## Summary A vulnerability exists in IBM® SDK Java⢠Technology Edition, Version 8, which is used by IBM Tivoli Netcool Configuration Manager IP Edition v6.4.2. ## Vulnerability Details ** CVEI ...
Continue Reading
January 16, 2023
In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship ...
Continue Reading
January 16, 2023
_New Advisory Board Members Bring Extensive Experience to Assist Organizations Needing to Enhance and Accelerate their API Security Posture_ January 12, 2023 02:30 PM Eastern Standard Time SAN FRANCIS ...
Continue Reading
January 15, 2023
Mercedes-Benz XENTRY Retail Data Storage 7.8.1 allows remote attackers to cause a denial of service (device restart) via an unauthenticated API request. The attacker must be on the same network as the ...
Continue Reading
January 15, 2023
Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...
Continue Reading
January 14, 2023
An unauthenticated attacker in SAP NetWeaver AS for Java - version 7.50, due to improper access control, can attach to an open interface and make use of an open naming and directory API to access serv ...
Continue Reading
January 14, 2023
# Description `PUT /api/v1/users/{id}` API doesn't properly check the authorizaion. # Proof of Concept 1. [admin] Enable user registration functionality. 2. [user] Register new user and login as them. ...
Continue Reading
January 14, 2023
github.com/kubeoperator/kubepi is vulnerable to authentication bypass. The vulnerability exists due to the use of hard coded Jwtsigkeys which allows an attacker to read the values and and use them to ...
Continue Reading
January 14, 2023
Back to Main
