opentsdb is vulnerable to Cross-site Scripting (XSS). The vulnerability exists due to the insufficient validation of parameters reflected in error messages in the `internalError` and `badRequest` func ...
Continue Reading
May 11, 2023
onos-api is vulnerable to Cross Site Scripting. The vulnerability exists due to the vulnerable swagger dependency used in the library since it does not properly sanitize the `authorizationUrl`, which ...
Continue Reading
May 11, 2023
in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from dir ...
Continue Reading
May 11, 2023
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-2cf9dd7d52 advisory. - There is a NULL pointer dereference vulnerability in VTK ...
Continue Reading
May 11, 2023
# Trucking on with DotDumper By Max Kersten · May 11, 2023 On the 11th of August 2022, the initial public version of DotDumper was released. A brief refresh: DotDumper is an open-source automatic u ...
Continue Reading
May 11, 2023
A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers to read arbitrary files on the server via the path parameter.Read More ...
Continue Reading
May 11, 2023
The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2097-1 advisory. - In logback version 1.2.7 and ...
Continue Reading
May 10, 2023
in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from dir ...
Continue Reading
May 10, 2023
Back to Main
