Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...
Continue ReadingAugust 07, 2023
Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...
Continue ReadingAugust 07, 2023
# Description Bad actor can send to victims link (ie. obfuscated) with payload /signout and when victims will use it - can change the state of user (logged in/logged out). # Proof of Concept Payload: ...
Continue ReadingAugust 07, 2023
### Overview Freewill Solutions IFIS new trading web application version 20.01.01.04 is vulnerable to unauthenticated remote code execution. Successful exploitation of this vulnerability allows an att ...
Continue ReadingAugust 07, 2023
A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing ...
Continue ReadingAugust 07, 2023
In Gitea through 1.17.1, repo cloning can occur in the migration function.Read More ...
Continue ReadingAugust 07, 2023
Directory Traversal vulnerability in Textpattern CMS v4.8.8 allows a remote authenticated attacker to execute arbitrary code and gain access to sensitive information via the plugin Upload function.Rea ...
Continue ReadingAugust 07, 2023
An out-of-bounds memory access flaw was found in the Linux kernelâs do_journal_end function when the fails array-index-out-of-bounds in fs/reiserfs/journal.c could happen. This flaw allows a loca ...
Continue ReadingAugust 07, 2023
Back to Main