A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive configuration database contents in the API controller of Sophos Firewall older than version 19.5 GA.Read More ...

Continue Reading

December 01, 2022

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 3cde510a-7135-11ed-a28b-bff032704f00 advisor ...

Continue Reading

December 01, 2022

From the news headlines, we know that data breaches are on the rise - both in frequency and scale. While this reality is unsettling, it’s not surprising. That is because the volume of data being ...

Continue Reading

December 01, 2022

[![](https://blogger.googleusercontent.com/img/a/AVvXsEgad_q4Q6z9A-opQWg-i2Ajz_TAp3zBKQexPEB_cqcjQE-nRK0qOGMPY5SkLAET2nl84YKocw1DUbtjnYpgJKSXQUEzwHZi75YvGO1pXDU5CNtL2dQRlvXO3DwrB3oWv8wX6OWYaqcEZnYU7qG ...

Continue Reading

December 01, 2022

Gitlab reports: DAST API scanner exposes Authorization headers in vulnerabilities Group IP allow-list not fully respected by the Package Registry Deploy keys and tokens may bypass External Authorizati ...

Continue Reading

December 01, 2022

## Summary IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse® on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. ## Vul ...

Continue Reading

November 30, 2022

## Summary IBM API Connect is impacted by a vulnerability in Apache Xalan Java XSLT library. IBM API Connect has addressed the vulnerability in CVE-2022-34169. ## Vulnerability Details ** CVEID: **[CV ...

Continue Reading

November 30, 2022

github.com/mattermost/mattermost-server is vulnerable to denial of service. The vulnerability exists in `user_store.go` because it will send multiple requests to one of the api endpoints which could f ...

Continue Reading

November 30, 2022