RedPacket Security - InfoSec News & Tutorials

HackerOne Bug Bounty Disclosure: self-xss–xtrav

July 19, 2024

Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:0xtravLink to Submitters Profile:https://hackerone.com/0xtrav Report Title:Self XSSReport Link:https://hackerone.com/reports/2521186Date Submitted:19...

HackerOne Bug Bounty Disclosure: -cve-cisco-vpn-path-traversal-on-the-hxxps-sp-d-rs

July 19, 2024

Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:sp1d3rsLink to Submitters Profile:https://hackerone.com/sp1d3rs Report Title: Cisco VPN path...

HackerOne Bug Bounty Disclosure: -cve-cisco-vpn-path-traversal-on-the-hxxps-no-hostname-sp-d-rs

July 19, 2024

HackerOne Bug Bounty Disclosure: unauth-idor-to-mass-account-takeover-without-user-interaction-on-the-hxxps-edu-sp-d-rs

July 19, 2024

HackerOne Bug Bounty Disclosure: unauthenticated-access-to-internal-api-at-edu-htus-matrixsoftsec

July 19, 2024

Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:matrixsoftsecLink to Submitters Profile:https://hackerone.com/matrixsoftsec Report Title:Unauthenticated access to internal...

HackerOne Bug Bounty Disclosure: missing-access-control-allows-for-user-creation-and-privilege-escalation-bulldawg

July 19, 2024

Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:bulldawgLink to Submitters Profile:https://hackerone.com/bulldawg Report Title:Missing Access Control Allows...

HackerOne Bug Bounty Disclosure: authentication-bypass-and-potential-rce-on-the-hxxps-due-to-exposed-cisco-telepresence-sx-with-default-credentials-sp-d-rs

July 19, 2024

HackerOne Bug Bounty Disclosure: unauthenticated-arbitrary-file-upload-on-the-hxxps-mil-sp-d-rs

July 19, 2024

HackerOne Bug Bounty Disclosure: xxe-with-rce-potential-on-the-hxxps-cve-sp-d-rs

July 19, 2024

HackerOne Bug Bounty Disclosure: email-takeover-leads-to-permanent-account-deletion-prakhar-x

July 19, 2024

Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:prakhar0x01Link to Submitters Profile:https://hackerone.com/prakhar0x01 Report Title:Email Takeover leads to...

HackerOne Bug Bounty Disclosure: local-file-inclusion-in-download-php-tokyoenigma

July 19, 2024

Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:tokyoenigmaLink to Submitters Profile:https://hackerone.com/tokyoenigma Report Title:Local File Inclusion in...

HackerOne Bug Bounty Disclosure: restrict-any-user-from-login-to-their-account-prakhar-x

July 19, 2024

HackerOne Bug Bounty Disclosure: xml-external-entity-xxe-injection-maskedpersian

July 19, 2024

Company Name: U.S. Dept Of Defense Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:maskedpersianLink to Submitters Profile:https://hackerone.com/maskedpersian Report Title:XML External Entity (XXE)...

HackerOne Bug Bounty Disclosure: endpoint-redirects-to-admin-page-and-provides-admin-role-bulldawg

July 19, 2024

HackerOne Bug Bounty Disclosure: authentication-bypass-on-hxxps-bulldawg

July 19, 2024

HackerOne Bug Bounty Disclosure: idor-leads-to-pii-leak-prakhar-x

July 19, 2024

HackerOne Bug Bounty Disclosure: automatic-admin-access-bulldawg

July 19, 2024

HackerOne Bug Bounty Disclosure: idor-leads-to-view-other-user-biographical-details-possible-pii-leak-prakhar-x

July 19, 2024

HackerOne Bug Bounty Disclosure: idor-modify-other-users-demographic-details-prakhar-x

July 19, 2024

CISA: Widespread IT Outage Due to CrowdStrike Update

July 19, 2024

Widespread IT Outage Due to CrowdStrike Update Note: CISA will update this Alert with more information as it becomes available....

Two Russian Nationals Plead Guilty in LockBit Ransomware Attacks

July 19, 2024

Two Russian nationals have pleaded guilty in a U.S. court for their participation as affiliates in the LockBit ransomware scheme...

58a7ccdf8e7c4c6c44a4fdcd98b703c85e40d82d5966486d1c8e60aac23ddf43

Faulty CrowdStrike Update Crashes Windows Systems, Impacting Businesses Worldwide

July 19, 2024

Businesses across the world have been hit by widespread disruptions to their Windows workstations stemming from a faulty update pushed...

SolarWinds Patches 8 Critical Flaws in Access Rights Manager Software

July 19, 2024

SolarWinds has addressed a set of critical security flaws impacting its Access Rights Manager (ARM) software that could be exploited...

Critical Vulnerabilities in SolarWinds Access Rights Manager (ARM) Product

July 19, 2024

SolarWinds has released security updates to address critical vulnerabilities (CVE-2024-23466, CVE-2024-23467, CVE-2024-23469, CVE-2024-23470, CVE-2024-23471, CVE-2024-23472, CVE-2024-28074 and CVE-2024-23475) in their Access...

Main Story

Editor’s Picks

Trending Story

Featured Story

You may have missed