CISA: Ivanti Releases Security Updates for Endpoint Manager
Ivanti Releases Security Updates for Endpoint Manager Ivanti released security updates to address vulnerabilities in Ivanti Endpoint Manager (EPM) and...
Month: July 2024
HackerOne Bug Bounty Disclosure: self-xss–xtrav
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:0xtravLink to Submitters Profile:https://hackerone.com/0xtrav Report Title:Self XSSReport Link:https://hackerone.com/reports/2521186Date Submitted:19...
HackerOne Bug Bounty Disclosure: -cve-cisco-vpn-path-traversal-on-the-hxxps-sp-d-rs
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:sp1d3rsLink to Submitters Profile:https://hackerone.com/sp1d3rs Report Title: Cisco VPN path...
HackerOne Bug Bounty Disclosure: -cve-cisco-vpn-path-traversal-on-the-hxxps-no-hostname-sp-d-rs
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:sp1d3rsLink to Submitters Profile:https://hackerone.com/sp1d3rs Report Title: Cisco VPN path...
HackerOne Bug Bounty Disclosure: unauth-idor-to-mass-account-takeover-without-user-interaction-on-the-hxxps-edu-sp-d-rs
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:sp1d3rsLink to Submitters Profile:https://hackerone.com/sp1d3rs Report Title:Unauth IDOR to mass...
HackerOne Bug Bounty Disclosure: unauthenticated-access-to-internal-api-at-edu-htus-matrixsoftsec
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:matrixsoftsecLink to Submitters Profile:https://hackerone.com/matrixsoftsec Report Title:Unauthenticated access to internal...
HackerOne Bug Bounty Disclosure: missing-access-control-allows-for-user-creation-and-privilege-escalation-bulldawg
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:bulldawgLink to Submitters Profile:https://hackerone.com/bulldawg Report Title:Missing Access Control Allows...
HackerOne Bug Bounty Disclosure: authentication-bypass-and-potential-rce-on-the-hxxps-due-to-exposed-cisco-telepresence-sx-with-default-credentials-sp-d-rs
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:sp1d3rsLink to Submitters Profile:https://hackerone.com/sp1d3rs Report Title:Authentication bypass and potential...
HackerOne Bug Bounty Disclosure: unauthenticated-arbitrary-file-upload-on-the-hxxps-mil-sp-d-rs
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:sp1d3rsLink to Submitters Profile:https://hackerone.com/sp1d3rs Report Title:Unauthenticated arbitrary file upload...
HackerOne Bug Bounty Disclosure: xxe-with-rce-potential-on-the-hxxps-cve-sp-d-rs
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:sp1d3rsLink to Submitters Profile:https://hackerone.com/sp1d3rs Report Title:XXE with RCE potential...
HackerOne Bug Bounty Disclosure: email-takeover-leads-to-permanent-account-deletion-prakhar-x
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:prakhar0x01Link to Submitters Profile:https://hackerone.com/prakhar0x01 Report Title:Email Takeover leads to...
HackerOne Bug Bounty Disclosure: local-file-inclusion-in-download-php-tokyoenigma
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:tokyoenigmaLink to Submitters Profile:https://hackerone.com/tokyoenigma Report Title:Local File Inclusion in...
HackerOne Bug Bounty Disclosure: restrict-any-user-from-login-to-their-account-prakhar-x
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:prakhar0x01Link to Submitters Profile:https://hackerone.com/prakhar0x01 Report Title:Restrict any user from...
HackerOne Bug Bounty Disclosure: xml-external-entity-xxe-injection-maskedpersian
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:maskedpersianLink to Submitters Profile:https://hackerone.com/maskedpersian Report Title:XML External Entity (XXE)...
HackerOne Bug Bounty Disclosure: endpoint-redirects-to-admin-page-and-provides-admin-role-bulldawg
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:bulldawgLink to Submitters Profile:https://hackerone.com/bulldawg Report Title:Endpoint Redirects to Admin...
HackerOne Bug Bounty Disclosure: authentication-bypass-on-hxxps-bulldawg
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:bulldawgLink to Submitters Profile:https://hackerone.com/bulldawg Report Title:Authentication Bypass on hXXps:///Report...
HackerOne Bug Bounty Disclosure: idor-leads-to-pii-leak-prakhar-x
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:prakhar0x01Link to Submitters Profile:https://hackerone.com/prakhar0x01 Report Title:IDOR leads to PII...
HackerOne Bug Bounty Disclosure: automatic-admin-access-bulldawg
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:bulldawgLink to Submitters Profile:https://hackerone.com/bulldawg Report Title:Automatic Admin AccessReport Link:https://hackerone.com/reports/1991214Date...
HackerOne Bug Bounty Disclosure: idor-leads-to-view-other-user-biographical-details-possible-pii-leak-prakhar-x
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:prakhar0x01Link to Submitters Profile:https://hackerone.com/prakhar0x01 Report Title:IDOR leads to view...
HackerOne Bug Bounty Disclosure: idor-modify-other-users-demographic-details-prakhar-x
Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:prakhar0x01Link to Submitters Profile:https://hackerone.com/prakhar0x01 Report Title:IDOR : Modify other...
CISA: Widespread IT Outage Due to CrowdStrike Update
Widespread IT Outage Due to CrowdStrike Update Note: CISA will update this Alert with more information as it becomes available....
Two Russian Nationals Plead Guilty in LockBit Ransomware Attacks
Two Russian nationals have pleaded guilty in a U.S. court for their participation as affiliates in the LockBit ransomware scheme...
Faulty CrowdStrike Update Crashes Windows Systems, Impacting Businesses Worldwide
Businesses across the world have been hit by widespread disruptions to their Windows workstations stemming from a faulty update pushed...
SolarWinds Patches 8 Critical Flaws in Access Rights Manager Software
SolarWinds has addressed a set of critical security flaws impacting its Access Rights Manager (ARM) software that could be exploited...
