The aws-lambda-ecs-run-task application created a function with a role that had excessive permissions, including the AdministratorAccess policy. This allowed for potential privilege escalation by an.. ...
Continue Reading
January 28, 2025
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...
Continue Reading
January 28, 2025
The incorrect display of the download source in the Brave download alert was identified. Instead of displaying the actual source of the downloaded file, the browser displayed the referrer header value ...
Continue Reading
January 28, 2025
The Apache Airflow platform was vulnerable to sensitive information exposure in DAG run logs. Passwords, secrets, and the Fernet key were logged in plain text, which could have resulted in the disclos ...
Continue Reading
January 28, 2025
A critical vulnerability was identified in Trellix Enterprise Security Manager (ESM) version 11.6.10. The vulnerability allowed unauthenticated access to internal API endpoints through path traversal ...
Continue Reading
January 28, 2025
Vulnerability description not...Read More ...
Continue Reading
January 28, 2025
A heap-buffer-overread vulnerability was discovered in the contains_whitespace function when calling parser_validate after supplying a maliciously crafted buffer to parser_parse. The vulnerability was ...
Continue Reading
January 28, 2025
The security researcher found a reflected cross-site scripting (XSS) vulnerability on the www.████████.mil website. The vulnerability was demonstrated using a proof-of-concept link tha ...
Continue Reading
January 28, 2025
Back to Main
