Jenkins BigPanda Notifier Plugin 1.4.0 and earlier does not mask the BigPanda API key on the global configuration form, increasing the potential for attackers to observe and capture it.Read More ...
Continue Reading
September 23, 2022
Jenkins Anchore Container Image Scanner Plugin 1.0.24 and earlier does not escape content provided by the Anchore engine API, resulting in a stored cross-site scripting (XSS) vulnerability exploitable ...
Continue Reading
September 23, 2022
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3333-1 advisory. - A path traversal vulnerability in KubeVirt ...
Continue Reading
September 23, 2022
# CVE-2022-36804-POC A critical vulnerability (CVE-2022-36804) i...Read More ...
Continue Reading
September 23, 2022
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
September 23, 2022
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3321-1 advisory. - A path traversal vulnerability in KubeVirt ...
Continue Reading
September 22, 2022
# Description Improper access to an API endpoint`AddUserToRole` can allow a regular user to escalate his privileges to be an admin # Infected code ``` [Authorize(Roles = Roles.User)] [HttpPost] ...
Continue Reading
September 22, 2022
## The spikes are coming September is nearly over, and Black Friday, Cyber Monday, Thanksgiving, Hanukkah, Halloween, Super Saturday, and the festive season will soon be upon us. With the holidays com ...
Continue Reading
September 22, 2022
Back to Main
