Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr.The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Use ...
Continue Reading
January 23, 2024
Android App "Spoon" provided by Spoon Radio Japan Inc. uses a hard-coded API key for an external service (CWE-798). ## Impact The hard-coded API key may be retrieved when the applica ...
Continue Reading
January 23, 2024
Issue Overview: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through Oct ...
Continue Reading
January 23, 2024
Issue Overview: It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether high order bits of the RSA decryption result are zero. This information can be u ...
Continue Reading
January 23, 2024
Issue Overview: Impact: Visiting a website that frames malicious content may lead to UI spoofing. Description: The issue was addressed with improved UI handling. (CVE-2022-32919) A website may be able ...
Continue Reading
January 23, 2024
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0105 advisory. In Splunk Enterprise versions ...
Continue Reading
January 23, 2024
Issue Overview: It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether high order bits of the RSA decryption result are zero. This information can be u ...
Continue Reading
January 23, 2024
Issue Overview: Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8 ...
Continue Reading
January 23, 2024
Back to Main
