Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'ryotak'Link to Submitters Profile:https://hackerone.com/b'ryotak' Report Title:b'Open redirect in user_saml via RelayState parameter'Report...
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'ryotak'Link to Submitters Profile:https://hackerone.com/b'ryotak' Report Title:b'Authentication bypass in Global Site Selector allows...
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'hackit_bharat'Link to Submitters Profile:https://hackerone.com/b'hackit_bharat' Report Title:b'Self XSS when sending HTML as a...
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'ryotak'Link to Submitters Profile:https://hackerone.com/b'ryotak' Report Title:b'Non-admin users can reset app allowlist to...
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'ryotak'Link to Submitters Profile:https://hackerone.com/b'ryotak' Report Title:b'Improper handling of request URLs in nextcloud/guests...
Incident Response Guide for the WWS Sector Today, CISA, the Federal Bureau of Investigation (FBI), and the Environmental Protection Agency...
Citrix Releases Security Updates for NetScaler ADC and NetScaler Gateway Citrix released security updates to address vulnerabilities (CVE-2023-6548 and CVE-2023-6549)...
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on January 18, 2024. These...
Oracle Releases Critical Patch Update Advisory for January 2024 Oracle released its Critical Patch Update Advisory for January 2024 to...
The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver...
Drupal Releases Security Advisory for Drupal Core Drupal released a security advisory to address a vulnerability affecting multiple Drupal core versions....
In today's digital landscape, traditional password-only authentication systems have proven to be vulnerable to a wide range of cyberattacks. To...
Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified...
Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to...
Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger denial of...
Multiple vulnerabilities were identified in Citrix Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of...
Wing Security announced today that it now offers free discovery and a paid tier for automated control over thousands of...
A new vulnerability dubbed 'LeftoverLocals' affecting graphics processing units from AMD, Apple, Qualcomm, and Imagination Technologies allows retrieving data from...
Security researchers found that infections with high-profile spyware Pegasus, Reign, and Predator could be discovered on compromised Apple mobile devices...
Have I Been Pwned has added almost 71 million email addresses associated with stolen accounts in the Naz.API dataset to...
Cybersecurity architecture refers to the design and structure of an organization's approach to securing its information systems. It outlines the...
Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days...
A previously unknown cybercrime syndicate named 'Bigpanzi' has been making significant money by infecting Android TV and eCos set-top boxes...
Microsoft says that a group of Iranian-backed state hackers are targeting high-profile employees of research organizations and universities across Europe...
