boudreauxsnoda.com Cross Site Scripting vulnerability OBB-2736709

Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...

Continue Reading

July 06, 2022

Improper handling of email input

### Impact An attacker can pass a compromised input to the e-mail [signin endpoint](https://next-auth.js.org/getting-started/rest-api#post-apiauthsigninprovider) that contains some malicious HTML, tri ...

Continue Reading

July 06, 2022

Malformed CAR panics and excessive memory usage

### Impact **Versions impacted** * `=` [email protected] * `>=` [email protected] **Description of user-facing changes** ***[email protected]*** imposes a fixed maximum header length and section length of 32 ...

Continue Reading

July 06, 2022

CVE-2022-31127

NextAuth.js is a complete open source authentication solution for Next.js applications. An attacker can pass a compromised input to the e-mail [signin endpoint](https://next-auth.js.org/getting-starte ...

Continue Reading

July 06, 2022

CVE-2022-34597

Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the function WanParameterSetting.Read More ...

Continue Reading

July 06, 2022

CVE-2022-34598

The udpserver in H3C Magic R100 V200R004 and V100R005 has the 9034 port opened, allowing attackers to execute arbitrary commands.Read More ...

Continue Reading

July 06, 2022

CVE-2022-33737

The OpenVPN Access Server installer creates a log file readable for everyone, which from version 2.10.0 and before 2.11.0 may contain a random generated admin passwordRead More ...

Continue Reading

July 06, 2022

CVE-2022-33738

OpenVPN Access Server before 2.11 uses a weak random generator used to create user session token for the web portalRead More ...

Continue Reading

July 06, 2022

1 93,371 93,372 93,373 93,374 93,375 96,603

Back to Main
Subscribe for the latest news: