API - API Security Blog

Exploit for Cross-site Scripting in Cpanel

Badges ## License [MIT](https://choosealicense.com/licenses/mit/) ## Installation 1. Install Python3 and pip [Instructions Here](https://www.python.org/downloads/) (If you can&#x ...

April 21, 2024

RHEL 5 : tomcat6 (RHSA-2011:0348)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0348 advisory. JDK Double.parseDouble Denial-Of-Service ...

April 21, 2024

CVE-2024-31450

Owncast is an open source, self-hosted, decentralized, single user live video streaming and chat server. The Owncast application exposes an administrator API at the URL /api/admin. The emoji/delete en ...

April 21, 2024

BIT-airflow-2024-31869

Airflow versions 2.7.0 through 2.8.4 have a vulnerability that allows an authenticated user to see sensitive provider configuration via the "configuration" UI page when "no ...

April 21, 2024

CVE-2024-29030

memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /api/resource that allows authenticated users to enumerate the internal...Read More ...

April 20, 2024

CVE-2024-29029

memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/image that allows unauthenticated users to enumerate the internal network and ret ...

April 20, 2024

[SECURITY] Fedora 40 Update: gnutls-3.8.5-1.fc40

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access t ...

April 20, 2024

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : tomcat (SUSE-SU-2024:1345-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1345-1 advisor ...

April 19, 2024