When Xiaomi router firmware is updated in 2020, there is an unauthenticated API that can reveal WIFI password vulnerability. This vulnerability is caused by the lack of access control policies on some ...

Continue Reading

Suprema BioStar 2 v2.8.16 was discovered to contain a SQL injection vulnerability via the values parameter at /users/absence?search_month=1.Read More ...

Continue Reading

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local ...

Continue Reading



In JetBrains IntelliJ IDEA before 2023.1 the NTLM hash could leak through an API method used in the IntelliJ IDEA built-in web server.Read More ...

Continue Reading
ChatGPT Injection: a new type of API Abuse attack may steal your OpenAI API credits

ChatGPT is spreading like wildfire all over the internet, being used in everything from casual tools to cybersecurity and even industrial applications. It's so popular, I wouldn't be shocked if it sta ...

Continue Reading
Context Propagation with Project Reactor 2 – The bumpy road of Spring Cloud Sleuth

Spring Cloud Sleuth recently [became Micrometer Tracing](), part of the Micrometer project. Most of the tracing instrumentation is centered within Micrometer under the new [Observability API](). The g ...

Continue Reading
Smart Mobility has a Blindspot When it Comes to API Security

[![Automotive Security](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=)]() The emergence of smart mobility services and applications ...

Continue Reading
Oracle Linux 8 : openssl (ELSA-2023-12213)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12213 advisory. - There is a type confusion vulnerability relating ...

Continue Reading


Back to Main

Subscribe for the latest news:
Generated by Feedzy