# Description A unauthenticated user can download, view the details and resources, and retrieve individual pages of any book in the system without any kind of authorization or authentication verificat ...
Continue ReadingAugust 08, 2022
# Description A unauthenticated user can delete any book item of any user reading list in the system without any authentication or authorization verification, via the `/api/readinglist/delete-item` AP ...
Continue ReadingAugust 08, 2022
_The old way of ranking vulnerabilities doesnt work anymore. Instead, enterprise security teams need to rate the true risks to their business. In this blog, we examine each of the risk scores delive ...
Continue ReadingAugust 08, 2022
This Metasploit module exploits CVE-2022-28219, which is a pair of vulnerabilities in ManageEngine ADAudit Plus versions before build 7060. They include a path traversal in the /cewolf endpoint along ...
Continue ReadingAugust 08, 2022
Post ContentRead More ...
Continue ReadingAugust 08, 2022
In a new critical security advisory, [VMSA-2022-0021](), VMWare describes multiple vulnerabilities in several of its products, one of which has a [CVSS]() score of 9.8. Exploiting these vulnerabilitie ...
Continue ReadingAugust 08, 2022
_This blog post was authored by Ankur Saini and Hossein Jazi_ The Malwarebytes Threat Intelligence team has identified a new Remote Access Trojan we are calling Woody Rat that has been in the wild for ...
Continue ReadingAugust 08, 2022
An issue has been discovered in GitLab EE affecting all versions starting from 12.5 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. GitLab ...
Continue ReadingAugust 06, 2022
Back to Main