CVE-2022-24072

The devtools API in Whale browser before 3.12.129.18 allowed extension developers to inject arbitrary JavaScript into the extension store web page via devtools.inspectedWindow, leading to extensions d ...

Continue Reading

March 17, 2022

Arbitrary file write in nats-server

(This document is canonically: https://advisories.nats.io/CVE/CVE-2022-26652.txt) Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud ...

Continue Reading

March 11, 2022

CVE-2022-23730

The public API error causes for the attacker to be able to bypass API access... ...

Continue Reading

March 11, 2022

CVE-2018-25031

Swagger UI before 4.1.3 could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI. ...

Continue Reading

March 11, 2022

CVE-2022-25506

FreeTAKServer-UI v1.9.8 was discovered to contain a SQL injection vulnerability via the API endpoint... ...

Continue Reading

March 10, 2022

CVE-2021-42854

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) PluginServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/plugin/pmx&quo ...

Continue Reading

March 10, 2022

CVE-2021-42787

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/ ...

Continue Reading

March 10, 2022

CVE-2021-42786

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code Execution vulnerabilities in multiple instances of the API requests. The affected endpoints do not hav ...

Continue Reading

March 10, 2022

1 81,952 81,953 81,954 81,955 81,956 82,136

Back to Main
Subscribe for the latest news: