An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error. Elastic has released Kibana 8.11.1 which resolves this issue. The error messag ...
Continue Reading15 декабря, 2023
Summary There are security vulnerabilities in IBM WebSphere Application Server Liberty used by IBM License Metric Tool. Vulnerability Details ** CVEID: CVE-2023-44483 DESCRIPTION: **Apache Santuario ...
Continue Reading15 декабря, 2023
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-8816029058 advisory. The Jupyter Server provides the backend (i.e. the core serv ...
Continue Reading15 декабря, 2023
During the past month, we have observed an increase in the number of malicious ads on Google searches for "Zoom", the popular piece of video conferencing software. Threat actors have ...
Continue Reading15 декабря, 2023
CVE-2023-5561-PoC WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published ...
Continue Reading15 декабря, 2023
Mattermost fails to validate if a relative path is passed in /plugins/playbooks/api/v0/telemetry/run/ as a telemetry run ID, allowing an attacker to use a path traversal payload that points to a diffe ...
Continue Reading15 декабря, 2023
Gitlab reports: Smartcard authentication allows impersonation of arbitrary user using user's public certificate When subgroup is allowed to merge or push to protected branches, subgroup members w ...
Continue Reading15 декабря, 2023
SUMMARY The U.S. Federal Bureau of Investigation (FBI), U.S. Cybersecurity & Infrastructure Security Agency (CISA), U.S. National Security Agency (NSA), Polish Military Counterintelligence Ser ...
Continue Reading15 декабря, 2023
Back to Main