Ausnahme gefangen: SSL certificate problem: certificate is not yet valid πŸ“Œ U.S. Dept Of Defense: PII Leak of USCG Designated Examiner List at https://www.β–ˆβ–ˆβ–ˆ
Team IT Security Nachrichtenportal Logo

🏠 Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, BlogbeitrÀge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden Überblick über die wichtigsten Aspekte der IT-Sicherheit in einer sich stÀndig verÀndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch ΓΌbersetzen, erst Englisch auswΓ€hlen dann wieder Deutsch!

Google Android Playstore Download Button fΓΌr Team IT Security
RSS Feed Symbol fΓΌr Team IT Security 800+ IT News als RSS Feed abonnieren



πŸ“š U.S. Dept Of Defense: PII Leak of USCG Designated Examiner List at https://www.β–ˆβ–ˆβ–ˆ


πŸ’‘ Newskategorie: SicherheitslΓΌcken
πŸ”— Quelle: vulners.com


image
Hello Dod Team, Summary: PII Leakage of approx 750 personal is being disclosed through the pdf at https://www.β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ which had been uploaded at the 7th of October, this includes Personal phone number and email address. Description: The list presented at the "dereport.pdf" contains personal info such as phone numbers and private emails of personal in contact with the DoD. Step-by-step Reproduction Instructions Navigate to https://www.β–ˆβ–ˆβ–ˆβ–ˆ POC β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ Suggested Mitigation/Remediation Actions Provoking the public access to the specified PDF Best Regards, nagli. Impact PII Disclosure of DoD personal, this include email addresses and phone... ...



Sharing is caring on Social Media

πŸ”— Reddit
πŸ”— Telegram
πŸ”— LinkedIn
πŸ”— Xing
πŸ”— Twitter
πŸ”— Whatsapp
πŸ”— Facebook
πŸ”— Flipboard

Join the Team IT Security Community

πŸ”— "IT Sicherheit" Reddit-Gruppe
πŸ”— "IT Sicherheit" Telegramm-Seite

πŸ“Œ U.S. Dept Of Defense: PII Leak of USCG Designated Examiner List at https://www.β–ˆβ–ˆβ–ˆ


πŸ“ˆ 158.89 Punkte

πŸ“Œ U.S. Dept Of Defense: [Partial] SSN & [PII] exposed through iPERMs Presentation Slide.


πŸ“ˆ 41.03 Punkte

πŸ“Œ U.S. Dept Of Defense: Bypassed a fix to gain access to PII of more than 100 Officers


πŸ“ˆ 41.03 Punkte

πŸ“Œ U.S. Dept Of Defense: β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ IDOR leads to disclosure of PHI/PII


πŸ“ˆ 41.03 Punkte

πŸ“Œ U.S. Dept Of Defense: CRXDE Lite/CRX is on β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ exposed that leads to PII disclosure


πŸ“ˆ 41.03 Punkte

πŸ“Œ U.S. Dept Of Defense: β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ portal is open to enumeration once authenticated. Session ID's appear static. All PII available once a valid session ID is found.


πŸ“ˆ 41.03 Punkte

πŸ“Œ U.S. Dept Of Defense: IDOR leaking PII data via VendorId parameter


πŸ“ˆ 41.03 Punkte

πŸ“Œ Netwrix Account Lockout Examiner up to 5.0 improper authentication


πŸ“ˆ 35.29 Punkte

πŸ“Œ Major Data Leak Includes PII Of Employees From U.S.’s Top Aerospace And Defense Contractor – Commentary From Cloud Security Expert


πŸ“ˆ 32.76 Punkte

πŸ“Œ U.S. Dept Of Defense: Reflected XSS on https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆhtml?url


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: Examples directory is PUBLIC on https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆmil, leading to multiple vulns


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: Public instance of Jenkins on https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ/ with /script enabled


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: No Rate Limiting on https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ/β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ/accounts/password/reset/ endpoint leads to Denial of Service


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: Unrestricted file upload leads to stored xss on https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ/


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: Exposed Docker Registry at https://β–ˆβ–ˆβ–ˆβ–ˆ


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ is vulnerable to CVE-2020-3452 Read-Only Path Traversal Vulnerability


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: Path traversal on https://β–ˆβ–ˆβ–ˆ allows arbitrary file read (CVE-2020-3452)


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: IDOR to Account Takeover on https://β–ˆβ–ˆβ–ˆβ–ˆ/index.html


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: External Service Interaction | https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ.mil


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: Sensitive data exposure via https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ.mil/secure/QueryComponent!Default.jspa - CVE-2020-14179


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: CSRF to account takeover in https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ.mil/


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ vulnerable to CVE-2020-3187 - Unauthenticated arbitrary file deletion in Cisco ASA/FTD


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: hardcoded password stored in javascript of https://β–ˆβ–ˆβ–ˆβ–ˆ.mil


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: Reflected XSS in https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ via search parameter


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: CSRF to account takeover in https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ/


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ vulnerable to CVE-2020-3187 - Unauthenticated arbitrary file deletion in Cisco ASA/FTD


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: Reflected XSS on https://β–ˆβ–ˆβ–ˆβ–ˆ/ (Bypass of #1002977)


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: CSRF to Stored HTML injection at https://www.β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: Sensitive data exposure via https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ/secure/QueryComponent!Default.jspa - CVE-2020-14179


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: Stored XSS at https://www.β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ.mil


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: Reflected XSS In https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: Reflected XSS on https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: Unauth RCE on Jenkins Instance at https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ/


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: Self XSS + CSRF Leads to Reflected XSS in https://β–ˆβ–ˆβ–ˆβ–ˆ/


πŸ“ˆ 29.13 Punkte

πŸ“Œ U.S. Dept Of Defense: Administration Authentication Bypass on https://β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ


πŸ“ˆ 29.13 Punkte











matomo

Kontakt

24/7 kontakt@tsecurity.de

Weitere Informationen

Google Android Playstore Download Button fΓΌr Team IT Security
πŸ”— Impressum
πŸ”— Datenschutz
Paypal Spenden fΓΌr Projekt

Social Media

πŸ”— Facebook
πŸ”— Reddit
πŸ”— Team IT Security als Elektron App
πŸ”— © 2015-2023 Team IT Security Nachrichtenportal ΓΌber Cybersecurity
πŸ”— CMS "myDraft" a PHP Portal Software