The notification/messaging feature of Silverpeas Core 6.3.1 does not enforce access control on the ID parameter. This allows an attacker to read all messages sent between other users; including those ...
Continue Reading
December 15, 2023
Silverpeas Core 6.3.1 and prior are vulnerable to Cross Site Scripting (XSS) via the message/notification...Read More ...
Continue Reading
December 15, 2023
Zammad is a suite of ticket management software from the German company Zammad. Zammad suffers from an information disclosure vulnerability that stems from the use of the public endpoint /api/v1/signs ...
Continue Reading
December 15, 2023
The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3687 advisory. RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API did ...
Continue Reading
December 15, 2023
During the past month, we have observed an increase in the number of malicious ads on Google searches for "Zoom", the popular piece of video conferencing software. Threat actors have ...
Continue Reading
December 15, 2023
nuxt-api-party is vulnerable to Denial of Service (DoS). The vulnerability could be exploited via crafting a malicious URL and setting high retry attempts, which allows an attacker to trigger a recurs ...
Continue Reading
December 15, 2023
Zammad is a suite of ticket management software from the German company Zammad. Zammad suffers from an information disclosure vulnerability that stems from the use of the public endpoint /api/v1/signs ...
Continue Reading
December 15, 2023
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, FortiOS versions 7.4.0, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through ...
Continue Reading
December 15, 2023
Back to Main
