KubeView through 0.1.31 allows attackers to obtain control of a Kubernetes cluster because api/scrape/kube-system does not require authentication, and retrieves certificate files that can be used for ...
Continue Reading
November 26, 2022
microweber/microweber is vulnerable to host header injection. An attacker is able to reset the password and take over an user account via password reset poisoning through a host header injection attac ...
Continue Reading
November 26, 2022
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4221-1 advisory. - The simplified implementation of blocking ...
Continue Reading
November 26, 2022
rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the `C API` component, allowing an attacker to cause an application crash though the multiple protocolsRead More ...
Continue Reading
November 25, 2022
## F5 Big-IP  This weekâs Metasploit release contains 2 new modules released as part of the ...
Continue Reading
November 25, 2022
D-Link DIR-823G is a wireless router from D-Link, a Chinese company. A security vulnerability exists in D-Link DIR-823G firmware version 1.02B03, which stems from its HNAP API function allowing an att ...
Continue Reading
November 25, 2022
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:4193-1 advisory. - If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0. ...
Continue Reading
November 24, 2022
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-8493 advisory. - Python 3.9.x and 3.10.x through 3.10.8 on Linux allows loca ...
Continue Reading
November 24, 2022
Back to Main
