Vendure Cross Site Request Forgery vulnerability impacting all API requests

### Impact Vendure is an e-commerce GraphQL framework with a number of APIs and different levels of authorization. By default the Cookie settings are insecure, having the SameSite setting as false whi ...

Continue Reading

11 июля, 2023

Vendure Cross Site Request Forgery vulnerability impacting all API requests

### Impact Vendure is an e-commerce GraphQL framework with a number of APIs and different levels of authorization. By default the Cookie settings are insecure, having the SameSite setting as false whi ...

Continue Reading

11 июля, 2023

CVE-2023-33152

Microsoft ActiveX Remote Code Execution VulnerabilityRead More ...

Continue Reading

11 июля, 2023

CVSS3 - HIGH

CVSS2 - LOW

CVE-2023-35344

Windows DNS Server Remote Code Execution VulnerabilityRead More ...

Continue Reading

11 июля, 2023

CVSS3 - MEDIUM

CVSS2 - MEDIUM

CVE-2023-34119

Insecure temporary file in the installer for Zoom Rooms before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access.Read More ...

Continue Reading

11 июля, 2023

CVE-2023-21526

Windows Netlogon Information Disclosure VulnerabilityRead More ...

Continue Reading

11 июля, 2023

CVSS3 - HIGH

CVSS2 - MEDIUM

CVE-2023-23756

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in advcomsys.com oneVote component for Joomla. It allows XSS Targeting Non-Script Elements.Read More ...

Continue Reading

11 июля, 2023

CVE-2023-29406

The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses t ...

Continue Reading

11 июля, 2023

1 48 653 48 654 48 655 48 656 48 657 75 570

Back to Main
Subscribe for the latest news: