zenml is vulnerable to Improper Authorization. The vulnerability is due to improper authorization controls in the API PUT /api/v1/users/id endpoint, allowing any authenticated user to modify other use ...
Continue Reading
June 11, 2024
h2o is vulnerable to Sensitive Information Exposure. The vulnerability is due the Typeahead API call which allows an attacker to lookup arbitrary system paths in the entire file system where h2o-3 is. ...
Continue Reading
June 11, 2024
Users with low privileges (just plain users in the realm) are able to utilize administrative functionalities within Keycloak admin interface. This issue presents a significant security risk as it allo ...
Continue Reading
June 11, 2024
Document Merge Service is a document template merge service providing an API to manage templates and merge them with given data. Versions 6.5.1 and prior are vulnerable to remote code execution via se ...
Continue Reading
June 11, 2024
Document Merge Service is a document template merge service providing an API to manage templates and merge them with given data. Versions 6.5.1 and prior are vulnerable to remote code execution via se ...
Continue Reading
June 11, 2024
Document Merge Service is a document template merge service providing an API to manage templates and merge them with given data. Versions 6.5.1 and prior are vulnerable to remote code execution via se ...
Continue Reading
June 11, 2024
A flaw was found in PHP versions 8.1 before 8.1.29, 8.2 before 8.2.20, and 8.3 before 8.3.8. When using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may us ...
Continue Reading
June 11, 2024
A low severity vulnerability in BIPS has been identified where an attacker with high privileges or a compromised high privilege account can overwrite Read-Only smart rules via a specially crafted API. ...
Continue Reading
June 11, 2024
Back to Main
