dectalk-tts is a Node package to interact with the aeiou Dectalk web API. In [email protected], network requests to the third-party API are sent over HTTP, which is unencrypted. Unencrypted traffic ca ...
Continue Reading
April 05, 2024
gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to Cross-Site Request Forgery. The /api/config endpoint allows one to modify the existing configuration with user-sup ...
Continue Reading
April 04, 2024
gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to DOM-based cross-site scripting. The index page (index.html) shows the available streams by fetching the API ([0]) ...
Continue Reading
April 04, 2024
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordf ...
Continue Reading
April 04, 2024
A vulnerability was identified in Nomad such that the search HTTP API can reveal names of available CSI plugins to unauthenticated users or users without the plugin:read policy. This vulnerability aff ...
Continue Reading
April 04, 2024
A vulnerability exists in Nomad where the API caller's ACL token secret ID is exposed to Sentinel...Read More ...
Continue Reading
April 04, 2024
pgAdmin <= 8.4 is affected by a Remote Code Execution (RCE) vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server host ...
Continue Reading
April 04, 2024
It was discovered that Pebble's read-file API and the associated pebble pull command, before v1.10.2, allowed unprivileged local users to read files with root-equivalent permissions when Pebble w ...
Continue Reading
April 04, 2024
Back to Main
