A vulnerability was discovered in Apache Airflow where sensitive variables set using the Airflow CLI were not properly masked in the UI, specifically in the Audit logs page. This issue was addressed i ...
Continue Reading
January 28, 2025
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...
Continue Reading
January 28, 2025
A potential risk was found in the cloudFrontExtensionsConsole when it was deployed in the awslabs repository on GitHub. The functions created by the application had excessive permissions that could be ...
Continue Reading
January 28, 2025
The experimental-programmatic-access-ccft application created a function with an associated role that was assigned policies with overly broad "sts:AssumeRole" permissions for &qu ...
Continue Reading
January 28, 2025
CVE-2024-41990: Potential denial-of-service in django.utils.html.urlize() A vulnerability was reported in the Django web framework's urlize() function, which could lead to a denial-of-service att ...
Continue Reading
January 28, 2025
The vulnerability on a TikTok endpoint that allowed unauthorized viewing of videos from private accounts was discovered and reported by @datph4m. The issue was subsequently...Read More ...
Continue Reading
January 28, 2025
The Tumblr website was affected by an open redirect vulnerability that allowed an attacker to redirect users to a specified URL through the "redirect_to" parameter. This vulnerabilit ...
Continue Reading
January 28, 2025
The security researcher found a reflected cross-site scripting (XSS) vulnerability on the www.████████.mil website. The vulnerability was demonstrated using a proof-of-concept link tha ...
Continue Reading
January 28, 2025
Back to Main
