A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The REST API of affected devices does not check the length of parameters in certain conditions. This allows ...
Continue Reading
December 15, 2023
An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML AP ...
Continue Reading
December 15, 2023
An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML AP ...
Continue Reading
December 15, 2023
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Improper validation made it possible for an attacker to modify the HTTP request (e.g. to insert a new header) or create ...
Continue Reading
December 15, 2023
Hono is a web framework written in TypeScript. Prior to version 3.11.7, clients may override named path parameter values from previous requests if the application is using TrieRouter. So, there is a r ...
Continue Reading
December 15, 2023
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the e2fb85ce-9a3c-11ee-af26-001b217b3468 advisor ...
Continue Reading
December 15, 2023
Summary IBM MQ has resolved a denial of service vulnerability. Vulnerability Details CVEID: CVE-2023-5072 DESCRIPTION: JSON-java is vulnerable to a denial of service, caused by a bug in the parser. By ...
Continue Reading
December 15, 2023
Impact The clients may override named path parameter values from previous requests if the application is using TrieRouter. So, there is a risk that a privileged user may use unintended parameters when ...
Continue Reading
December 15, 2023
Back to Main
