API interfaces with unauthorized access will leak sensitive information via `/api/v1/clusters/kubeconfig/`Read More ...

Continue Reading

January 10, 2023

[![](https://blogger.googleusercontent.com/img/a/AVvXsEj9ch1Xk546qGiXYEa6ucuy-p9RP4Rn22Wx1FSGEJvfr79uvvuhDvKvQ8XHa871E4D5zfoQhU05gqNVZXat1FF5JCOLz3NX6T_JDhVwJsXwCFyc5PFJptuPtvGIk41nQTflOHjxLj0Wvr68N1n ...

Continue Reading

January 10, 2023

api/views/user.py in LibrePhotos before e19e539 has incorrect access control.Read More ...

Continue Reading

January 10, 2023

Hi, Spring fans! As I write this I'm on a plane winging my way to Helsinki, Finland. A new year and new journeys begin. It's going to be cold there. Wish me luck! Do you know what always warms me up? ...

Continue Reading

January 10, 2023

An unauthenticated attacker in SAP NetWeaver AS for Java - version 7.50, due to improper access control, can attach to an open interface and make use of an open naming and directory API to access serv ...

Continue Reading

January 10, 2023

By [Habiba Rashid]() The impacted automotive giants include BMW, Toyota, Ford, Honda, Mercedes-Benz and many more. This is a post from HackRead.com Read the original post: [Automotive Industry Exposed ...

Continue Reading

January 10, 2023

The Nuxeo Platform is an open source content management platform for building business applications. In version 11.5.109, the `oauth2` REST API is vulnerable to Reflected Cross-Site Scripting (XSS). T ...

Continue Reading

January 10, 2023

### Impact Due to a vulnerability in `jackson-databind Read More ...

Continue Reading

January 10, 2023