pgAdmin is vulnerable to Remote Code Execution (RCE). The vulnerability is due improper validation within the binary path API, which allows attackers to execute arbitrary code on the...Read More ...
Continue Reading
April 06, 2024
gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to Cross-Site Request Forgery. The /api/config endpoint allows one to modify the existing configuration with user-sup ...
Continue Reading
April 05, 2024
A valid authenticated Lenovo XClarity Administrator (LXCA) user can potentially leverage an unauthenticated API endpoint to retrieve system event...Read More ...
Continue Reading
April 05, 2024
Webhood is a self-hosted URL scanner used analyzing phishing and malicious sites. Webhood's backend container images in versions 0.9.0 and earlier are subject to Missing Authentication for Critic ...
Continue Reading
April 05, 2024
A path traversal vulnerability exists in the Java version of CData API Server < 23.4.8844 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to g ...
Continue Reading
April 05, 2024
Summary The DELETE /api/snapshots/{key} endpoint allows any Grafana user to delete snapshots if the user is NOT in the organization of the snapshot Details An attacker (a user without organization aff ...
Continue Reading
April 05, 2024
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4685-2x5r-65pj. This link is maintained to preserve external references. Original Description It was discovered th ...
Continue Reading
April 05, 2024
Back to Main
