### Impact The gatsby-plugin-mdx plugin prior to versions 3.15.2 and 2.14.1 passes input through to the `gray-matter` npm package, which is vulnerable to JavaScript injection in its default configurat ...

Continue Reading

June 03, 2022

Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...

Continue Reading

June 03, 2022

Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...

Continue Reading

June 03, 2022

Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...

Continue Reading

June 03, 2022

[![](https://blogger.googleusercontent.com/img/a/AVvXsEjFiqtTKKMCShzFHl0nh1VOZ4pPzz5U5IsfKFLdm2HXUDsuw2cvkSalbZuBn7EEtyyRGTO3O8LN-kjNg4zigrz2lgyj3sB4xf1LEdILLCOSzw30N-7WsBlkUJnY-tfJLwhGzmfzM0-LZJs_444 ...

Continue Reading

June 03, 2022

Multiple vulnerabilities vulnerability in Drupal SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider in certain non-default configurations allow a malicious user to login as any chosen user. The ...

Continue Reading

June 03, 2022

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.) without authorization through getSysStatusCfg.Read More ...

Continue Reading

June 03, 2022

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can start telnet without authorization because the default username and password exists in the firmware.Read More ...

Continue Reading

June 03, 2022