Summary IBM WebSphere Application Server Liberty is shipped as a component of IBM Business Automation Workflow for User Management Services and Process Federation Server. IBM WebSphere Applciation Ser ...
Continue Reading
March 01, 2024
Password reset vulnerable to accent confusion The password reset mechanism of the Directus backend is implemented in a way where combined with (specific, need to double check if i can work around) con ...
Continue Reading
March 01, 2024
Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 10.8.3, the exact Directus version number was being shipped in compiled JS bundles which are accessibl ...
Continue Reading
March 01, 2024
Directus is a real-time API and App dashboard for managing SQL database content. The password reset mechanism of the Directus backend allows attackers to receive a password reset email of a victim use ...
Continue Reading
March 01, 2024
IBM Cloud Pak Foundational Services Identity Provider (idP) API (IBM Cloud Pak for Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, an ...
Continue Reading
March 01, 2024
The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the qemu-kvm-6.1.0-3.el9 build changelog. use-after-free during packet reassembly ...
Continue Reading
March 01, 2024
Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, 9.3.0, and 9.4.x before 9.4.2 fail to limit the number of role names requested from the API, allowing an authenticated attacker to cause the ...
Continue Reading
March 01, 2024
Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated users to view DAG code and import errors of DAGs they do not have permission to view through the API and the UI. Us ...
Continue Reading
March 01, 2024
Back to Main
