Summary IBM Sterling B2B Integrator uses Apache Commons BeanUtils. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2014-0114 DESCRIPTION ...
Continue Reading
April 18, 2024
Summary IBM Aspera Faspex 5.0.8 has addressed multiple encryption vulnerabilities (CVE-2023-22869, CVE-2023-37396, CVE-2023-27279, CVE-2023-37395, CVE-2023-37397, CVE-2022-40745) Vulnerability Details ...
Continue Reading
April 18, 2024
Airflow versions 2.7.0 through 2.8.4 have a vulnerability that allows an authenticated user to see sensitive provider configuration via the "configuration" UI page when "no ...
Continue Reading
April 18, 2024
Security Advisory Description A flaw was found in the Tomcat package of OpenSUSE and derived distributions. This issue occurs due to incorrect permissions and a race condition in the %post section of ...
Continue Reading
April 18, 2024
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordf ...
Continue Reading
April 18, 2024
Judge0 is an open-source online code execution system. The default configuration of Judge0 leaves the service vulnerable to a sandbox escape via Server Side Request Forgery (SSRF). This allows an atta ...
Continue Reading
April 18, 2024
Tolgee is an open-source localization platform. When API key created by admin user is used it bypasses the permission check at all. This error was introduced in v3.57.2 and immediately fixed in...Read ...
Continue Reading
April 18, 2024
Tolgee is an open-source localization platform. For the /v2/projects/translations and /v2/projects/{projectId}/translations endpoints, translation data was returned even when API key was missing trans ...
Continue Reading
April 18, 2024
Back to Main
