AWS VDP: Information Disclosure Due To exposed .env file (Directory Listing) at ████████

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

AWS VDP: Reflected XSS on Amazon EC2 Instance

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

Doppler: WAF bypass and java script incomplete handling of Unicode characters might leads to dom-xss

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

tutorialsplane.com Cross Site Scripting vulnerability OBB-4012819

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...

Continue Reading

January 27, 2025

curl: When curl uses Schannel as TLS backend, it fails to enforce TLS 1.3 cipher suite selections correctly

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

Flickr: Information Disclosure: .dockerignore file is publicly accessible

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

AWS VDP: A potential risk in the experimental-programmatic-access-ccft which can be used to privilege escalation.

The experimental-programmatic-access-ccft application created a function with an associated role that was assigned policies with overly broad "sts:AssumeRole" permissions for &qu ...

Continue Reading

January 27, 2025

Trellix: Unauthenticated Path Traversal and Command Injection in Trellix Enterprise Security Manager 11.6.10

A critical vulnerability was identified in Trellix Enterprise Security Manager (ESM) version 11.6.10. The vulnerability allowed unauthenticated access to internal API endpoints through path traversal ...

Continue Reading

January 27, 2025

1 268,807 268,808 268,809 268,810 268,811 385,998

Back to Main
Subscribe for the latest news: