-
Link: https://hackerone.com/reports/1174456
Date: 2020-11-06 09:17:44 UTC
By: ebot_api
Weakness: None
-
This is one of the initiatives we agree on for 2023. We all know how hard and time-consuming is to perform a security release. However, some of the 42 steps can be easily handled by automation. This i…
-
It is not allowed to execute system commands through the `-XX:OnOutOfMemoryError` parameter during an `OOM` (Out of Memory) situation: A `HackerOne` report documented a scenario where, stemming from a…
4ra1n updated
8 months ago
-
## CVE-2018-3737 - High Severity Vulnerability
Vulnerable Library - sshpk-1.10.1.tgz
A library for finding and using SSH public keys
Library home page: https://registry.npmjs.org/sshpk/-/sshpk-1.10.…
-
Medium severity vulnerability found on `sql@0.78.0` according to Snyk:
https://snyk.io/vuln/npm:sql:20180512
The report:
https://hackerone.com/reports/319465
-
## Service name
Amazon (AWS) S3
## Proof
Amazon S3 service is indeed vulnerable. Amazon S3 follows pretty much the same concept of virtual hosting as other cloud providers. S3 buckets might be co…
-
**What would you like to happen?**
What do you think about adding to every test scenario possible bug bounty reports that are relevant and provide value.
One example would be for file upload XSS sin…
-
## CVE-2018-3737 - High Severity Vulnerability
Vulnerable Library - sshpk-1.10.1.tgz
A library for finding and using SSH public keys
Library home page: https://registry.npmjs.org/sshpk/-/sshpk-1.10.…
-
Hi,
I'm a member of the Node.js Security WG and we received a report regarding a security issue with this module. We tried inviting the author by e-mail but received no response so I'm opening this…
-