The version of Microsoft Edge installed on the remote Windows host is prior to 103.0.1264.71. It is, therefore, affected by multiple vulnerabilities as referenced in the July 22, 2022 advisory. - : ...
Continue Reading
July 23, 2022
Django REST framework (aka django-rest-framework) before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping.Read More ...
Continue Reading
July 22, 2022
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dsa-5186 advisory. - A flaw was found in Django REST Framework versions before 3.12.0 and b ...
Continue Reading
July 22, 2022
An access control issue in the component /api/plugin/uninstall Dataease v1.11.1 allows attackers to arbitrarily uninstall the plugin, a right normally reserved for the administrator.Read More ...
Continue Reading
July 22, 2022
An issue in the component /api/plugin/upload of Dataease v1.11.1 allows attackers to execute arbitrary code via a crafted plugin.Read More ...
Continue Reading
July 22, 2022
An update that fixes one vulnerability is now available. Description: This update for python-M2Crypto fixes the following issues: - CVE-2020-25657: Fixed Bleichenbacher timing attacks in the RSA ...
Continue Reading
July 22, 2022
 The shift towards cloud and [cloud-native application architectures]() represe ...
Continue Reading
July 22, 2022
Zulip is an open source team chat tool. Due to an incorrect authorization check in Zulip Server 5.4 and earlier, a member of an organization could craft an API call that grants organization administra ...
Continue Reading
July 22, 2022
Back to Main
