Information Disclosure

github.com/cilium/cilium is vulnerable to Information Disclosure. The vulnerability exists due to the lack of namespace checks for TLS secret references in the Gateway API, which allows an attacker to ...

Continue Reading

June 27, 2023

Arbitrary File Upload

zoujingli/thinkadmin is vulnerable to Arbitrary File Upload. The vulnerability exists because the library does not properly validate files uploaded via `api/upload.php`, which allows an attacker to by ...

Continue Reading

June 27, 2023

Azure Apache Ambari 2302250400 – Spoofing

Post ContentRead More ...

Continue Reading

June 27, 2023

CVSS3 - MEDIUM

CVSS2 - LOW

CVE-2023-34421

A valid, authenticated LXCA user with elevated privileges may be able to replace filesystem data through a specifically crafted web API call due to insufficient input...Read More ...

Continue Reading

June 26, 2023

CVE-2023-35930

SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. Any user making a negative authorization decision based on the ...

Continue Reading

June 26, 2023

CVE-2023-34422

A valid, authenticated LXCA user with elevated privileges may be able to delete folders in the LXCA filesystem through a specifically crafted web API call due to insufficient input...Read More ...

Continue Reading

June 26, 2023

CVE-2023-34418

A valid, authenticated LXCA user may be able to gain unauthorized access to events and other data stored in LXCA due to a SQL injection vulnerability in a specific web...Read More ...

Continue Reading

June 26, 2023

CVE-2023-2993

A valid, authenticated user with limited privileges may be able to use specifically crafted web management server API calls to execute a limited number of commands on SMM v1, SMM v2, and FPC that the ...

Continue Reading

June 26, 2023

1 8,832 8,833 8,834 8,835 8,836 9,321

Back to Main
Subscribe for the latest news: