Web exploitation and web shells are some of the most common entry points in the current threat landscape. Web servers provide an external avenue directly into your corporate network, which often resul ...
Continue ReadingDecember 12, 2022
A vulnerability exists in the API of Aruba EdgeConnect Enterprise. An unauthenticated attacker can exploit this condition via the web-based management interface to create a denial-of-service condition ...
Continue ReadingDecember 12, 2022
Jenkins Checkmarx Plugin 2022.3.3 and earlier does not escape values returned from the Checkmarx service API before inserting them into HTML reports, resulting in a stored cross-site scripting (XSS) v ...
Continue ReadingDecember 12, 2022
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue ReadingDecember 12, 2022
[![](https://blogger.googleusercontent.com/img/a/AVvXsEiwyJplSNlKPGXq-lzooGKlu739aJ6bDluB3JoCClmCbxw0Gnu0qRejcDEaf-5lYlEtSkU2R7XaOgMBZolVRMofVeSs63HnaG6hm8DaHceHtoUztTRHHUzPZ5b_P9lUT7hijxFYn96WNmEPD_ ...
Continue ReadingDecember 11, 2022
[![](https://blogger.googleusercontent.com/img/a/AVvXsEjFYE0zBN7rKaY14uhqieJjcZ2PwWwwyUn4JDbzJxw1DUSozjrVDJ3e9aRWDG1FkHyq9bCyOu0vEa6DEIfAMEosNmNlZ2i838MFa_wz5nujkSML2acydMRjSBK7sJte-V-d5VH27D_pmenQ073 ...
Continue ReadingDecember 10, 2022
The version of tomcat9 installed on the remote host is prior to 9.0.64-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-233 advisory. - The fix for bug CVE-2020-94 ...
Continue ReadingDecember 10, 2022
FreshRSS is a free, self-hostable RSS aggregator. User configuration files can be accessed by a remote user. In addition to user preferences, such configurations contain hashed passwords (brypt with c ...
Continue ReadingDecember 09, 2022
Back to Main