An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML AP ...
Continue Reading
December 15, 2023
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-8816029058 advisory. The Jupyter Server provides the backend (i.e. the core serv ...
Continue Reading
December 15, 2023
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Improper validation made it possible for an attacker to modify the HTTP request (e.g. to insert a new header) or create ...
Continue Reading
December 15, 2023
Telegram Nearby Map uses OpenStreetMap and the official Telegram library to find the position of nearby users. Please note: Telegram's API was updated a while ago to make nearby user distances le ...
Continue Reading
December 15, 2023
The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3687 advisory. RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API did ...
Continue Reading
December 15, 2023
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate ancillary credential i ...
Continue Reading
December 15, 2023
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, FortiOS versions 7.4.0, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through ...
Continue Reading
December 15, 2023
The notification/messaging feature of Silverpeas Core 6.3.1 does not enforce access control on the ID parameter. This allows an attacker to read all messages sent between other users; including those ...
Continue Reading
December 15, 2023
Back to Main
