soap is vulnerable to information disclosure. The vulnerability exists due to the lack of restrictions in the XML external entity reference of the library, allowing an attacker to read arbitrary files ...
Continue Reading28 сентября, 2022
nheko is a desktop client for the Matrix communication application. All versions below 0.10.2 are vulnerable homeservers inserting malicious secrets, which could lead to man-in-the-middle attacks. Use ...
Continue Reading28 сентября, 2022
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.Read More ...
Continue Reading28 сентября, 2022
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or ...
Continue Reading28 сентября, 2022
Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...
Continue Reading28 сентября, 2022
This is the LibOFX library. It is a API designed to allow applications to very easily support OFX command responses, usually provided by financial institutions. See https://www.ofx.net/ofx/default.as ...
Continue Reading28 сентября, 2022
Researchers at Cluster25 have [published research]() about exploit code that's triggered when a user moves their mouse over a link in a booby-trapped PowerPoint presentation. The code starts a PowerSh ...
Continue Reading28 сентября, 2022
Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...
Continue Reading28 сентября, 2022
Back to Main