Microsoft has wrapped up the year with fewer security updates released in its Patch Tuesday, December 2023 edition. We invite you to join us to review and discuss the details of these security updates ...
Continue Reading15 декабря, 2023
EspoCRM is an Open Source CRM (Customer Relationship Management) software. In affected versions there is Server-Side Request Forgery (SSRF) vulnerability via the upload image from url api. Users who h ...
Continue Reading15 декабря, 2023
Zammad is a suite of ticket management software from the German company Zammad. Zammad suffers from an information disclosure vulnerability that stems from the use of the public endpoint /api/v1/signs ...
Continue Reading15 декабря, 2023
SpringBlade is a comprehensive project upgraded and optimized from a commercial-grade project, featuring both a SpringCloud distributed microservice architecture and a SpringBoot monolithic microservi ...
Continue Reading15 декабря, 2023
Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF027 and 23.0.1-IF005. This bulletin identifies the steps to take to address the vulnerabilit ...
Continue Reading15 декабря, 2023
Summary There are security vulnerabilities in IBM WebSphere Application Server Liberty used by IBM License Metric Tool. Vulnerability Details ** CVEID: CVE-2023-44483 DESCRIPTION: **Apache Santuario ...
Continue Reading15 декабря, 2023
Gitlab reports: Smartcard authentication allows impersonation of arbitrary user using user's public certificate When subgroup is allowed to merge or push to protected branches, subgroup members w ...
Continue Reading15 декабря, 2023
SUMMARY The U.S. Federal Bureau of Investigation (FBI), U.S. Cybersecurity & Infrastructure Security Agency (CISA), U.S. National Security Agency (NSA), Polish Military Counterintelligence Ser ...
Continue Reading15 декабря, 2023
Back to Main