Doppler: WAF bypass and java script incomplete handling of Unicode characters might leads to dom-xss

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

curl: Hackers Attack Curl Vulnerability Accessing Sensitive Information

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

Internet Bug Bounty: Apache Airflow: Sensitive Information Exposure in DAG Run Logs

The Apache Airflow platform was vulnerable to sensitive information exposure in DAG run logs. Passwords, secrets, and the Fernet key were logged in plain text, which could have resulted in the disclos ...

Continue Reading

January 28, 2025

AWS VDP: Reflected XSS on Amazon EC2 Instance

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

AWS VDP: A potential risk in the aws-lambda-ecs-run-task which can be used to privilege escalation.

The aws-lambda-ecs-run-task application created a function with a role that had excessive permissions, including the AdministratorAccess policy. This allowed for potential privilege escalation by an.. ...

Continue Reading

January 28, 2025

AWS VDP: Information Disclosure Due To exposed .env file (Directory Listing) at ████████

Vulnerability description not...Read More ...

Continue Reading

January 28, 2025

Cosmos: Attacker can use any non-enabled capability

The Capabilites implementation in CosmWasm contracts was found to have a vulnerability. Even if the executing chain did not allow a specific capability, a CosmWasm contract could still execute actions ...

Continue Reading

January 28, 2025

cmpentecoste.ce.gov.br Cross Site Scripting vulnerability OBB-4012826

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...

Continue Reading

January 28, 2025

1 268,564 268,565 268,566 268,567 268,568 385,998

Back to Main
Subscribe for the latest news: