A vulnerability regarding concurrent execution using shared resource with improper synchronization ('Race Condition') is found in the session processing functionality of Out-of-Band (OOB) Management. ...
Continue ReadingOctober 20, 2022
Chat is a set of open source team chat software. Rocket.Chat v4.6.4 and earlier versions contain an information disclosure vulnerability, which stems from OAuth tokens being leaked in plaintext in the ...
Continue ReadingOctober 20, 2022
Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.Read More ...
Continue ReadingOctober 19, 2022
A stored cross-site scripting (XSS) vulnerability in Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the categoriesName para ...
Continue ReadingOctober 19, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows ...
Continue ReadingOctober 19, 2022
Sensitive information could be displayed when a detailed technical error message is posted. This information could disclose environmental details.Read More ...
Continue ReadingOctober 19, 2022
Reactor Netty HTTP Server, in versions 1.0.11 - 1.0.23, may log request headers in some cases of invalid HTTP requests. The logged headers may reveal valid access tokens to those with access to server ...
Continue ReadingOctober 19, 2022
Jenkins Contrast Continuous Application Security Plugin 3.9 and earlier does not escape data returned from the Contrast service when generating a report, resulting in a stored cross-site scripting (XS ...
Continue ReadingOctober 19, 2022
Back to Main