An issue was discovered in ApiManager 1.1. there is sql injection vulnerability that can use in... ...
Continue Reading
March 24, 2022
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 1.3.0 but before versions 2.1.11, 2.2.6, and 2.3.0 is vulnerable to a path traversal bug, compou ...
Continue Reading
March 23, 2022
A lack of password change protection vulnerability in a depreciated API of McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote attacker to change the password of a com ...
Continue Reading
March 23, 2022
Impact This vulnerability allows renderers to obtain access to a random bluetooth device via the web bluetooth API if the app has not configured a custom select-bluetooth-device event handler. The de ...
Continue Reading
March 22, 2022
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to 17.0.0-alpha.6, 16.0.6, 15.3.5, 14.2.4, and 13.6.6 allows r ...
Continue Reading
March 22, 2022
A flaw was found in SmallRye's API through version 1.6.1. The API can allow other code running within the application server to potentially obtain the ClassLoader, bypassing any permissions check ...
Continue Reading
March 22, 2022
A flaw was found in Keycloak before version 12.0.0 where it is possible to update the user's metadata attributes using Account REST API. This flaw allows an attacker to change its own NameID attr ...
Continue Reading
March 22, 2022
The package ungit before 1.5.20 are vulnerable to Remote Code Execution (RCE) via argument injection. The issue occurs when calling the /api/fetch endpoint. User controlled values (remote and ref) are ...
Continue Reading
March 21, 2022
Back to Main
