API - API Security Blog

CVE-2022-2469

GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API clientRead More ...

July 19, 2022

CVE-2022-29060

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...

July 19, 2022

Multiple Imperva Products Earn 2022 Fortress Cyber Security Awards

In June, the Business Intelligence Group [announced]() that three Imperva products have earned the 2022 Fortress Cyber Security Awards. The mission of this prestigious award program is to identify and ...

July 19, 2022

MiCODUS MV720 GPS tracker

## 1. EXECUTIVE SUMMARY * **CVSS v3 9.8** * **ATTENTION:** Exploitable remotely/low attack complexity * **Vendor:** MiCODUS * **Equipment:** MV720 GPS tracker * **Vulnerabilities:** Use of H ...

July 19, 2022

[Bypass] Cross-site Scriptin (XSS) via file upload

# ?? Requirements Privileges: User. # ? Description I found a bypass to [this report](https://huntr.dev/bounties/b15b3291-d56e-4228-8f3c-b692cc27568c/) by uploading the file with `"public": true,` par ...

July 18, 2022

CVE-2022-2117

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...

July 18, 2022

Koh – The Token Stealer

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhtQ6Q6yDjiHCN4i8JYdWBFX0DMkTY5PATsfUVLc6pK4vc6DkK1jYJRd78PN1TlAqogY-wmVsqG-hI4OidxJ9wMwKjKxMttgip_LYRNzaGhtg0Xi0yDcOp1iYo8jBlsNuZ03VZkri ...

July 18, 2022

Deploy tCell More Easily With the New AWS AMI Agent

![Deploy tCell More Easily With the New AWS AMI Agent](https://blog.rapid7.com/content/images/2022/07/aws-ami.jpg) Rapid7's [tCell]() is a powerful tool that allows you to monitor risk and protect web ...

July 18, 2022