A vulnerability in the API subsystem and in the web-management interface of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to access sensitive data. This vu ...
Continue ReadingNovember 18, 2024
Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception dur ...
Continue ReadingNovember 18, 2024
Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception dur ...
Continue ReadingNovember 18, 2024
The SVGPlus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.1.0 due to insufficient input sanitization and outpu ...
Continue ReadingNovember 16, 2024
The SVGPlus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.1.0 due to insufficient input sanitization and outpu ...
Continue ReadingNovember 16, 2024
The SVGPlus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.1.0 due to insufficient input sanitization and outpu ...
Continue ReadingNovember 16, 2024
CVE-2022-39275 POC for CVE-2022-39275. Resources for the advisory: NIST NVD CVE.org Github Security Advisory This is a fork of commit hash: 47f9f5fb29be2b5892c79ace4f23022f397a0a5e link, just re-pus ...
Continue ReadingNovember 16, 2024
GLPI is a free asset and IT management software package. Starting in 9.2.0 and prior to 11.0.0, it is possible to download a document from the API without appropriate rights. Upgrade to...Read More ...
Continue ReadingNovember 15, 2024
Back to Main