A vulnerability was found in DCMTK up to 3.6.6. It has been declared as problematic. This vulnerability affects unknown code of the component dcmqrdb.... weiterlesen

A vulnerability has been found in DCMTK up to 3.6.6 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component... weiterlesen

Summary: Curl can leak user credentials if use two url. Steps To Reproduce: curl -I -v -u aaa:bbb hackerone.com curl.se the output is: Connected to hackerone.com... weiterlesen

A vulnerability, which was classified as problematic, was found in Redis 7.0. Affected is the function streamGetEdgeID. The manipulation leads to memory... weiterlesen

A vulnerability was found in LibreSSL 2.0.0/2.3.0. It has been declared as problematic. This vulnerability affects the function OBJ_obj2txt. The manipulation... weiterlesen

Summary: Curl can be coaxed to leak Authorisation / Cookie headers by redirecting request to http:// URL on the same host. Successful exploitation requires... weiterlesen

Summary: Curl can be coaxed to leak user credentials to third-party host by issuing HTTP redirect to ftp:// URL. Steps To Reproduce: Configure for example... weiterlesen

Summary: curl/libcurl can be coaxed to leak Authorization / Cookie headers by redirecting request to http:// URL on the same host. Successful exploitation... weiterlesen

Summary: curl/libcurl can be coaxed to leak user credentials to third-party host by issuing HTTP redirect to ftp:// URL. Steps To Reproduce: Configure... weiterlesen

Summary: [add summary of the vulnerability] Curl can be coaxed to leak user credentials to third-party host by issuing HTTP redirect , like the Proxy-Authorization... weiterlesen

Summary: Once a bearer token is set with CURLOPT_XOAUTH2_BEARER, each HTTP request done with the same handler leaks the token itself. Steps To Reproduce:... weiterlesen

A vulnerability was found in Unicorn Engine 2.0.0-rc7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality.... weiterlesen

A vulnerability was found in FFmpeg 4.2 (Multimedia Processing Software). It has been rated as problematic. Affected by this issue is the function config_input... weiterlesen

A vulnerability was found in FFmpeg 4.2 (Multimedia Processing Software). It has been declared as problematic. Affected by this vulnerability is the function... weiterlesen

A vulnerability, which was classified as problematic, was found in QEMU up to 6.0 (Virtualization Software). This affects some unknown processing of the... weiterlesen

A vulnerability was found in FFmpeg 4.2 (Multimedia Processing Software). It has been rated as problematic. This issue affects the function filter_frame... weiterlesen

A vulnerability was found in FFmpeg 4.2 (Multimedia Processing Software). It has been declared as problematic. This vulnerability affects the function... weiterlesen

A vulnerability was found in FFmpeg 4.2 (Multimedia Processing Software). It has been classified as problematic. This affects the function ff_frame_pool_get... weiterlesen

A vulnerability was found in FFmpeg 4.2 (Multimedia Processing Software) and classified as problematic. Affected by this issue is the function avpriv_float_dsp_allocl... weiterlesen

A vulnerability has been found in Linux Kernel 3.2.53/3.4.72/3.10.22/3.12.3 (Operating System) and classified as problematic. This vulnerability affects... weiterlesen

A vulnerability, which was classified as problematic, has been found in FFmpeg 4.2 (Multimedia Processing Software). Affected by this issue is the function... weiterlesen

A vulnerability classified as problematic was found in FFmpeg 4.2 (Multimedia Processing Software). Affected by this vulnerability is the function fifo_alloc_common... weiterlesen

A vulnerability classified as problematic has been found in FFmpeg 4.2 (Multimedia Processing Software). Affected is the function av_buffersrc_add_frame_flags.... weiterlesen

A vulnerability was found in FFmpeg 4.2 (Multimedia Processing Software). It has been rated as problematic. This issue affects the function v_frame_alloc... weiterlesen

A vulnerability was found in FFmpeg 4.2 (Multimedia Processing Software). It has been classified as problematic. This affects the function ff_v4l2_m2m_create_context... weiterlesen

A vulnerability was found in FFmpeg 4.2 (Multimedia Processing Software) and classified as problematic. This issue affects the function link_filter_inouts... weiterlesen

A vulnerability was found in Squid Web Proxy up to 4.14/5.0.5 (Firewall Software). It has been classified as problematic. This affects an unknown part... weiterlesen

A vulnerability was found in Privoxy up to 3.0.28. It has been rated as problematic. This issue affects an unknown functionality of the file show-status... weiterlesen

A vulnerability has been found in Linux Kernel (Operating System) (the affected version is unknown) and classified as problematic. This vulnerability affects... weiterlesen

A vulnerability, which was classified as problematic, was found in Linaro Trusted Firmware-M up to 1.3.0 (Firmware Software). Affected is the function... weiterlesen

A vulnerability, which was classified as problematic, was found in GNU LibreDWG 0.10 (Image Processing Software). Affected is the function dwg_decode_eed... weiterlesen

Hi I found an Open S3 Bucket. POC : aws s3 ls s3://amazon-eks/ Source : https://github.com/Sifchain/sifnode/blob/bebbe9883560bbde4f452f81a2d85bdbc243636a/deploy/rake/dependencies.rake#21... weiterlesen

Summary: GitHub is a truly awesome service but it is unwise to put any sensitive data in code that is hosted on GitHub and similar services as I was able... weiterlesen

Steps To Reproduce: [add details for how we can reproduce the issue] Go to values.yaml file file. 2.Check from line 23: blockExplorer: args: mongoUsername:... weiterlesen

Summary: I found below private key for ethereum wallet leaked via public code in github repository ETHEREUM_PRIVATE_KEY="c87509a1c067bbde78beb793e6fa76530b6382a4c0241e5e4a9ec0a0f44dc0d3"... weiterlesen

Hi, I think this is more of a privacy concern than a security concern. However I wanted to check here first. Please direct me to an other suitable location... weiterlesen

Details Title: Improper data update process on UpdatePhabricatorIntegration mutation leads to leak of Phabricator Conduit API token. Risk: High Impact:... weiterlesen

A vulnerability was found in GPAC 1.0.1. It has been classified as problematic. Affected is the function stbl_GetSampleInfos of the component MP4Box. Applying... weiterlesen

A vulnerability was found in Huawei IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 and Secospace USG9500. It has been... weiterlesen

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.8.9 (Operating System). This affects the function kvm_io_bus_unregister_dev... weiterlesen

A vulnerability has been found in Linux Kernel up to 5.11.2 (Operating System) and classified as problematic. This vulnerability affects the function video_usercopy... weiterlesen

A vulnerability classified as problematic was found in Huawei Smartphone (Smartphone Operating System) (the affected version is unknown). This vulnerability... weiterlesen

A vulnerability was found in Linux Kernel up to 5.11.10 (Operating System). It has been rated as problematic. This issue affects the function copy_process... weiterlesen

A vulnerability was found in GNU Tar up to 1.33. It has been rated as problematic. Affected by this issue is an unknown functionality of the file src/list.c... weiterlesen

A vulnerability was found in Privoxy up to 3.0.28. It has been declared as problematic. Affected by this vulnerability is an unknown function of the component... weiterlesen

A vulnerability was found in Privoxy up to 3.0.28. It has been classified as problematic. Affected is some unknown processing of the component client-tags... weiterlesen

A vulnerability has been found in Privoxy up to 3.0.28 and classified as problematic. This vulnerability affects an unknown code of the component PCRE... weiterlesen

A vulnerability, which was classified as problematic, was found in Privoxy up to 3.0.28. This affects an unknown part. Upgrading to version 3.0.29 eliminates... weiterlesen

A vulnerability, which was classified as problematic, has been found in Privoxy up to 3.0.28. Affected by this issue is some unknown functionality of the... weiterlesen

A vulnerability, which was classified as problematic, has been found in Privoxy up to 3.0.28. This issue affects an unknown function of the component Response... weiterlesen

A vulnerability was found in APKLeaks up to 2.0.2. It has been classified as critical. Affected is some unknown functionality of the component Package... weiterlesen

Summary: HackerOne provides an application tool HackerOne for Jira, an application that allows programs to track security issues through a jira instance.... weiterlesen

Sumarry : CORS policies on pages containing sensitive information should be reviewed to determine whether it is appropriate for the application to trust... weiterlesen

A vulnerability, which was classified as critical, has been found in Linux Kernel 2.6.16.12 (Operating System). Affected by this issue is an unknown function... weiterlesen

Hi security team, According to my report #1092618, The VDP team agreed that █████████ and it's subdomains is in the scope of... weiterlesen

A vulnerability, which was classified as critical, has been found in Microsoft Windows NT 4.0/2000/XP/Server 2003 (Operating System). Affected by this... weiterlesen

A vulnerability, which was classified as problematic, was found in ZTE ZXR10 8900E up to 3.03.20R2B30P1. This affects some unknown functionality. There... weiterlesen

A vulnerability, which was classified as critical, was found in Cisco NX-OS (Router Operating System) (the affected version unknown). This affects an unknown... weiterlesen

A vulnerability was found in Cisco NX-OS (Router Operating System) (the affected version unknown). It has been classified as problematic. This affects... weiterlesen

Summary: We all know that Github is great, but it runs the risk of some credentials being revealed by mistake. In this case I found a Rockset API key,... weiterlesen

A vulnerability, which was classified as problematic, was found in Cisco StarOS (Router Operating System) (version unknown). Affected is an unknown code... weiterlesen

A vulnerability was found in Juniper EX9200 (the affected version is unknown). It has been declared as problematic. This vulnerability affects an unknown... weiterlesen

A vulnerability classified as problematic was found in K7computing K7AntiVirus Premium 15.1.0.53 (Anti-Malware Software). Affected by this vulnerability... weiterlesen

A vulnerability was found in K7computing K7AntiVirus Premium 15.01.00.53 (Anti-Malware Software). It has been classified as problematic. This affects an... weiterlesen

A vulnerability has been found in K7computing K7AntiVirus Premium 15.01.00.53 (Anti-Malware Software) and classified as problematic. Affected by this vulnerability... weiterlesen

Summary: The password reset link of user account on critical sixt+ domain/product can be obtained using the page https://www.sixt.com/php/profile/login_or_password_forgotten.... weiterlesen

... weiterlesen

Domain, site, application weblate.ucs.ru Steps to reproduce For getting all Url Patterns 1.Open https://weblate.ucs.ru / 2.now after / enter any random... weiterlesen

A vulnerability classified as problematic has been found in Google Android 11.0 (Smartphone Operating System). This affects the function process of the... weiterlesen

A vulnerability was found in Wireshark up to 3.2.8/3.4.0 (Packet Analyzer Software). It has been rated as problematic. Affected by this issue is some unknown... weiterlesen

A vulnerability was found in Wireshark 3.4.0 (Packet Analyzer Software). It has been declared as problematic. Affected by this vulnerability is an unknown... weiterlesen

... weiterlesen

A vulnerability was found in ImageMagick up to 7.0.8 (Image Processing Software). It has been rated as problematic. This issue affects the function SetImageExtent... weiterlesen

A vulnerability was found in ImageMagick up to 7.0.8 (Image Processing Software). It has been classified as problematic. This affects the function AcquireMagickMemory... weiterlesen

A vulnerability was found in Wildfly 19.0.0.Final/19.1.0.Final/20.0.0.Final/20.0.1.Final/21.0.0.Final (Application Server Software). It has been classified... weiterlesen

A vulnerability was found in Chaos Monkey Plugin up to 0.3 on Jenkins (Jenkins Plugin) and classified as problematic. This issue affects an unknown code... weiterlesen

Inadequate validation could lead to the disclosure of product names even if marked as disabled. Part of update Magento 2.3.2, 2.2.9 and 2.1.18 Security... weiterlesen

A vulnerability was found in CloudAvid PParam 1.3.1 (Cloud Software). It has been rated as problematic. This issue affects the function IPv6Param::setAddress.... weiterlesen

Hello Dod Team, Summary: PII Leakage of approx 750 personal is being disclosed through the pdf at https://www.██████ which had been uploaded... weiterlesen

A vulnerability was found in B&R Automation Runtime (Automation Software) and classified as problematic. Affected by this issue is an unknown code... weiterlesen

A vulnerability was found in Amazon AWS Firecracker up to 0.21.2/0.22.0. It has been declared as problematic. Affected by this vulnerability is some unknown... weiterlesen

A vulnerability was found in Juniper Junos (Router Operating System) (version unknown). It has been classified as critical. Affected is an unknown part... weiterlesen

A vulnerability classified as critical has been found in Juniper Junos (Router Operating System) (version unknown). Affected is an unknown code of the... weiterlesen

A vulnerability, which was classified as problematic, has been found in Cisco Video Surveillance 8000 Series IP Camera (Video Surveillance Software) (unknown... weiterlesen

... weiterlesen

A vulnerability classified as problematic was found in WildFly OpenSSL up to 1.1.2 (Application Server Software). Affected by this vulnerability is an... weiterlesen

A vulnerability classified as problematic was found in OpenThread wpantund up to 0e5d1601febb869f583e944785e5685c6c747be7. This vulnerability affects an... weiterlesen

A vulnerability has been found in Mattermost Server up to 4.10.4/5.5.1/5.6.2 and classified as problematic. This vulnerability affects an unknown functionality... weiterlesen

A vulnerability classified as critical was found in ARM Mbed OS 5.15.3. Affected by this vulnerability is the function sn_coap_parser_options_parse of... weiterlesen

... weiterlesen

Summary: [add summary of the vulnerability] i create account with weak password Steps To Reproduce: [add details for how we can reproduce the issue] 1.i... weiterlesen

A vulnerability was found in libvirt up to 6.0.x (Virtualization Software). It has been declared as problematic. Affected by this vulnerability is the... weiterlesen

... weiterlesen

A vulnerability was found in IBM MQ and MQ Appliance 8.0/9.1 CD/9.1 LTS. It has been classified as problematic. Affected is some unknown processing. There... weiterlesen

A vulnerability classified as problematic has been found in Samsung Mobile Devices L(5.x)/M(6.0)/N(7.x)/O(8.0) (Smartphone Operating System). Affected... weiterlesen

... weiterlesen

A vulnerability has been found in libpng 1.6.37 (Image Processing Software) and classified as problematic. Affected by this vulnerability is the function... weiterlesen

Summary: [Summary the vulnerabilities] I am surfing on the stripo website. I found a sensitive data including authentication key written in public accessible... weiterlesen

A vulnerability classified as problematic was found in Juniper Junos up to 18.1 (Router Operating System). Affected by this vulnerability is an unknown... weiterlesen

A vulnerability, which was classified as problematic, was found in LodePNG up to 2019-09-28. This affects the function HuffmanTree_makeFromFrequencies... weiterlesen