Today, Microsoft is excited to publish our second edition of [**Cyber Signals**](), spotlighting security trends and insights gathered from Microsofts 43 trillion security signals and 8,500 security ...
Continue Reading22 августа, 2022
A flaw was found in the Red Hat OpenShift API Management product. User input is not validated allowing an authenticated user to inject scripts into some text boxes leading to a XSS attack. The highest ...
Continue Reading22 августа, 2022
A flaw was found in Foreman project. A credential leak was identified which will expose Azure Compute Profile password through JSON of the API output. The highest threat from this vulnerability is to ...
Continue Reading22 августа, 2022
Tabit - arbitrary SMS send on Tabits behalf. The resend OTP API of tabit allows an adversary to send messages on tabits behalf to anyone registered on the system - the API receives the parameters: pho ...
Continue Reading22 августа, 2022
Tabit - sensitive information disclosure. Several APIs on the web system display, without authorization, sensitive information such as health statements, previous bills in a specific restaurant, alcoh ...
Continue Reading22 августа, 2022
Tabit - Excessive data exposure. Another endpoint mapped by the tiny url, was one for reservation cancellation, containing the MongoDB ID of the reservation, and organization. This can be used to quer ...
Continue Reading22 августа, 2022
## Summary IBM has announced a release for IBM Security Verify Governance (ISVG) in response to security vulnerabilities. The vulnerabilities are caused by Node.js which is vulnerable to multiple thre ...
Continue Reading22 августа, 2022
Today, Microsoft is excited to publish our second edition of [**Cyber Signals**](), spotlighting security trends and insights gathered from Microsofts 43 trillion security signals and 8,500 security ...
Continue Reading22 августа, 2022
Back to Main