github.com/grafana/grafana is vulnerable to Denial Of Service (DoS). The vulnerability exists due to executing concurrent mixed queries through the `executeConcurrentQueries` function of `query.go`, w ...
Continue Reading
June 30, 2023
An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. A Bean Manipulation vulnerability has been identified in the REST API. By using a crafted request, custom PHP code ...
Continue Reading
June 30, 2023
The plugin does not sanitise and escape a parameter before using it in a SQL statement, leading to a Blind SQL injection exploitable by unauthenticated users. This is only exploitable if the site owne ...
Continue Reading
June 30, 2023
The plugin does not prevent visitors from creating user accounts with the role of their choice via their wholesale REST API endpoint. This is only exploitable if the site owner paid to access the plug ...
Continue Reading
June 30, 2023
[]() Microsoft on Friday attributed a string of service outage ...
Continue Reading
June 30, 2023
Hi, I have found an issue which can be used by an attacker to steal Bitbucket access token along with Other third party access tokens(google, salesforce etc). But the most important one is bitbucket. ...
Continue Reading
June 30, 2023
Google Project Zero reports : The transmission bittorrent client uses a client/server architecture, the user interface is the client which communicates to the worker daemon using JSON RPC requests. As ...
Continue Reading
June 30, 2023
An exploitable improper authorization vulnerability exists in miner_start API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the re ...
Continue Reading
June 30, 2023
Back to Main
