### Impact An attacker can pass a compromised input to the e-mail [signin endpoint](https://next-auth.js.org/getting-started/rest-api#post-apiauthsigninprovider) that contains some malicious HTML, tri ...
Continue Reading
July 06, 2022
### Impact **Versions impacted** * `=` [email protected] * `>=` [email protected] **Description of user-facing changes** ***[email protected]*** imposes a fixed maximum header length and section length of 32 ...
Continue Reading
July 06, 2022
A vulnerability in the database user privileges of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unifie ...
Continue Reading
July 06, 2022
 This Q2 2022 recap post takes a look at some of the latest investments we've made ...
Continue Reading
July 06, 2022
# Description In `file-manager/list` API, the server does not handling `path` parameters properly lead to allow listing any directory. To exploit, use double URL encoding to bypass filter. # Proof of ...
Continue Reading
July 06, 2022
Improper access control in the runner jobs API in GitLab CE/EE affecting all versions prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 allows a previous maintainer of a project with a ...
Continue Reading
July 06, 2022
Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwr ...
Continue Reading
July 06, 2022
Editable SQL Queries behind Base64 encoding sending from the Client-Side to The Server-Side for a particular API used in legacy Work Center module. He attack is available for any authenticated user, i ...
Continue Reading
July 06, 2022
Back to Main
