Internet Bug Bounty: Apache Airflow: Sensitive Information Exposure in DAG Run Logs

The Apache Airflow platform was vulnerable to sensitive information exposure in DAG run logs. Passwords, secrets, and the Fernet key were logged in plain text, which could have resulted in the disclos ...

Continue Reading

January 28, 2025

TikTok: Unauthorized Access to TikTok Account [Private Videos] via API Endpoint

The vulnerability on a TikTok endpoint that allowed unauthorized viewing of videos from private accounts was discovered and reported by @datph4m. The issue was subsequently...Read More ...

Continue Reading

January 28, 2025

U.S. Dept Of Defense: XSS vulnerability found in javascript code of https://███.mil

The XSS vulnerability was found in the JavaScript code of the website https://███.mil. The parameter "code" was not sufficiently sanitized, allowing the injection of malicious ...

Continue Reading

January 28, 2025

Flickr: Information Disclosure: .dockerignore file is publicly accessible

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

U.S. Dept Of Defense: Unauthorized Access Exposing Sensitive Data

The identified page allowed unauthorized access to a user's profile management functionality without requiring authentication. Sensitive user details, such as name, email address, and EDIPI, were ...

Continue Reading

January 28, 2025

curl: bypass of this Fixed #2437131 [ Inadequate Protocol Restriction Enforcement in curl ]

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

IBM: Exposed Logs and Bearer Tokens on Test Endpoint

Exposed Logs and Bearer Tokens on Test Endpoint were reported to IBM, analyzed, and have been...Read More ...

Continue Reading

January 28, 2025

Nextcloud: Blind SSRF Vulnerability in Appstore Release Upload Form

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

1 268,397 268,398 268,399 268,400 268,401 385,998

Back to Main
Subscribe for the latest news: