The legacy Slack import feature in Mattermost version 6.7.0 and earlier fails to properly limit the sizes of imported files, which allows an authenticated attacker to crash the server by importing lar ...

Continue Reading

July 14, 2022

## 1. EXECUTIVE SUMMARY * **CVSS v3 8.0** * **ATTENTION:** Exploitable remotely/low attack complexity * **Vendor:** Siemens * **Equipment:** SIMATIC MV500 Devices * **Vulnerabilities:** Insu ...

Continue Reading

July 14, 2022

## 1. EXECUTIVE SUMMARY * **CVSS v3 6.5** * **ATTENTION:** Exploitable remotely/low attack complexity * **Vendor:** Siemens * **Equipment:** SIMATIC NET PC, SITOP Manager, TeleControl Server B ...

Continue Reading

July 14, 2022

[![](https://blogger.googleusercontent.com/img/a/AVvXsEiD0aiWfiIQ0Zu7WZmXVTICQgNZCOBaPtN7WTph2PEJtp0akeyPehIjv2lBGKyE0BaEqtremaatN8XYYOHnJTFUDooT_bFMesFUNXROmmZlEqMKiCVZqmWz0vzhVE2z_vDXR7XHL6Lh87SKouq ...

Continue Reading

July 14, 2022

A vulnerability exists within Sourcegraph's gitserver component that allows a remote attacker to execute arbitrary OS commands by modifying the core.sshCommand value within the git configuration. This ...

Continue Reading

July 14, 2022

Discovering and securing any API is one of the most difficult challenges for developers. The[ API security]() landscape is constantly evolving, with new threats and vulnerabilities emerging at a rapid ...

Continue Reading

July 14, 2022

figlet4go is a go library which is a port of FIGlet to Golang. With figlet4go it's easy to create ascii text banners in the command-line or with the given api.Read More ...

Continue Reading

July 13, 2022

According to its self-reported version, the instance of GitLab running on the remote web server is 8.13 prior to 14.10.5, 15.0 prior to 15.0.4, or 15.1 prior to 15.1.1. It is, therefore, affected by a ...

Continue Reading

July 13, 2022