### Impact Users with host file system access on a node and the privileges to run as group ID 1000 can gain access to the per node API of Cilium via Unix domain socket on the host where Cilium is runn ...
Continue ReadingMay 30, 2022
A vulnerability classified as critical has been found in Cardo Systems Scala Rider Q3. Affected is the file /cardo/api of the Cardo-Updater. Unauthenticated remote code execution with root permissions ...
Continue ReadingMay 30, 2022
### Impact XWiki Crypto API will generate X509 certificates signed by default using SHA1 with RSA, which is not considered safe anymore for use in certificate signatures, due to the risk of collisions ...
Continue ReadingMay 30, 2022
The `ctx` hosted project on [PyPI](https://pypi.org/project/ctx/) was taken over via user account compromise and replaced with a malicious project which contained runtime code that collected the cont ...
Continue ReadingMay 30, 2022
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting with version 8.3-rc-1 and prior to versions 12.10.3 and 14.0, one can ask for any file ...
Continue ReadingMay 30, 2022
An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthentica ...
Continue ReadingMay 30, 2022
### Impact Previous version of Guzzle contain a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets th ...
Continue ReadingMay 30, 2022
Found **api[.]dom-ua.online** in [RST Threat Feed](https://rstc...Read More ...
Continue ReadingMay 30, 2022
Back to Main