JVN#76024879: PowerCMS XMLRPC API vulnerable to command injection

PowerCMS XMLRPC API provided by Alfasado Inc. contains a command injection vulnerability ([CWE-74]()). Sending a specially crafted message by POST method to PowerCMS XMLRPC API may allow arbitrary Per ...

Continue Reading
elrond-go MultiESDTNFTTransfer call on a SC address with missing function name

### Impact Anyone who uses elrond-go to process blocks (historical or actual) that contains a transaction like this: `MultiESDTNFTTransfer@01@54444558544b4b5955532d323631626138@00@0793afc18c8da2ca@` ( ...

Continue Reading
elrond-go MultiESDTNFTTransfer call on a SC address with missing function name

### Impact Anyone who uses elrond-go to process blocks (historical or actual) that contains a transaction like this: `MultiESDTNFTTransfer@01@54444558544b4b5955532d323631626138@00@0793afc18c8da2ca@` ( ...

Continue Reading
Introducing Qualys Threat Research Thursdays

Welcome to the first edition of the Qualys Research Team’s “Threat Research Thursday” where we collect and curate notable new tools, techniques, procedures, threat intelligence, cybersecurity news, ...

Continue Reading

CVSS3 - CRITICAL

CVSS2 - HIGH

CVE-2022-1902

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...

Continue Reading
CVE-2022-2238

A vulnerability was found in the search-api container in Red Hat Advanced Cluster Management for Kubernetes when a query in the search filter gets parsed by the backend. This flaw allows an attacker t ...

Continue Reading
CVE-2022-34372

Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially access and interact with the docker registr ...

Continue Reading
Security update for python-M2Crypto (important)

An update that fixes one vulnerability is now available. Description: This update for python-M2Crypto fixes the following issues: - CVE-2020-25657: Fixed Bleichenbacher timing attacks in the RSA ...

Continue Reading

CVSS3 - MEDIUM

CVSS2 - MEDIUM

Back to Main

Subscribe for the latest news: