How Scanning Your Projects for Security Issues Can Lead to Remote Code Execution

The Imperva Red Team recently discovered and disclosed CVE-2022-40764, a command injection vulnerability affecting Snyk CLI. Snyk is a security company best known for its dependency vulnerability mana ...

Continue Reading

September 29, 2022

CVE-2020-15342

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user API.Read More ...

Continue Reading

September 28, 2022

CVE-2020-15341

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated update_all_realm_license API.Read More ...

Continue Reading

September 28, 2022

CVE-2020-15343

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user_key API.Read More ...

Continue Reading

September 28, 2022

CVE-2020-15344

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_get_user_id_and_key API.Read More ...

Continue Reading

September 28, 2022

CVE-2020-15345

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_get_instances_for_update API.Read More ...

Continue Reading

September 28, 2022

CVE-2020-15346

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a /live/GLOBALS API with the CLOUDCNM key.Read More ...

Continue Reading

September 28, 2022

Information Disclosure

Rancher is vulnerable to information disclosure. Confidential information such as passwords and API keys are stored in kubernetes objects using plaintext which allows an attacker with read permission ...

Continue Reading

September 28, 2022

CVSS3 - MEDIUM

1 9,130 9,131 9,132 9,133 9,134 9,321

Back to Main
Subscribe for the latest news: