Default table permissions in SurrealDB were FULL instead of NONE. This would lead to tables having FULL permissions for SELECT, CREATE, UPDATE and DELETE unless some other permissions were specified v ...
Continue Reading15 декабря, 2023
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate information related to ...
Continue Reading15 декабря, 2023
Summary There are security vulnerabilities in IBM WebSphere Application Server Liberty used by IBM License Metric Tool. Vulnerability Details ** CVEID: CVE-2023-44483 DESCRIPTION: **Apache Santuario ...
Continue Reading15 декабря, 2023
Silverpeas Core 6.3.1 and prior are vulnerable to Cross Site Scripting (XSS) via the message/notification...Read More ...
Continue Reading15 декабря, 2023
An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with lim ...
Continue Reading15 декабря, 2023
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate ancillary credential i ...
Continue Reading15 декабря, 2023
Summary Multiple issues were identified with IBM Runtime Environment, Java Technology Edition, Version 8 which is shipped with IBM MQ. Vulnerability Details CVEID: CVE-2023-22081 DESCRIPTION: An unspe ...
Continue Reading15 декабря, 2023
Mattermost fails to perform authorization checks in the /plugins/playbooks/api/v0/runs/add-to-timeline-dialog endpoint of the Playbooks plugin allowing an attacker to get limited information about a ...
Continue Reading15 декабря, 2023
Back to Main