Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...
Continue Reading21 февраля, 2023
An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The ruby-find-library-file function is an interacti ...
Continue Reading21 февраля, 2023
Missing Authentication for Critical Function in SICK FX0-GPNT v3 Firmware Version V3.04 and V3.05 allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously craf ...
Continue Reading21 февраля, 2023
An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external ...
Continue Reading21 февраля, 2023
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation ...
Continue Reading21 февраля, 2023
Erxes, an experience operating system (XOS) with a set of plugins, is vulnerable to cross-site scripting in versions 0.22.3 and prior. This results in client-side code execution. The victim must follo ...
Continue Reading21 февраля, 2023
Missing Authentication for Critical Function in SICK FX0-GENT v3 Firmware Version V3.04 and V3.05 allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously craf ...
Continue Reading21 февраля, 2023
JD-GUI 1.6.6 allows deserialization via UIMainWindowPreferencesProvider.singleInstance.Read More ...
Continue Reading21 февраля, 2023
Back to Main