Mozilla: Denial of Access to Static Resources via Cache Poisoning on addons.allizom.org

A cache poisoning vulnerability was identified on addons.allizom.org that allowed an attacker to block access to static resources such as images and JavaScript files. The issue was exploited by proces ...

Continue Reading

January 27, 2025

Nextcloud: Blind SSRF Vulnerability in Appstore Release Upload Form

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

AWS VDP: Information Disclosure Due To exposed .env file (Directory Listing) at ████████

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

AWS VDP: A potential risk in the experimental-programmatic-access-ccft which can be used to privilege escalation.

The experimental-programmatic-access-ccft application created a function with an associated role that was assigned policies with overly broad "sts:AssumeRole" permissions for &qu ...

Continue Reading

January 27, 2025

cmpentecoste.ce.gov.br Cross Site Scripting vulnerability OBB-4012826

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...

Continue Reading

January 27, 2025

curl: Exploitable Format String Vulnerability in curl_mfprintf Function

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

Localize: open redirected by host header

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

Internet Bug Bounty: [CVE-2024-47888] Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text

There is a possible ReDoS vulnerability in the plain_text_for_blockquote_node helper in Action Text. This vulnerability has been assigned the CVE identifier CVE-2024-47888. Carefully crafted text was ...

Continue Reading

January 27, 2025

1 268,967 268,968 268,969 268,970 268,971 385,998

Back to Main
Subscribe for the latest news: