A heap-buffer-overread vulnerability was discovered in the contains_whitespace function when calling parser_validate after supplying a maliciously crafted buffer to parser_parse. The vulnerability was ...
Continue Reading
January 27, 2025
The XSS vulnerability was found in the JavaScript code of the website https://███.mil. The parameter "code" was not sufficiently sanitized, allowing the injection of malicious ...
Continue Reading
January 27, 2025
There is a possible ReDoS vulnerability in the plain_text_for_blockquote_node helper in Action Text. This vulnerability has been assigned the CVE identifier CVE-2024-47888. Carefully crafted text was ...
Continue Reading
January 27, 2025
The POST-based Cross-Site Scripting vulnerability on the IBM research endpoint was reported, analyzed, and remediated. The vulnerability was discovered by an external...Read More ...
Continue Reading
January 27, 2025
The HackerOne email change process was found to have a vulnerability where the system automatically verifies the email address if the verification link is opened in any browser, even by email scanning ...
Continue Reading
January 27, 2025
Exposed Logs and Bearer Tokens on Test Endpoint were reported to IBM, analyzed, and have been...Read More ...
Continue Reading
January 27, 2025
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...
Continue Reading
January 27, 2025
The experimental-programmatic-access-ccft application created a function with an associated role that was assigned policies with overly broad "sts:AssumeRole" permissions for &qu ...
Continue Reading
January 27, 2025
Back to Main
