The vulnerability in the Undici library involves the use of an unsafe random function to choose the boundary for a multipart/form-data request. The use of Math.random() to generate this boundary can b ...
Continue Reading
January 28, 2025
Vulnerability description not...Read More ...
Continue Reading
January 28, 2025
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...
Continue Reading
January 28, 2025
CVE-2024-41990: Potential denial-of-service in django.utils.html.urlize() A vulnerability was reported in the Django web framework's urlize() function, which could lead to a denial-of-service att ...
Continue Reading
January 28, 2025
A public Google Drive link was found to contain PDF files that exposed personally identifiable information (PII) of military personnel, including full names, social security numbers, home addresses, m ...
Continue Reading
January 28, 2025
The identified page allowed unauthorized access to a user's profile management functionality without requiring authentication. Sensitive user details, such as name, email address, and EDIPI, were ...
Continue Reading
January 28, 2025
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...
Continue Reading
January 28, 2025
The XSS vulnerability was found in the JavaScript code of the website https://███.mil. The parameter "code" was not sufficiently sanitized, allowing the injection of malicious ...
Continue Reading
January 28, 2025
Back to Main
