API-powered tools can enhance patient access to healthcare services, but these tools also introduce risk. Learn how to protect your...Read More ...
Continue Reading
May 03, 2024
An issue was discovered in Bouncy Castle Java Cryptography APIs before BC 1.78. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happ ...
Continue Reading
May 03, 2024
Security Advisory Description A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. T ...
Continue Reading
May 03, 2024
TwoNav 2.1.13 contains an SSRF vulnerability via the url paramater to index.php?c=api&method=read_data&type=connectivity_test (which reaches...Read More ...
Continue Reading
May 03, 2024
Dump secrets inline This week, our very own cdelafuente-r7 added a significant improvement to the well-known Windows Secrets Dump module to reduce the footprint when dumping SAM hashes, LSA secrets a ...
Continue Reading
May 03, 2024
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the ipurl parameter at /API/info form...Read More ...
Continue Reading
May 03, 2024
In Apache ActiveMQ 6.x, the default configuration doesn't secure the API web context (where the Jolokia JMX REST API and the Message REST API are located). It means that anyone can use these laye ...
Continue Reading
May 03, 2024
NETGEAR Orbi 760 SOAP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR Orbi 760 routers. Auth ...
Continue Reading
May 03, 2024
Back to Main
