Parts of the Scrapy API were found to be vulnerable to a ReDoS attack. Handling a malicious response could cause extreme CPU and memory usage during the parsing of its content, due to the use of vulne ...

Continue Reading

February 28, 2024

Summary OpenMage is affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Details Mag ...

Continue Reading

February 28, 2024

...Read More ...

Continue Reading

February 27, 2024

Summary IBM Maximo Application Suite - Monitor Component uses IBM WebSphere Application Server Liberty which is vulnerable to CVE-2023-46158 and CVE-2023-44483. This bulletin identifies the steps to t ...

Continue Reading

February 27, 2024

Security Advisory Description A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, ...

Continue Reading

February 27, 2024

ZenML Server in the ZenML machine learning package before 0.46.7 for Python allows remote privilege escalation because the /api/v1/users/{user_name_or_id}/activate REST API endpoint allows access on t ...

Continue Reading

February 27, 2024

...Read More ...

Continue Reading

February 27, 2024

In the modern world, we are surrounded by a multitude of smart devices that simplify our daily lives: smart speakers, robotic vacuum cleaners, automatic pet feeders and even entire smart homes. Toy ma ...

Continue Reading

February 27, 2024