A relative path traversal vulnerability [CWE-23] in FortiWeb may allow an authenticated attacker to obtain unauthorized access to files and data via specifically crafted HTTP GET requests.Read More ...
Continue Reading
February 17, 2023
A relative path traversal vulnerability [CWE-23] in the API of FortiWeb may allow an authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web request ...
Continue Reading
February 17, 2023
# Description Joomla has provided the Rest API since version 4.0. These apis need to provide authentication information when accessing, but if public is added to the request parameters when accessing ...
Continue Reading
February 17, 2023
# Thursday February 16 2023 Security Releases by Michael Dawson, 2023-02-16 # _(Update 16-February-2023)_ Security releases available Updates are now available for the v19.x, v18.x, v16.x, and v14.x N ...
Continue Reading
February 17, 2023
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0208 advisory. - In Splunk Enterprise versi ...
Continue Reading
February 17, 2023
### Impact All Argo CD versions starting with v2.3.0-rc1 are vulnerable to an improper authorization bug which allows users who have the ability to update at least one cluster secret to update any clu ...
Continue Reading
February 16, 2023
A flaw was found in ArgoCD. An improper authorization bug may allow an attacker to update at least one cluster secret, enabling them to change any other cluster secret. The attacker must know the URL ...
Continue Reading
February 16, 2023
Improper access control in the Crypto API Toolkit for Intel(R) SGX before version 2.0 commit ID 91ee496 may allow an authenticated user to potentially enable escalation of privilege via local access.R ...
Continue Reading
February 16, 2023
Back to Main
