### Impact All authenticated Cube clients could bypass row-level security and run arbitrary SQL via the newly introduced /v1/sql-runner endpoint. ### Patches The change has been reverted in 0.31.24 ## ...
Continue Reading
December 12, 2022
The (winter) solstice is fast approaching, along with the end-of-year holidays - before we know it, it'll be 2023 already! And with the fall behind us, our hive has been busy putting the finishing tou ...
Continue Reading
December 12, 2022
For todayâs CISOs, managing cyber risk is Job #1 priority, and itâs a full-time concern. Security practitioners are spending a considerable amount of time responding to cybersecurity threats ...
Continue Reading
December 12, 2022
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
December 12, 2022
Akeneo PIM is an open source Product Information Management (PIM). Akeneo PIM Community Edition versions before v5.0.119 and v6.0.53 allows remote authenticated users to execute arbitrary PHP code on ...
Continue Reading
December 12, 2022
Web exploitation and web shells are some of the most common entry points in the current threat landscape. Web servers provide an external avenue directly into your corporate network, which often resul ...
Continue Reading
December 12, 2022
Web exploitation and web shells are some of the most common entry points in the current threat landscape. Web servers provide an external avenue directly into your corporate network, which often resul ...
Continue Reading
December 12, 2022
A vulnerability exists in the API of Aruba EdgeConnect Enterprise. An unauthenticated attacker can exploit this condition via the web-based management interface to create a denial-of-service condition ...
Continue Reading
December 12, 2022
Back to Main
