CVE-2022-31168

Zulip is an open source team chat tool. Due to an incorrect authorization check in Zulip Server 5.4 and earlier, a member of an organization could craft an API call that grants organization administra ...

Continue Reading

July 22, 2022

OctoBot WebInterface 0.4.3 Remote Code Execution

Post ContentRead More ...

Continue Reading

July 21, 2022

Johnson Controls Metasys ADS, ADX, OAS

## 1. EXECUTIVE SUMMARY * **CVSS v3 5.3** * **ATTENTION:** Exploitable remotely/low attack complexity * **Vendor:** Johnson Controls, Inc * **Equipment:** Metasys ADS, ADX, OAS with MUI * ** ...

Continue Reading

July 21, 2022

CVE-2022-30628

It was possible to download all receipts without authentication. Must first access the API https://XXXX.supersmart.me/services/v4/customer/signin to get a TOKEN. Then you can then access the API that ...

Continue Reading

July 21, 2022

OctoBot WebInterface 0.4.3 – Remote Code Execution Exploit

Post ContentRead More ...

Continue Reading

July 21, 2022

Bots Hide Behind User Privacy – Should You Be Concerned?

Bot operators are perpetually devising innovative techniques to sneak past security as they go about their dubious, often downright illegal business. Emulating human behavior and traffic patterns are ...

Continue Reading

July 21, 2022

Drupal 7.x < 7.91 / 9.3.x < 9.3.19 / 9.4.x < 9.4.3 Multiple Vulnerabilities (drupal-2022-07-20)

According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.91, 9.3.x prior to 9.3.19, or 9.4.x prior to 9.4.3. It is, therefore, affected by mult ...

Continue Reading

July 21, 2022

OctoBot WebInterface 0.4.3 – Remote Code Execution (RCE)

Post ContentRead More ...

Continue Reading

July 21, 2022

1 9,209 9,210 9,211 9,212 9,213 9,321

Back to Main
Subscribe for the latest news: