A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record Read More ...
Continue ReadingDecember 08, 2022
Because of incorrect bounds on method `Secp256k1::preallocated_gen_new` it was possible to cause use-after-free from safe consumer code. It was also possible to "free" memory not allocated by the appr ...
Continue ReadingDecember 08, 2022
Hasura GraphQL Engine before 2.15.2 mishandles row-level authorization in the Update Many API for Postgres backends. The fixed versions are 2.10.2, 2.11.3, 2.12.1, 2.13.2, 2.14.1, and 2.15.2. (Version ...
Continue ReadingDecember 08, 2022
In 2020, Spotify coined the term ["Golden Pathâ]() to refer to a supported approach and set of components to build and deploy software. Having these paths simplifies the development process, lets ...
Continue ReadingDecember 07, 2022
Today, we are glad to release the third version of the [threat matrix for Kubernetes](), an evolving knowledge base for security threats that target Kubernetes clusters. The matrix, first released by ...
Continue ReadingDecember 07, 2022
Today, we are glad to release the third version of the [threat matrix for Kubernetes](), an evolving knowledge base for security threats that target Kubernetes clusters. The matrix, first released by ...
Continue ReadingDecember 07, 2022
# **CVE-2021-41805** ### **Hashicorp Consul RCE via API** **Has...Read More ...
Continue ReadingDecember 07, 2022
The adoption of application programming interfaces, more commonly known as APIs, has increased dramatically in recent years. In many ways, APIs are now the backbone of the Internet. The reason? APIs a ...
Continue ReadingDecember 07, 2022
Back to Main