A valid, authenticated XCC user with read only access may gain elevated privileges through a specifically crafted API call.Read More ...
Continue Reading
May 01, 2023
## Summary Invalidate session vulnerability identified in IBM Cloud Pak System UI and Rest API at logout. IBM Cloud Pak System has addressed vulnerability. [CVE-2020-4914] ## Vulnerability Details ** ...
Continue Reading
March 31, 2023
Gitlab reports: Cross-site scripting in "Maximum page reached" page Private project guests can read new changes using a fork Mirror repository error reveals password in Settings UI DOS and high resour ...
Continue Reading
March 31, 2023
## Summary IBM Business Automation Workflow packages a copy Apache Kafka client library. A security vulnerability has been reported for the same version of Apache Kafka. ## Vulnerability Details ** CV ...
Continue Reading
March 31, 2023
Mattermost allows an attacker to request a preview of an existing message when creating a new message via the createPost API call, disclosing the contents of the linked message.Read More ...
Continue Reading
March 31, 2023
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 54006796-cf7b-11ed-a5d5-001b217b3468 advisor ...
Continue Reading
March 31, 2023
## Description ### Impact The secure view feature of the rich documents app can be bypassed by using unprotected internal API endpoint of the rich documents app. ### Patches It is recommended that the ...
Continue Reading
March 31, 2023
A vulnerability has been found in IBOS up to 4.5.4 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /?r=email/api/mark&op=delFromSend. The manipul ...
Continue Reading
March 31, 2023
Back to Main
