Nextcloud: Blind SSRF Vulnerability in Appstore Release Upload Form

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

sheinthecle.com Cross Site Scripting vulnerability OBB-4012827

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified th ...

Continue Reading

January 27, 2025

AWS VDP: CVE-2020-5902

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

TikTok: Unauthorized Access to TikTok Account [Private Videos] via API Endpoint

The vulnerability on a TikTok endpoint that allowed unauthorized viewing of videos from private accounts was discovered and reported by @datph4m. The issue was subsequently...Read More ...

Continue Reading

January 27, 2025

U.S. Dept Of Defense: XSS found in https://www.████████.mil

The security researcher found a reflected cross-site scripting (XSS) vulnerability on the www.████████.mil website. The vulnerability was demonstrated using a proof-of-concept link tha ...

Continue Reading

January 27, 2025

Internet Bug Bounty: Secrets not masked in UI when sensitive variables are set via Airflow cli

A vulnerability was discovered in Apache Airflow where sensitive variables set using the Airflow CLI were not properly masked in the UI, specifically in the Audit logs page. This issue was addressed i ...

Continue Reading

January 27, 2025

Mars: Insecure API Response Leads to Disclosure of Hashed Passwords

A security vulnerability was identified in the API of ████████. The endpoint ████████ was found to return sensitive user information, including hashed passwords, in its ...

Continue Reading

January 27, 2025

AWS VDP: Information Disclosure Due To exposed .env file (Directory Listing) at ████████

Vulnerability description not...Read More ...

Continue Reading

January 27, 2025

1 269,236 269,237 269,238 269,239 269,240 385,998

Back to Main
Subscribe for the latest news: