The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 04422df1-40d8-11ed-9be7-454b1dd82c64 advisor ...
Continue Reading
October 01, 2022
Gitlab reports: Denial of Service via cloning an issue Arbitrary PUT request as victim user through Sentry error list Content injection via External Status Checks Project maintainers can access Datado ...
Continue Reading
September 30, 2022
### Impact If the untrusted v8 cached data is passed to the API through CachedDataOptions, the attackers can bypass the sandbox and run arbitrary code in the nodejs process. There are currently no kno ...
Continue Reading
September 30, 2022
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
September 30, 2022
Multiple API endpoints of Atlassian Bitbucket Server and Data Center contain a command injection vulnerability where an attacker with access to a public Bitbucket repository, or with read permissions ...
Continue Reading
September 30, 2022
I recently recorded an episode of HTTP 203 on `DOMPoint` and `DOMMatrix`. If you'd rather watch the video version, [here it is](), but come back here for some bonus details on a silly mistake I made, ...
Continue Reading
September 30, 2022
Zammad is a suite of ticket management software from Zammad Germany. version 5.2.1 of Zammad contains an access control error vulnerability, which stems from the existence of faulty access control in ...
Continue Reading
September 30, 2022
Strapi before 3.6.10 and 4.x before 4.1.10 mishandles hidden attributes within admin API responses.Read More ...
Continue Reading
September 30, 2022
Back to Main
