strapi is vulnerable to information disclosure. The vulnerability exists due to a lack of sanitization of the attributes within admin API responses allowing an attacker to exploit the vulnerability us ...
Continue Reading
September 28, 2022
This is the LibOFX library. It is a API designed to allow applications to very easily support OFX command responses, usually provided by financial institutions. See https://www.ofx.net/ofx/default.as ...
Continue Reading
September 28, 2022
Researchers at Cluster25 have [published research]() about exploit code that's triggered when a user moves their mouse over a link in a booby-trapped PowerPoint presentation. The code starts a PowerSh ...
Continue Reading
September 28, 2022
NIOHTTP1 and projects using it for generating HTTP responses can be subject to a HTTP Response Injection attack. This occurs when a HTTP/1.1 server accepts user generated input from an incoming reques ...
Continue Reading
September 28, 2022
Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker could potentially exploit ...
Continue Reading
September 28, 2022
A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API.Read More ...
Continue Reading
September 28, 2022
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to ins ...
Continue Reading
September 28, 2022
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a missing authentication allows for full access via API.Read More ...
Continue Reading
September 28, 2022
Back to Main
