Impact The clients may override named path parameter values from previous requests if the application is using TrieRouter. So, there is a risk that a privileged user may use unintended parameters when ...
Continue Reading
December 15, 2023
Impact The clients may override named path parameter values from previous requests if the application is using TrieRouter. So, there is a risk that a privileged user may use unintended parameters when ...
Continue Reading
December 15, 2023
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Improper validation made it possible for an attacker to modify the HTTP request (e.g. to insert a new header) or create ...
Continue Reading
December 15, 2023
Let's begin with a thought-provoking question: among a credit card number, a social security number, and an Electronic Health Record (EHR), which commands the highest price on a dark web forum? S ...
Continue Reading
December 15, 2023
Default table permissions in SurrealDB were FULL instead of NONE. This would lead to tables having FULL permissions for SELECT, CREATE, UPDATE and DELETE unless some other permissions were specified v ...
Continue Reading
December 15, 2023
Summary Multiple issues were identified with IBM Runtime Environment, Java Technology Edition, Version 8 which is shipped with IBM MQ. Vulnerability Details CVEID: CVE-2023-22081 DESCRIPTION: An unspe ...
Continue Reading
December 15, 2023
Cube is a semantic layer for building data applications. Prior to version 0.34.34, it is possible to make the entire Cube API unavailable by submitting a specially crafted request to a Cube API endpoi ...
Continue Reading
December 15, 2023
The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3687 advisory. RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API did ...
Continue Reading
December 15, 2023
Back to Main
