Versions of the package cookiejar before 2.1.4 are vulnerable to Regular Expression Denial of Service (ReDoS) via the `Cookie.parse` function and other aspects of the API, which use an insecure regula ...
Continue Reading
January 23, 2023
Versions of the package cookiejar before 2.1.4 are vulnerable to Regular Expression Denial of Service (ReDoS) via the `Cookie.parse` function and other aspects of the API, which use an insecure regula ...
Continue Reading
January 23, 2023
# CVE-2022-36804: Pre-Auth RCE in Atlassian Bitbucket Server A c...Read More ...
Continue Reading
January 23, 2023
An arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file.Read More ...
Continue Reading
January 23, 2023
apache_superset is vulnerable to Improper Access Control. The vulnerability exists in `api.py` due to explicitly enabling the `DASHBOARD_CACHE` feature which allows an unauthenticated user to access d ...
Continue Reading
January 21, 2023
protobuf is vulnerable to Denial Of Service (DoS). The vulnerability is due to multiple instances of non-repeated embedded message inputs with repeated or unknown fields which cause the objects to be ...
Continue Reading
January 21, 2023
 Today, Talos is publishing a glimpse into the most prevalent threats we' ...
Continue Reading
January 21, 2023
A program using FoundationNetworking in swift-corelibs-foundation is potentially vulnerable to CRLF ( ) injection in URLRequest headers. In this vulnerability, a client can insert one or several CRLF ...
Continue Reading
January 21, 2023
Back to Main
