NIOHTTP1 and projects using it for generating HTTP responses can be subject to a HTTP Response Injection attack. This occurs when a HTTP/1.1 server accepts user generated input from an incoming reques ...
Continue Reading
September 28, 2022
Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker could potentially exploit ...
Continue Reading
September 28, 2022
A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API.Read More ...
Continue Reading
September 28, 2022
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to ins ...
Continue Reading
September 28, 2022
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a missing authentication allows for full access via API.Read More ...
Continue Reading
September 28, 2022
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could utilize an improper input validation on an API-submitted parameter to exe ...
Continue Reading
September 28, 2022
The Bytebase application does not restrict low privilege user to access admin projects for which an unauthorized user can view the projects created by Admin and the affected endpoint i ...
Continue Reading
September 28, 2022
[
Back to Main
