Post ContentRead More ...
Continue Reading
August 09, 2023
### Impact An attacker with access to a token with few or no scopes can query `/api/0/api-tokens/` for a list of all tokens created by a user, including tokens with greater scopes, and use those token ...
Continue Reading
August 09, 2023
### Impact An attacker with access to a token with few or no scopes can query `/api/0/api-tokens/` for a list of all tokens created by a user, including tokens with greater scopes, and use those token ...
Continue Reading
August 09, 2023
## Summary This fix upgrades to node 18.16.1. ## Vulnerability Details ** CVEID: **[CVE-2023-30584]() ** DESCRIPTION: **Node.js could allow a remote attacker to bypass security restrictions, caused by ...
Continue Reading
August 09, 2023
Memory corruption in Trusted Execution Environment while calling service API with invalid address.Read More ...
Continue Reading
August 08, 2023
In MongoDB Ops Manager v5.0 prior to 5.0.22 and v6.0 prior to 6.0.17 it is possible for an authenticated user with project owner or project user admin access to generate an API key with the privileges ...
Continue Reading
August 08, 2023
Under certain conditions SAP Commerce (OCC API) - versions HY_COM 2105, HY_COM 2205, COM_CLOUD 2211, endpoints allow an attacker to access information which would otherwise be restricted. On suc ...
Continue Reading
August 08, 2023
The cert-manager Operator for Red Hat OpenShift builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it pos ...
Continue Reading
August 08, 2023
Back to Main
