Security Advisory Description CVE-2024-20994 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.36 and pr ...
Continue Reading
May 14, 2024
CVE-2024-26026 BIG-IP Next Central Manager API UNAUTHENTICATED SQL INJECTION link:...Read More ...
Continue Reading
May 14, 2024
Executive Summary Rapid7 has observed an ongoing campaign to distribute trojanized installers for WinSCP and PuTTY via malicious ads on commonly used search engines, where clicking on the ad leads to ...
Continue Reading
May 13, 2024
Summary A user with permission to view any collection using redacted hashed fields can get access the raw stored version using the alias functionality on the API. Normally, these redacted fields will ...
Continue Reading
May 13, 2024
Impact When opening a form in Valtimo, the access token (JWT) of the user is exposed to api.form.io via the the x-jwt-token header. An attacker can retrieve personal information from this token, or us ...
Continue Reading
May 13, 2024
Impact When opening a form in Valtimo, the access token (JWT) of the user is exposed to api.form.io via the the x-jwt-token header. An attacker can retrieve personal information from this token, or us ...
Continue Reading
May 13, 2024
Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. Improper handling of data in Mail (CWE-231) CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Base Score 4.9 CVE-2024 ...
Continue Reading
May 13, 2024
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. samba: s ...
Continue Reading
May 12, 2024
Back to Main
