EUVD-2023-57358

Malicious code in bioql PyPI...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I'm speaking remotely at the Sektor 3.0 Festival in Warsaw, Poland, May 21-22, 2025. The list is maintained on this page...

warsaw.org.il Improper Access Control vulnerability OBB-3837386

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-5012

A vulnerability, which was classified as problematic, was found in Topaz OFD 2.11.0.201. This affects an unknown part of the file C:\Program Files\Topaz OFD\Warsaw\core.exe of the component Protection Module Warsaw. The manipulation leads to unquoted search path. Attacking locally is a requiremen...

Design/Logic Flaw

A vulnerability, which was classified as problematic, was found in Topaz OFD 2.11.0.201. This affects an unknown part of the file C:\Program Files\Topaz OFD\Warsaw\core.exe of the component Protection Module Warsaw. The manipulation leads to unquoted search path. Attacking locally is a requiremen...

CVE-2023-5012 Topaz OFD Protection Module Warsaw core.exe unquoted search path

A vulnerability, which was classified as problematic, was found in Topaz OFD 2.11.0.201. This affects an unknown part of the file C:\Program Files\Topaz OFD\Warsaw\core.exe of the component Protection Module Warsaw. The manipulation leads to unquoted search path. Attacking locally is a requiremen...

CVE-2023-5012

The CVE-2023-5012 issue affects Topaz OFD version 2.11.0.201, specifically the Warsaw Protection Module core.exe component located under C:\Program Files\Topaz OFD\Warsaw\core.exe. The root cause is an unquoted search path, enabling local attacker access. There is no indication of remote exploita...

Topaz Labs OFD Code Issue Vulnerability

Topaz Labs OFD is an application from Topaz Labs, Inc. A code issue vulnerability exists in Topaz Labs OFD version 2.11.0.201, which stems from an unknown section of the C:Program FilesTopaz OFDWarsawcore.exe file in the component Protection Module Warsaw, resulting in an unquoted search path...

PT-2023-31479 · Topaz Ofd · Topaz Ofd

Name of the Vulnerable Software and Affected Versions: Topaz OFD version 2.11.0.201 Description: A problematic vulnerability was found in Topaz OFD, affecting an unknown part of the file C:Program FilesTopaz OFDWarsawcore.exe of the component Protection Module Warsaw. The manipulation leads to an...

Artemis - A Modular Web Reconnaissance Tool And Vulnerability Scanner

A modular web reconnaissance tool and vulnerability scanner based on Karton https://github.com/CERT-Polska/karton. The Artemis project has been initiated by the KN Cyber science club of Warsaw University of Technology and is currently being maintained by CERT Polska. Artemis is experimental...

warsawtoolsshow.com Cross Site Scripting vulnerability OBB-3341865

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

warsawmusicacademy.pl Cross Site Scripting vulnerability OBB-3260938

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

rainsoftofwarsaw-va.com Cross Site Scripting vulnerability OBB-1326200

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

warsawsaints.com Cross Site Scripting vulnerability OBB-1219477

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Microsoft Launches Free Linux Forensics and Rootkit Malware Detection Service

Microsoft has announced a new free-to-use initiative aimed at uncovering forensic evidence of sabotage on Linux systems, including rootkits and intrusive malware that may otherwise go undetected. The cloud offering, dubbed Project Freta, is a snapshot-based memory forensic mechanism that aims to...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I'm speaking at A New Initiative for Poland in Warsaw, January 16-17, 2019. I'm speaking at the Munich Cyber Security Conference MCSC on February 14, 2019. The list is maintained on this page...

e-sklep.warszawa.mercedes-benz.pl XSS vulnerability

Open Bug Bounty ID: OBB-552334 Description| Value ---|--- Affected Website:| e-sklep.warszawa.mercedes-benz.pl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6...

CVE-2017-8216

Warsaw Huawei Smart phones with software of versions earlier than Warsaw-AL00C00B180, versions earlier than Warsaw-TL10C01B180 have a permission control vulnerability. Due to improper authorization on specific processes, an attacker with the root privilege of a mobile Android system can exploit...

CVE-2017-8216

Warsaw Huawei Smart phones with software of versions earlier than Warsaw-AL00C00B180, versions earlier than Warsaw-TL10C01B180 have a permission control vulnerability. Due to improper authorization on specific processes, an attacker with the root privilege of a mobile Android system can exploit...

CVE-2017-8173

Maya-L02,VKY-L09,VTR-L29,Vicky-AL00A,Victoria-AL00A,Warsaw-AL00 smart phones with software of earlier than Maya-L02C636B126 versions,earlier than VKY-L29C10B151 versions,earlier than VTR-L29C10B151 versions,earlier than Vicky-AL00AC00B162 versions,earlier than Victoria-AL00AC00B167 versions,earli...