cubejs-backend/api-gateway is vulnerable to SQL Injection attacks. A specifically crafted attack statement through the `/v1/sql-runner` endpoint allows a malicious authenticated user to inject and exe ...
Continue Reading
December 13, 2022
OpenStack Networking (neutron) is a virtual network service for OpenStack. Just as OpenStack Compute (nova) provides an API to dynamically request and configure virtual servers, OpenStack Networking p ...
Continue Reading
December 13, 2022
OpenStack Networking (neutron) is a virtual network service for OpenStack. Just as OpenStack Compute (nova) provides an API to dynamically request and configure virtual servers, OpenStack Networking p ...
Continue Reading
December 13, 2022
Barbican is a REST API designed for the secure storage, provisioning and management of secrets, including in OpenStack environments. Security Fix(es): * Barbican allows authenticated users to add/modi ...
Continue Reading
December 13, 2022
**InfraGard**, a program run by the **U.S. Federal Bureau of Investigation** (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its databa ...
Continue Reading
December 13, 2022
Alist v3.5.1 is vulnerable to Cross Site Scripting (XSS) via the bulletin board.Read More ...
Continue Reading
December 13, 2022
Alist v3.4.0 is vulnerable to File Upload. A user with only file upload permission can upload any file to any folder (even a password protected one).Read More ...
Continue Reading
December 13, 2022
This update provides new features for security, monitoring, and the compute service, as well as bug fixes and improvements. **Vulnerability id:** VSTOR-60452 It is impossible to start a cluster update ...
Continue Reading
December 13, 2022
Back to Main
