pl ---|--- Open Bug Bounty...