Web exploitation and web shells are some of the most common entry points in the current threat landscape. Web servers provide an external avenue directly into your corporate network, which often resul ...

Continue Reading

December 12, 2022

A vulnerability exists in the API of Aruba EdgeConnect Enterprise. An unauthenticated attacker can exploit this condition via the web-based management interface to create a denial-of-service condition ...

Continue Reading

December 12, 2022

Jenkins Checkmarx Plugin 2022.3.3 and earlier does not escape values returned from the Checkmarx service API before inserting them into HTML reports, resulting in a stored cross-site scripting (XSS) v ...

Continue Reading

December 12, 2022

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...

Continue Reading

December 12, 2022

[![](https://blogger.googleusercontent.com/img/a/AVvXsEiwyJplSNlKPGXq-lzooGKlu739aJ6bDluB3JoCClmCbxw0Gnu0qRejcDEaf-5lYlEtSkU2R7XaOgMBZolVRMofVeSs63HnaG6hm8DaHceHtoUztTRHHUzPZ5b_P9lUT7hijxFYn96WNmEPD_ ...

Continue Reading

December 11, 2022

[![](https://blogger.googleusercontent.com/img/a/AVvXsEjFYE0zBN7rKaY14uhqieJjcZ2PwWwwyUn4JDbzJxw1DUSozjrVDJ3e9aRWDG1FkHyq9bCyOu0vEa6DEIfAMEosNmNlZ2i838MFa_wz5nujkSML2acydMRjSBK7sJte-V-d5VH27D_pmenQ073 ...

Continue Reading

December 10, 2022

The version of tomcat9 installed on the remote host is prior to 9.0.64-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-233 advisory. - The fix for bug CVE-2020-94 ...

Continue Reading

December 10, 2022

FreshRSS is a free, self-hostable RSS aggregator. User configuration files can be accessed by a remote user. In addition to user preferences, such configurations contain hashed passwords (brypt with c ...

Continue Reading

December 09, 2022