CISA: Adobe Releases Security Updates for ColdFusion and InDesign
Adobe Releases Security Updates for ColdFusion and InDesign Adobe has released security updates to address vulnerabilities affecting ColdFusion(link is external) and...
CISA: CISA Adds Two Known Vulnerabilities to Catalog
CISA Adds Two Known Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Nine Industrial Control Systems Advisories
CISA Releases Nine Industrial Control Systems Advisories CISA released nine Industrial Control Systems (ICS) advisories on July 13, 2023. These...
CISA: CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online
CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online The Cybersecurity and Infrastructure...
CISA: Juniper Releases Multiple Security Updates for Juno OS
Juniper Releases Multiple Security Updates for Juno OS Juniper has released updates to address multiple vulnerabilities in Juno OS(link is...
CISA: Cisco Releases Security Update for SD-WAN vManage API
Cisco Releases Security Update for SD-WAN vManage API Cisco has released a security update to address a critical vulnerability affecting...
US-CERT Vulnerability Summary for the Week of July 3, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infosem-cms -- semcmsFile Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers...
Akira Ransomware Victim: 4LEAF, Inc
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Schmidt Salzman & Mo ran, Ltd
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Gerber Childrenswear LLC
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
HackerOne Bug Bounty Disclosure: an-attacker-can-can-view-any-hacker-email-via-savecollaboratorsmutation-operation-name–xrayan
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:0xrayan1996Link to Submitters Profile:https://hackerone.com/0xrayan1996 Report Title:An attacker can can view any hacker...
HackerOne Bug Bounty Disclosure: indriver-job-admin-approval-bypass-mikejohnson
Company Name: inDrive Company HackerOne URL: https://hackerone.com/indrive Submitted By:mikejohnson_1Link to Submitters Profile:https://hackerone.com/mikejohnson_1 Report Title:inDriver Job - Admin Approval BypassReport Link:https://hackerone.com/reports/1861487Date...
HackerOne Bug Bounty Disclosure: metamask-browser-url-and-transaction-origin-spoofing-metamask-wallet-android-metamask-wallet-ios-renekroka
Company Name: MetaMask Company HackerOne URL: https://hackerone.com/metamask Submitted By:renekrokaLink to Submitters Profile:https://hackerone.com/renekroka Report Title:MetaMask Browser URL and Transaction Origin Spoofing...
HackerOne Bug Bounty Disclosure: endpoint-disclosing-user-password-team-tsk
Company Name: Newegg Company HackerOne URL: https://hackerone.com/newegg Submitted By:team_tskLink to Submitters Profile:https://hackerone.com/team_tsk Report Title:Endpoint disclosing user passwordReport Link:https://hackerone.com/reports/1986731Date Submitted:05 July...
HackerOne Bug Bounty Disclosure: basic-xss-waf-bypasses-mega
Company Name: Cloudflare Public Bug Bounty Company HackerOne URL: https://hackerone.com/cloudflare Submitted By:mega7Link to Submitters Profile:https://hackerone.com/mega7 Report Title:Basic XSS Report Link:https://hackerone.com/reports/1615743Date...
HackerOne Bug Bounty Disclosure: arbitrary-file-write-triggered-by-deeplink-abuse-metamask-android-hackerontwowheels
Company Name: MetaMask Company HackerOne URL: https://hackerone.com/metamask Submitted By:hackerontwowheelsLink to Submitters Profile:https://hackerone.com/hackerontwowheels Report Title:Arbitrary file write triggered by deeplink abuse...
HackerOne Bug Bounty Disclosure: banned-user-still-able-to-invited-to-reports-as-a-collabrator-and-reset-the-password-light-r
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:light3rLink to Submitters Profile:https://hackerone.com/light3r Report Title:Banned user still able to invited to...
HackerOne Bug Bounty Disclosure: internal-machine-learning-api-endpoint-for-cwe-classification-is-vulnerable-to-path-traversal-jobert
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:jobertLink to Submitters Profile:https://hackerone.com/jobert Report Title:Internal machine learning API endpoint for CWE...
HackerOne Bug Bounty Disclosure: improper-authentication-inside-the-rockstar-games-launcher-which-leads-to-account-takeover-to-some-extend–xshivam
Company Name: Rockstar Games Company HackerOne URL: https://hackerone.com/rockstargames Submitted By:0xshivamLink to Submitters Profile:https://hackerone.com/0xshivam Report Title:Improper Authentication inside the Rockstar Games...
HackerOne Bug Bounty Disclosure: server-side-rce-through-directory-traversal-based-arbitrary-file-write-fabianfreyer
Company Name: Rocket.Chat Company HackerOne URL: https://hackerone.com/rocket_chat Submitted By:fabianfreyerLink to Submitters Profile:https://hackerone.com/fabianfreyer Report Title:Server-side RCE through directory traversal-based arbitrary file...
HackerOne Bug Bounty Disclosure: rce-via-npm-misconfig-installing-internal-libraries-from-the-public-registry-x-loser
Company Name: SHEIN Company HackerOne URL: https://hackerone.com/shein Submitted By:x1337loserLink to Submitters Profile:https://hackerone.com/x1337loser Report Title:RCE via npm misconfig -- installing internal...
HackerOne Bug Bounty Disclosure: xss-r-vcc-na-x-com-ssharmaz
Company Name: 8x8 Company HackerOne URL: https://hackerone.com/8x8 Submitted By:ssharmazLink to Submitters Profile:https://hackerone.com/ssharmaz Report Title:xss(r) vcc-na11.8x8.comReport Link:https://hackerone.com/reports/1392733Date Submitted:10 July 2023 A...
HackerOne Bug Bounty Disclosure: actionview-sanitize-helper-bypass-leading-to-xss-using-svg-tag-haqpl
Company Name: Ruby on Rails Company HackerOne URL: https://hackerone.com/rails Submitted By:haqplLink to Submitters Profile:https://hackerone.com/haqpl Report Title:ActionView sanitize helper bypass leading...
HackerOne Bug Bounty Disclosure: -m-reports-on-hackerone-celebration-ability-to-bulk-submit-many-reports-nagli
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:nagliLink to Submitters Profile:https://hackerone.com/nagli Report Title:2M Reports on HackerOne Celebration! - Ability...
