Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4685-2x5r-65pj. This link is maintained to preserve external references. Original Description It was discovered th ...
Continue Reading
April 05, 2024
Improper Access Control in Mattermost Server versions 9.5.x before 9.5.2, 9.4.x before 9.4.4, 9.3.x before 9.3.3, 8.1.x before 8.1.11 lacked proper access control in the /api/v4/users/me/teams endpoin ...
Continue Reading
April 05, 2024
Impact Note: "Pebble" here refers to Canonical's service manager, not the Let's Encrypt ACME test server. The API behind pebble pull, used to read files from the workload c ...
Continue Reading
April 05, 2024
Name: ASA-2024-007: Potential Reentrancy using Timeout Callbacks in ibc-hooks Component: ibc-go Criticality: Critical (ACMv1: I:Critical; L:AlmostCertain) Affected versions: < v4.6.0, < ...
Continue Reading
April 05, 2024
An update is available for opencryptoki. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulne ...
Continue Reading
April 05, 2024
On February 1st, 2024, during our Bug Bounty Extravaganza, we received a submission for an Arbitrary File Upload vulnerability in Management App for WooCommerce, a WordPress plugin with 1,000+ active ...
Continue Reading
April 05, 2024
AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident ...
Continue Reading
April 05, 2024
github.com/ossrs/srs is vulnerable to Cross-Site Scripting. The vulnerability is due to insufficient input validation on the /api/v1/vhosts/vid-?callback= endpoint. This allowing the injection of mali ...
Continue Reading
April 05, 2024
Back to Main
