An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL server and SSL_clear is called on its session, the server crashes with a segmentation fault. This occurs in ...

Continue Reading

September 02, 2022

Impacket ======== [![Latest Version](https://img.shields.io/pyp...Read More ...

Continue Reading

September 02, 2022

BlogEngine v3.3.8.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /blogengine/api/posts. This vulnerability allows attackers to execute arbitrary web scripts or ...

Continue Reading

September 02, 2022

 My experience of vulnerability disclosure is that it is rarely as easy or simple as it could be. I had hoped ...

Continue Reading

September 02, 2022

# iTop RCE via SSTI - CVE-2022-24780 exploit > iTop Read More ...

Continue Reading

September 02, 2022

An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL server and SSL_clear is called on its session, the server crashes with a segmentation fault. This occurs in ...

Continue Reading

September 01, 2022

PowerCMS XMLRPC API provided by Alfasado Inc. contains a command injection vulnerability ([CWE-74]()). Sending a specially crafted message by POST method to PowerCMS XMLRPC API may allow arbitrary Per ...

Continue Reading

September 01, 2022

### Impact Anyone who uses elrond-go to process blocks (historical or actual) that contains a transaction like this: `MultiESDTNFTTransfer@01@54444558544b4b5955532d323631626138@00@0793afc18c8da2ca@` ( ...

Continue Reading

September 01, 2022