Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...
Continue Reading
October 17, 2022
# CVE-2022-42889-MASS-RCE (another LOG4SHELL) Mass exploitation ...Read More ...
Continue Reading
October 17, 2022
This vulnerability could allow a remote attacker to execute remote commands with improper validation of parameters of certain API constructors. Remote attackers could use this vulnerability to execute ...
Continue Reading
October 17, 2022
A flaw was found in Wordpress 5.1. "X-Forwarded-For" is a HTTP header used to carry the client's original IP address. However, because these headers may very well be added by the client to the request ...
Continue Reading
October 17, 2022
An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants in Hawkular Metrics and projects/namespaces in OpenShift. If a user creates a project called "MyProject ...
Continue Reading
October 17, 2022
A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete enabled which may lead to leak of credentials.Read More ...
Continue Reading
October 17, 2022
A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Conso ...
Continue Reading
October 17, 2022
A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control ove ...
Continue Reading
October 17, 2022
Back to Main
