SpEL Injection in PUT /api/v1/policies (GHSL-2023-252) Please note, only authorized and admin role users have access to PUT / POST APIS for /api/v1/policies. Non authenticated users will not be able t ...
Continue Reading23 апреля, 2024
Security Advisory Description CVE-2024-21011 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported ...
Continue Reading23 апреля, 2024
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-f04c2ec90b advisory. pgAdmin <= 8.4 is affected by a Remote Code Executio ...
Continue Reading23 апреля, 2024
Summary Node.js is used by IBM App Connect Enterprise Certified Container as one of the main runtimes. IBM App Connect Enterprise Certified Container operands are vulnerable to loss of confidentiality ...
Continue Reading23 апреля, 2024
Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakne ...
Continue Reading23 апреля, 2024
-= Per source details. Do not edit below this line.=- Source: ghsa-malware (6cdabf6ac5434305cb152ee0eaf4d9cbac6f1de324ae91052537dc8fcfa94410) Any computer that has this package installed or running sh ...
Continue Reading23 апреля, 2024
Talos Vulnerability Report TALOS-2024-1957 OFFIS DCMTK DVPSSoftcopyVOI_PList::createFromImage incorrect type conversion vulnerability April 23, 2024 CVE Number CVE-2024-28130 SUMMARY An incorrect type ...
Continue Reading23 апреля, 2024
The version of cri-o installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-1708 advisory. A vulnerabilit ...
Continue Reading23 апреля, 2024
Back to Main