-
I was recently contacted by someone who found a vulnerability in the Coin library. They sent me a proof-of-concept, but the underlying issue will need a patch, as well. This raises the issue of needin…
-
See https://hackerone.com/reports/274267 for example
-
### Describe the bug:
Hi,
We are using zap automated scan in our ci pipeline for several services/endpoints. On one of these andpoints the follwoing alert is raised:
Insufficient Site Isolation Aga…
-
- Site: [https://cdnjs.cloudflare.com](https://cdnjs.cloudflare.com)
- Site: [https://maxcdn.bootstrapcdn.com](https://maxcdn.bootstrapcdn.com)
- Site: [http://log8100-tp210.eastus.azurecontainer.…
-
Dustin Childs published a blog post UNCOORDINATED VULNERABILITY DISCLOSURE: THE CONTINUING ISSUES WITH CVD on
July 15, 2024. Is there anything in https://www.zerodayinitiative.com/blog/2024/7/15/unco…
-
# Microsoft Security Advisory CVE-2024-43483 | .NET Denial of Service Vulnerability
## Executive Summary
Microsoft is releasing this security advisory to provide information about a vulnerabilit…
-
A security.md file is needed to track security changes. Addressing vulnerabilites or issues inthis way contributes to transparency. Example given below:
# Security Policy
## Supported Versions
…
-
Hi,
we have detected that your project may be vulnerable to Out-of-bounds Write in the function of `jpc_ppxstab_insert` in the file of ` src/libjasper/jpc/jpc_dec.c ` . It shares similarities to a…
-
Hi, there
we have detected that your project may be vulnerable to Heap-based Buffer Overflow. It shares similarities to a recent CVE disclosure [CVE-2023-6992](https://nvd.nist.gov/vuln/detail/C…
-
The public release of the Proof of Concept discloses the SSN vulnerability before a CVE has been assigned.
Please review the disclosure policy at [cveform.mitre.org](https://cveform.mitre.org/)