Hertzbeat is an open source, real-time monitoring system. Hertzbeat has an authenticated (user role) RCE via unsafe deserialization in /api/monitors/import. This vulnerability is fixed in...Read More ...
Continue Reading
August 21, 2024
A vulnerability classified as critical has been found in chillzhuang SpringBlade 4.1.0. Affected is an unknown function of the file /api/blade-system/menu/list?updatexml. The manipulation leads to sql ...
Continue Reading
August 21, 2024
KubePi may allow unauthorized access to system API in...Read More ...
Continue Reading
August 21, 2024
KubePi allows malicious actor to login with a forged JWT token via Hardcoded Jwtsigkeys in...Read More ...
Continue Reading
August 21, 2024
Consul Server Panic when Ingress and API Gateways Configured with Peering Connections in...Read More ...
Continue Reading
August 21, 2024
Argo CD authenticated but unauthorized users may enumerate Application names via the API in...Read More ...
Continue Reading
August 21, 2024
HashiCorp Consul Cross-site Scripting vulnerability in...Read More ...
Continue Reading
August 21, 2024
Dapr API token authentication bypass in HTTP endpoints in...Read More ...
Continue Reading
August 21, 2024
Back to Main
