 Rapid7 is tracking a new, more sophisticated and staged campaign using ...
Continue Reading
July 13, 2023
Spring Framework 6.1 M2 introduces the `RestClient`, a new synchronous HTTP client. As the name suggests, `RestClient` offers the fluent API of `WebClient` with the infrastructure of `RestTemplate`. F ...
Continue Reading
July 13, 2023
An insufficient session expiration [CWE-613] vulnerability in FortiOS REST API may allow an attacker to reuse the session of a deleted user, should the attacker manage to obtain the API token.Read Mor ...
Continue Reading
July 13, 2023
## Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubernetes API server that enables a user to bypass the mountable secrets policy enforced by the ServiceAccount a ...
Continue Reading
July 13, 2023
According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. Please see the included Cisco BIDs and Cisco Security Advisory for more information.Read More ...
Continue Reading
July 13, 2023
Jenkins Pipeline restFul API Plugin 0.11 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery (CSRF) vulnerability. This vulnerability allows atta ...
Continue Reading
July 13, 2023
Jenkins Pipeline restFul API Plugin 0.11 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery (CSRF) vulnerability. This vulnerability allows atta ...
Continue Reading
July 12, 2023
A cross-site request forgery (CSRF) vulnerability in Jenkins Pipeline restFul API Plugin 0.11 and earlier allows attackers to connect to an attacker-specified URL, capturing a newly generated JCLI...R ...
Continue Reading
July 12, 2023
Back to Main
