The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0607-1 advisor ...
Continue Reading
February 24, 2024
Hertzbeat is a real-time monitoring system. In the implementation of JmxCollectImpl.java, JMXConnectorFactory.connect is vulnerable to JNDI injection. The corresponding interface is /api/monitor/detec ...
Continue Reading
February 24, 2024
SQL Injection vulnerability in CRMEB crmeb_java v.1.3.4 and before allows a remote attacker to obtain sensitive information via the latitude and longitude parameters in the api/front/store/list...Read ...
Continue Reading
February 24, 2024
Security Advisory Description A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in thepki_verify_data_signature function in memory allocation ...
Continue Reading
February 24, 2024
Fiber is a web framework written in go. Prior to version 2.52.1, the CORS middleware allows for insecure configurations that could potentially expose the application to multiple CORS-related vulnerabi ...
Continue Reading
February 23, 2024
Security Advisory Description CVE-2024-20964 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.35 and ...
Continue Reading
February 23, 2024
Security Advisory Description Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loadi ...
Continue Reading
February 23, 2024
Created by John Tuckner and the team at workflow and automation platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams underst ...
Continue Reading
February 23, 2024
Back to Main
