Home
Report states that one could claim any business by just substituting the business' phone number with theirs during the claim flow. This is not correct, as the number enter is internally verified and, therefore, the claim process eventually fails.
An ever-growing aggregation of the open source tools we developed to meet the needs of our services and product development teams.
## Summary:
Hi jetblue Security Team.
I Found that this domain `` using Apache Tomcat/6.0.35 , And i was able to login to https:///manager/html With default credentials `tomcat:tomcat`
See the following Screenshots:-
## Steps To Reproduce:
1. Go To https:///manager/html
2. Login with default creds `tomcat:tomcat`
## Supporting Material/References:
-...
gts3.org
February 02 2023 @ 4:03 PM
w;A5X5+6p+7p=Tk2YX.W< +rpY*]SbP`(`*&I`"np8 Y`,8H@*p0 ` A?>7HDO}rw?5/"...
gts3.org
February 02 2023 @ 4:03 PM
?cA4&Z%|nr5i>^nKpFJr'nS5x nL&Kp>UjXwjA(b6\5OZm1?]K/XDGXp/{h:V p...
Information about 0-days exploited in-the-wild!
Application security issues found by Assetnote
Discovered by Patrick DeSantis of Cisco Talos. SUMMARY An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A ...
Discovered by Patrick DeSantis of Cisco Talos. SUMMARY A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1...
GitHub- . . , , .
Posted by Oliver Chang, OSS-Fuzz team Since launching in 2016 , Google's free OSS-Fuzz code testing service has helped get over 8800 vul...
Application security issues found by Assetnote
This bug could allow a malicious actor to takeover Facebook/Meta accounts if the user decided to play a Canvas game. The new Canvas on Comet is using Compat to display dialogs( eg OAuth dialogs ) i...
This bug could allow a malicious actor to takeover Facebook ( and Meta ) accounts after tricking the user to play an Instant Game. This bug happens since the goURIOnWindow Module which is widely ...
A malicious actor could steal a first-party access token of the Oculus application which he could use to access the Facebook/Oculus accounts. This was possible because the Oculus application in Fac...
For many reasons, I want to mirror my public GitHub projects on other collaboration platforms. This short article describes my difficulties with it and a working solution.
Stratum's own Jared Perry gave a great talk at Code Europe in 2022. They posted the video today. Jared's perspective is based on performing hundreds of cloud security assessments for Stratum's customers. This is a great talk by someone who has a TON of experience poking around in a TON
An Insecure Direct Object Reference (IDOR) vulnerability was found within TikTok Now on Android, which would have allowed any user to change the "Who Can View" privacy setting for another users' Memory. We thank @mrhavit for reporting this to the team.
A Cross-Site Scripting (XSS) vulnerability was found on a TikTok Ads endpoint, due to a lack of appropriate HTML escaping or output encoding on the reflection of user-supplied data, which was resolved on September 7, 2022. This could have resulted in a JavaScript payload injected into the endpoint causing it to be executed within the context of the victim's browser. We thank @s3c for reporting...
Object Graph Notation Language (OGNL) is a popular, Java-based, expression language used in popular frameworks and applications, such as Apache Struts and Atlassian Confluence. Learn more about bypassing certain OGNL injection protection mechanisms including those used by Struts and Atlassian Confluence, as well as different approaches to analyzing this form of protection so you can harden similar systems.
The world is complicated, and so is anticipating second-order effects. How can execs grapple with the unknown consequences of technology?
An incorrect authorization vulnerability was identified in GitHub Enterprise Server, allowing for escalation of privileges in GraphQL API requests from GitHub Apps. This vulnerability allowed an app installed on an organization to gain access to and modify most organization-level resources that are not tied to a repository regardless of granted permissions, such as users and organization-wide...
Today at the Automotive World conference in Tokyo, Japan, I presented a talk in the Cyber Security from the Perspectives of Hackers and Automakers track. During this presentation, I announced the ZDI will host a new Pwn2Own contest focused on automotive systems Pwn2Own Automotive. Th
Discovered by Francesco Benvenuto of Cisco Talos. SUMMARY A directory traversal vulnerability exists in the httpd update.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP request ca...
Discovered by Francesco Benvenuto of Cisco Talos. SUMMARY An OS command injection vulnerability exists in the httpd logs/view.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP reque...
Discovered by Francesco Benvenuto of Cisco Talos. SUMMARY An os command injection vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specia...
Discovered by Francesco Benvenuto of Cisco Talos. SUMMARY A directory traversal vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specia...
Discovered by Francesco Benvenuto of Cisco Talos. SUMMARY An OS command injection vulnerability exists in the httpd txt/restore.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A sp...
Discovered by Francesco Benvenuto of Cisco Talos. SUMMARY An OS command injection vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A spec...
CVE-2022-40992,CVE-2022-41018,CVE-2022-41005,CVE-2022-41028,CVE-2022-40990,CVE-2022-40985,CVE-2022-40989,CVE-2022-40991,CVE-2022-40994,CVE-2022-41002,CVE-2022-41012,CVE-2022-41019,CVE-2022-41030,CV...
Discovered by Francesco Benvenuto of Cisco Talos. SUMMARY A directory traversal vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A speciall...
Introducing Gato, our an all-in-one open-source toolkit for finding and attacking repositories where CI/CD misconfigurations are present.
By using IPv4-mapped IPv6 addresses there was a way to bypass Cloudflare server's network protections and start connections to ports on the loopback (127.0.0.1) or internal IP addresses (such as 10.0.0.1). The bug was caused by the way a Go library interprets mapped IP addresses and how our code was checking for banned IPs. The code was fixed and now checks both IPv4 and IPv6 properly.
Starting in July of 2022, the Windows CSRSS process entered the consciousness of the infosec community as the source of several local privilege escalation vulnerabilities in Microsoft Windows. The first public information appeared on July 12 with the release of the patch for CVE-2022-22047 , which
Vendor: DENX Software Engineering Vendor URL: Versions affected: v2012.10-rc1 to v2023.01-rc1 Systems Affected: All systems with CONFIG_DFU_OVER_USB or CONFIG_SPL_DFU enabled Author: <Sultan Qas
Information about 0-days exploited in-the-wild!
The Galaxy App Store is an alternative application store that comes pre-installed on Samsung Android devices. Several Android applications are available on both the Galaxy App Store and Google App
CISOs can use this five point guide with their BODs to build a strong strategic relationship based on trust and demonstrable value added.
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Lucas Miller and Dusan Stevanovic of the Trend Micro Research Team detail a recently patched remote code execution vulnerability in Adobe ColdFusion. This bug was originally reported to the ZDI program by a researc
We received this great report about a vulnerability in our Android app on August 12. An initial patch was made available via the Google Play Store on August 13 (version 161.2). The vulnerability had been introduced only very recently prior to its discovery and we have no indication that it has been exploited.
Posted by Chrome Root Program, Chrome Security Team Note: This post is a follow-up to discussions carried out on the Mozilla Dev Securi...
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a scoped user-to-server token to escalate to full admin/owner privileges. An attacker would require an account with admin access to install a malicious GitHub App. This vulnerability was fixed in versions 3.3.17, 3.4.12, 3.5.9, and 3.6.5. This vulnerability was reported via the GitHub Bug Bounty...
##DNS rebinding in --inspect (insufficient fix of CVE-2022-32212 affecting macOS devices) (High) (CVE-2022-32212, CVE-2018-7160)
The fix for CVE-2022-32212, covered the cases for routable IP addresses, however, there exists a specific behavior on macOS devices when handling the http://0.0.0.0 URL that allows an attacker-controlled DNS server to bypass the DNS rebinding protection by resolving...
Posted by Dana Jansens (she/her), Chrome Security Team We are pleased to announce that moving forward, the Chromium project is going to s...