Blogifier v3.0 was discovered to contain an arbitrary file upload vulnerability at /api/storage/upload/PostImage. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a cra ...

Continue Reading

July 20, 2022

The MiCODUS MV720 GPS tracker API server has an authentication mechanism that allows devices to use a hard-coded master password. This may allow an attacker to send SMS commands directly to the GPS tr ...

Continue Reading

July 20, 2022

Anchore Enterprise anchorectl version 0.1.4 improperly stored credentials when generating a Software Bill of Materials. anchorectl will add the credentials used to access Anchore Enterprise API in the ...

Continue Reading

July 20, 2022

Today, many enterprise organizations are multicloud and multiplatform. Critical enterprise data is located across clouds and platforms, requiring security and compliance no matter where it lives. To s ...

Continue Reading

July 20, 2022

Today, many enterprise organizations are multicloud and multiplatform. Critical enterprise data is located across clouds and platforms, requiring security and compliance no matter where it lives. To s ...

Continue Reading

July 20, 2022

[![Unpatched GPS Tracker](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEiDDmvHrFQPCSS68XdSpaRz5Lcgfb9qfBWnyANwheuwTnZ4Yu8y7rXbHtx2RsuFqUo-e0FycWG1e5nteCm-7pqpxN5W3p10VwbDCQZTbvYAOxvWgcYeTp ...

Continue Reading

July 20, 2022

Sensitive Information Disclosure via REST API vulnerability discovered by Raad Haddad in WordPress Easy Student Results plugin (versions Read More ...

Continue Reading

July 19, 2022

Digital Watchdog DW Spectrum Server 4.2.0.32842 allows attackers to access sensitive infromation via a crafted API call.Read More ...

Continue Reading

July 19, 2022