Flickr: Information Disclosure: .dockerignore file is publicly accessible

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

AWS VDP: Information Disclosure Due To exposed .env file (Directory Listing) at ████████

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

Cosmos: Attacker can use any non-enabled capability

The Capabilites implementation in CosmWasm contracts was found to have a vulnerability. Even if the executing chain did not allow a specific capability, a CosmWasm contract could still execute actions ...

Continue Reading

January 27, 2025

XVIDEOS: Stored XSS via SMTP Error Message

A Stored Cross-Site Scripting (XSS) vulnerability was identified on the /account/email page for www.xvideos.com. The vulnerability arose from the improper handling of SMTP error messages, which were p ...

Continue Reading

January 27, 2025

U.S. Dept Of Defense: Unauthorized Access Exposing Sensitive Data

The identified page allowed unauthorized access to a user's profile management functionality without requiring authentication. Sensitive user details, such as name, email address, and EDIPI, were ...

Continue Reading

January 27, 2025

curl: CVE-2024-11053: netrc + redirect credential leak

CVE-2024-11053 was a logic flaw in Curl that resulted in a credential leak during redirects. The issue was caused by the way Curl processed netrc credentials when performing redirects. Under certain c ...

Continue Reading

January 27, 2025

tutorialsplane.com Cross Site Scripting vulnerability OBB-4012819

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...

Continue Reading

January 27, 2025

AWS VDP: Reflected XSS on Amazon EC2 Instance

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

1 269,011 269,012 269,013 269,014 269,015 385,998

Back to Main
Subscribe for the latest news: