U.S. Dept Of Defense: XSS vulnerability found in javascript code of https://███.mil

The XSS vulnerability was found in the JavaScript code of the website https://███.mil. The parameter "code" was not sufficiently sanitized, allowing the injection of malicious ...

Continue Reading

January 27, 2025

AWS VDP: A potential risk in the cloudFrontExtensionsConsole which can be used to privilege escalation.

A potential risk was found in the cloudFrontExtensionsConsole when it was deployed in the awslabs repository on GitHub. The functions created by the application had excessive permissions that could be ...

Continue Reading

January 27, 2025

curl: bypass of this Fixed #2437131 [ Inadequate Protocol Restriction Enforcement in curl ]

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

espaimacia.cat Cross Site Scripting vulnerability OBB-4015297

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...

Continue Reading

January 27, 2025

Cosmos: Attacker can use any non-enabled capability

The Capabilites implementation in CosmWasm contracts was found to have a vulnerability. Even if the executing chain did not allow a specific capability, a CosmWasm contract could still execute actions ...

Continue Reading

January 27, 2025

Nextcloud: Blind SSRF Vulnerability in Appstore Release Upload Form

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

curl: Exploitable Format String Vulnerability in curl_mfprintf Function

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

AWS VDP: Reflected XSS on Amazon EC2 Instance

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

1 269,131 269,132 269,133 269,134 269,135 385,998

Back to Main
Subscribe for the latest news: