Summary There is a vulnerability in Enterprise Security API for Java that could allow an remote attacker to steal cookie-based authentication credentials on the system. The code is used by IBM Process ...
Continue Reading
March 29, 2024
An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that at ...
Continue Reading
March 29, 2024
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared...Read More ...
Continue Reading
March 29, 2024
The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress is vulnerable to time-based SQL Injection via the erp/v1/accountin ...
Continue Reading
March 29, 2024
The OceanWP theme for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the load_theme_panel_pane function in all versions up to, and including, 3.5.4. This m ...
Continue Reading
March 29, 2024
Grafana vulnerable to Authorization Bypass Through User-Controlled Key. The vulnerability is due to insufficient validation of organization IDs in the DeleteDashboardSnapshot within dashboard_snapshot ...
Continue Reading
March 29, 2024
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared...Read More ...
Continue Reading
March 29, 2024
CVE-2024-1698 Exploit Script - Wordpress NotificationX <= 2.8.2 - SQL Injection This is an exploit script to find out wordpress admin's username and password hash by exploiting CVE-2024-16 ...
Continue Reading
March 29, 2024
Back to Main
