Impact A vulnerability has been identified in which unauthenticated cross-site scripting (XSS) in the API Server's public API endpoint can be exploited. This can lead to an attacker exploiting th ...
Continue Reading
February 08, 2024
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): runc: file descriptor leak (CVE-2024-21626) For more details about ...
Continue Reading
February 08, 2024
A Kickoff Discussion on Core Aspects of Avro & Protobuf When deliberating on the subject of data structure encoding, a tandem of tools frequently emerges in technical discussions: Avro and Pro ...
Continue Reading
February 08, 2024
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have ...
Continue Reading
February 08, 2024
TL;DR Livall smart ski and bike helmet app leaks the wearers real time position Group audio chat allows snooping on conversations Both issues are due to missing authorisation Bike app affects ~1 mill ...
Continue Reading
February 08, 2024
TL;DR Livall smart ski and bike helmet app leaks the wearers real time position Group audio chat allows snooping on conversations Both issues are due to missing authorisation Bike app affects ~1 mill ...
Continue Reading
February 08, 2024
A vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CS ...
Continue Reading
February 08, 2024
Affected packages The vulnerability has been discovered in the core HTML parsing module and may affect all editor instances that: * Enabled full-page editing mode, * or enabled CDATA elements in Advan ...
Continue Reading
February 08, 2024
Back to Main
