A vulnerability, which was classified as critical, has been found in Bettershop LaikeTui. Affected by this issue is some unknown functionality of the file index.php?module=api&action=user&m=up ...
Continue Reading
August 28, 2023
Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the API routes of the management web server. This could allow an attacker to download and export sensitive d ...
Continue Reading
August 27, 2023
Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0.18.6, hardcoded DNS key usage has been found in Netmaker allowing unauth users to interact with DNS API endpoints. The issue is p ...
Continue Reading
August 27, 2023
Server-Side Request Forgery (SSRF) vulnerability in API checker of Pandora FMS. Application does not have a check on the URL scheme used while retrieving API URL. Rather than validating the http/https ...
Continue Reading
August 27, 2023
A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the pol ...
Continue Reading
August 26, 2023
Welcome to the 6th post in our weekly series on the new [2023 OWASP API Security Top-10]() list, with a particular focus on security practitioners. This post will focus on [API5:2023 Broken Function L ...
Continue Reading
August 26, 2023
The ACL module, short for Access Control Lists, is an API for other modules to create lists of users and give them access to nodes. The module processes user input in a way that could be unsafe. This ...
Continue Reading
August 26, 2023
Updates of ['linux-rt', 'python3', 'linux-aws', 'linux', 'linux-secure'] packages of Photon OS have been released.Read More ...
Continue Reading
August 26, 2023
Back to Main
