Cross-Site Request Forgery (CSRF) vulnerability leading to API Key Update discovered by Rasi Afeef (Patchstack Alliance) in WordPress GetResponse plugin (versions Read More ...
Continue ReadingSeptember 01, 2022
[![Android and iOS Apps](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEhG7AO2QCQiJeV51vhRxEgKY0CYtXlVSOswll8I411Uc1WtO_9bov32tKyQxEleEoK2Uuca-9dAZlfkxSLCKe1HEq-uINGcJoAasjARxTLWGnc3CtbPAlu ...
Continue ReadingSeptember 01, 2022
# ?? Casdoor ????? OAuth 2.0 / OIDC ??????????SSO???????????????...Read More ...
Continue ReadingSeptember 01, 2022
Novel-Plus v3.6.2 was discovered to contain an arbitrary file download vulnerability via the background file download API.Read More ...
Continue ReadingAugust 31, 2022
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue ReadingAugust 31, 2022
## Summary Security vulnerabilities have been addressed in IBM Cognos Analytics 11.2.3. These vulnerabilities have also been previously addressed in IBM Cognos Analytics 11.1.7 FP5 where applicable. M ...
Continue ReadingAugust 31, 2022
According to Verizons 2022 Data Breach Investigations Report, web applications remain both the top hacking vector and data breach pattern, accounting for roughly 70% of security incidents. This is b ...
Continue ReadingAugust 31, 2022
There is a NULL pointer dereference vulnerability in VTK, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to der ...
Continue ReadingAugust 31, 2022
Back to Main