maisoncultureinnue.com Improper Access Control vulnerability OBB-3804445

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Adobe Coldfusion vulnerability used in attacks on government servers

The Cybersecurity and Infrastructure Security Agency CISA put out a Cybersecurity Advisory CSA to alert government agencies about cybercriminals using a vulnerability in Adobe Coldfusion to gain initial access to servers. Adobe ColdFusion is a platform for building and deploying web and mobile...

leportdelimeuil.com Improper Access Control vulnerability OBB-3803652

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

jordansresidence.com Improper Access Control vulnerability OBB-3802111

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

glugulp.com Improper Access Control vulnerability OBB-3800172

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Null pointer dereference

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling loadpempkcs7certificates or loadderpkcs7certificates could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service...

dereformaenalicante.com Improper Access Control vulnerability OBB-3797184

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

compliancerecruitment.com Improper Access Control vulnerability OBB-3796134

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

101civitasurso.com Improper Access Control vulnerability OBB-3791129

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Path traversal

Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup.cgi was vulnerable to path traversal attacks that allows for file deletion. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. The impact...

palmvale.com.au Improper Access Control vulnerability OBB-3782737

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

raysa.com.ar Improper Access Control vulnerability OBB-3781321

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Security update for jhead (moderate)

openSUSE Security Update: Security update for jhead Announcement ID: openSUSE-SU-2023:0371-1 Rating: moderate References: 1207150 Cross-References: CVE-2022-41751 CVSS scores: CVE-2022-41751 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP5 An...

CVE-2023-47630 Attacker can cause Kyverno user to unintentionally consume insecure image

Kyverno is a policy engine designed for Kubernetes. An issue was found in Kyverno that allowed an attacker to control the digest of images used by Kyverno users. The issue would require the attacker to compromise the registry that the Kyverno users fetch their images from. The attacker could then...

thomasmuenz.de Improper Access Control vulnerability OBB-3780308

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2023-7370 · Adobe · After Effects

Name of the Vulnerable Software and Affected Versions: Adobe After Effects versions 24.0.2 and earlier Adobe After Effects versions 23.6 and earlier Description: The issue is related to an out-of-bounds read vulnerability in Adobe After Effects when parsing a crafted file. This could result in a...

PT-2023-6942

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the November 2023 patch Description A security-feature bypass vulnerability in Microsoft Windows SmartScreen allows attackers to bypass security measures, potentially leading to the execution of malicious...

fernandobuscaglia.com.ar Improper Access Control vulnerability OBB-3779750

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CLSA-2023-1699908139 exim: Fix of CVE-2022-3559

CVE-2022-3559: Fix $regex use-after-free...

darrylmappin.com Cross Site Scripting vulnerability OBB-3774447

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...