During the past month, we have observed an increase in the number of malicious ads on Google searches for "Zoom", the popular piece of video conferencing software. Threat actors have ...
Continue Reading
December 15, 2023
nuxt-api-party is vulnerable to Denial of Service (DoS). The vulnerability could be exploited via crafting a malicious URL and setting high retry attempts, which allows an attacker to trigger a recurs ...
Continue Reading
December 15, 2023
Mattermost fails to perform authorization checks in the /plugins/playbooks/api/v0/runs/add-to-timeline-dialog endpoint of the Playbooks plugin allowing an attacker to get limited information about a ...
Continue Reading
December 15, 2023
SpringBlade is a comprehensive project upgraded and optimized from a commercial-grade project, featuring both a SpringCloud distributed microservice architecture and a SpringBoot monolithic microservi ...
Continue Reading
December 15, 2023
CVE-2023-5561-PoC WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published ...
Continue Reading
December 15, 2023
An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with lim ...
Continue Reading
December 15, 2023
An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error. Elastic has released Kibana 8.11.1 which resolves this issue. The error messag ...
Continue Reading
December 15, 2023
Summary There are security vulnerabilities in IBM WebSphere Application Server Liberty used by IBM License Metric Tool. Vulnerability Details ** CVEID: CVE-2023-44483 DESCRIPTION: **Apache Santuario ...
Continue Reading
December 15, 2023
Back to Main
