The "soap_cgi.pyc" API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform s ...
Continue Reading
August 07, 2024
The "soap_cgi.pyc" API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform s ...
Continue Reading
August 07, 2024
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5083 advisory. Red Hat OpenStack Platform provides the facilities f ...
Continue Reading
August 07, 2024
Vulnerability Details Affected Vendor: Journyx Affected Product: Journyx (jtime) Affected Version: 11.5.4 Platform: GNU/Linux CWE Classification: CWE-611: Improper Restriction of XML External Enti ...
Continue Reading
August 07, 2024
Vulnerability Details Affected Vendor: Open WebUI Affected Product: Open WebUI Affected Version: 0.1.105 Platform: Debian 12 CWE Classification: CWE-22: Improper Limitation of a Pathname to a ...
Continue Reading
August 07, 2024
github.com/alexxit/go2rtc is vulnerable to DOM-based cross-site scripting (XSS). The vulnerability is due to the lack of input sanitization when appending API data using innerHTML in the index page (i ...
Continue Reading
August 07, 2024
REXML is vulnerable to Denial Of Service (DoS). The vulnerability is due to a lack of proper entity expansion limits in its XML parsing with SAX2 or pull parser API. The vulnerability allows for exces ...
Continue Reading
August 07, 2024
The weave server API is vulnerable to Improper Input Validation. The vulnerability is caused due to a missing validation while fetching files from a remote directory for allowed file paths. This allow ...
Continue Reading
August 07, 2024
Back to Main
