K000139525: Libexpat vulnerability CVE-2022-43680

Security Advisory Description In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. (CVE-2 ...

Continue Reading

May 24, 2024

Sensitive Information Disclosure

ezsystems/ezpublish-kernel is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the REST API potentially disclosing the names of all available site...Read More ...

Continue Reading

May 24, 2024

CVE-2024-35232

github.com/huandu/facebook is a Go package that fully supports the Facebook Graph API with file upload, batch request and marketing API. access_token can be exposed in error message on fail in HTTP re ...

Continue Reading

May 24, 2024

CVE-2024-35232 github.com/huandu/facebook may expose access_token in error message

github.com/huandu/facebook is a Go package that fully supports the Facebook Graph API with file upload, batch request and marketing API. access_token can be exposed in error message on fail in HTTP re ...

Continue Reading

May 24, 2024

K000139764: Apache HTTPD vulnerability CVE-2023-38709

Security Advisory Description Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: t ...

Continue Reading

May 24, 2024

Pug allows JavaScript code execution if an application accepts untrusted input

Pug through 3.0.2 allows JavaScript code execution if an application accepts untrusted input for the name option of the compileClient, compileFileClient, or compileClientWithDependenciesTracked functi ...

Continue Reading

May 24, 2024

Debezium UI 2.5 Credential Disclosure

...Read More ...

Continue Reading

May 24, 2024

4BRO Insecure Direct Object Reference / API Information Exposure

...Read More ...

Continue Reading

May 24, 2024

1 8,238 8,239 8,240 8,241 8,242 9,321

Back to Main
Subscribe for the latest news: