The client in Northern.tech Mender 3.2.0, 3.2.1, and 3.2.2 has Incorrect Access Control. It listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional ...

Continue Reading

July 06, 2022

JFrog Artifactory prior to version 7.31.10 and 6.23.38 is vulnerable to Sensitive Data Exposure through the Project Administrator REST API. This issue affects: JFrog JFrog Artifactory JFrog Artifactor ...

Continue Reading

July 06, 2022

JFrog Artifactory prior to version 7.29.8 and 6.23.38 is vulnerable to Reflected Cross-Site Scripting (XSS) through one of the XHR parameters in Users REST API endpoint. This issue affects: JFrog JFro ...

Continue Reading

July 06, 2022

[![Web and API Security Scanning](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjCimt_SCWLQcdNEbrjZXG7LZIOZLqabDOXh2YOB9bSW8KcxllFjvEHNlBAQvSYu6UaopnI5klEOBXYCFClSFeumRViac0W26FAogbLqaMSqz ...

Continue Reading

July 06, 2022

# Description Once a document is archived or deletec, there is no way to access it through the UI or the Document link. But, the API gives the file information and content. This is same with archived ...

Continue Reading

July 06, 2022

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEik3Z0y7G7sHzYzV0cdLxUwiKMzD2bjTm57cEXNRt1rYNdTA0Cefqi_wjnNLLXMANEiZJdmioum1S1VKtySdz2FJxbnGDaSCQTB8Yok91v7Rk5CCUuAK2kNwkKViTmQT25bjJkiZj ...

Continue Reading

July 05, 2022

In OpenCTI through 5.2.4, a broken access control vulnerability has been identified in the profile endpoint. An attacker can abuse the identified vulnerability in order to arbitrarily change their reg ...

Continue Reading

July 05, 2022

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:2253-1 advisory. - An issue was discovered in SaltStack Salt in versi ...

Continue Reading

July 05, 2022