What’s New in InsightIDR: Q2 2022 in Review

![What's New in InsightIDR: Q2 2022 in Review](https://blog.rapid7.com/content/images/2022/07/insightidr-q2-2022.jpg) This Q2 2022 recap post takes a look at some of the latest investments we've made ...

Continue Reading
Improper handling of parameter lead to listing any directory

# Description In `file-manager/list` API, the server does not handling `path` parameters properly lead to allow listing any directory. To exploit, use double URL encoding to bypass filter. # Proof of ...

Continue Reading
CVE-2022-2227

Improper access control in the runner jobs API in GitLab CE/EE affecting all versions prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 allows a previous maintainer of a project with a ...

Continue Reading
Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities

Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwr ...

Continue Reading
CVE-2022-30619

Editable SQL Queries behind Base64 encoding sending from the Client-Side to The Server-Side for a particular API used in legacy Work Center module. He attack is available for any authenticated user, i ...

Continue Reading
CVE-2022-32290

The client in Northern.tech Mender 3.2.0, 3.2.1, and 3.2.2 has Incorrect Access Control. It listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional ...

Continue Reading
CVE-2021-46687

JFrog Artifactory prior to version 7.31.10 and 6.23.38 is vulnerable to Sensitive Data Exposure through the Project Administrator REST API. This issue affects: JFrog JFrog Artifactory JFrog Artifactor ...

Continue Reading
CVE-2021-45721

JFrog Artifactory prior to version 7.29.8 and 6.23.38 is vulnerable to Reflected Cross-Site Scripting (XSS) through one of the XHR parameters in Users REST API endpoint. This issue affects: JFrog JFro ...

Continue Reading

Back to Main

Subscribe for the latest news: