K000139214 : Apache httpd vulnerability CVE-2024-27316

Security Advisory Description HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending h ...

Continue Reading
Shopware Improper Session Handling in store-api account logout

Impact When a authentificated request is made to POST /store-api/account/logout, the cart will be cleared, but the User won't be logged out. This affects only the direct store-api usage, as the P ...

Continue Reading
Top 3 API Leaks Identified by Cybersecurity & InfoSec Experts

APIs (Application Programming Interfaces) have proliferated widely, which increases their susceptibility to various vulnerabilities. In the realm of web applications, prime examples that stand out are ...

Continue Reading
CVE-2024-31447

Shopware 6 is an open commerce platform based on Symfony Framework and Vue. Starting in version 6.3.5.0 and prior to versions 6.6.1.0 and 6.5.8.8, when a authenticated request is made to POST /store-a ...

Continue Reading
Trojan.Win32.Razy.abc MVID-2024-0678 Insecure Permissions

...Read More ...

Continue Reading
CVE-2021-39943

An authorization logic error in the External Status Check API in GitLab EE affecting all versions starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting ...

Continue Reading
CVE-2021-39904

(An Improper Access Control vulnerability in the GraphQL API in all ver...Read More ...

Continue Reading
Rocky Linux 8 : curl (RLSA-2024:1601)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1601 advisory. An information disclosure vulnerability exists in...R ...

Continue Reading

Back to Main

Subscribe for the latest news: