Microsoft and Adobe Patch Tuesday, December 2023 Security Update Review

Microsoft has wrapped up the year with fewer security updates released in its Patch Tuesday, December 2023 edition. We invite you to join us to review and discuss the details of these security updates ...

Continue Reading
BIT-espocrm-2023-46736

EspoCRM is an Open Source CRM (Customer Relationship Management) software. In affected versions there is Server-Side Request Forgery (SSRF) vulnerability via the upload image from url api. Users who h ...

Continue Reading
Zammad Information Disclosure Vulnerability (CNVD-2023-9769727)

Zammad is a suite of ticket management software from the German company Zammad. Zammad suffers from an information disclosure vulnerability that stems from the use of the public endpoint /api/v1/signs ...

Continue Reading
SpringBlade – Information Leakage

SpringBlade is a comprehensive project upgraded and optimized from a commercial-grade project, featuring both a SpringCloud distributed microservice architecture and a SpringBoot monolithic microservi ...

Continue Reading
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for November 2023.

Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF027 and 23.0.1-IF005. This bulletin identifies the steps to take to address the vulnerabilit ...

Continue Reading
Security Bulletin: Security vulnerabilities have been identified in WebSphere Liberty Profile shipped with IBM License Metric Tool v9.

Summary There are security vulnerabilities in IBM WebSphere Application Server Liberty used by IBM License Metric Tool. Vulnerability Details ** CVEID: CVE-2023-44483 DESCRIPTION: **Apache Santuario ...

Continue Reading
Gitlab — vulnerabilities

Gitlab reports: Smartcard authentication allows impersonation of arbitrary user using user's public certificate When subgroup is allowed to merge or push to protected branches, subgroup members w ...

Continue Reading
Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally

SUMMARY The U.S. Federal Bureau of Investigation (FBI), U.S. Cybersecurity & Infrastructure Security Agency (CISA), U.S. National Security Agency (NSA), Polish Military Counterintelligence Ser ...

Continue Reading

Back to Main

Subscribe for the latest news: