Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Cilium prior to versions 1.9.16, 1.10.11, and 1.11.15 contains an incorr ...
Continue Reading
May 20, 2022
Openmoney API through 2020-06-29 uses the JavaScript Math.random function, which does not provide cryptographically secure random numbers. ...
Continue Reading
May 20, 2022
Popcorn Time 0.4.7 has a Stored XSS in the 'Movies API Server(s)'' field via the 'settings' page. The 'nodeIntegration' configuration is set to on which allows the webpage to use 'NodeJs' features, an ...
Continue Reading
May 20, 2022
An authenticated user with access to the Strapi admin panel can view private and sensitive data, such as email and password reset tokens, for other admin panel users that have a relationship (e.g., cr ...
Continue Reading
May 19, 2022
An authenticated user with access to the Strapi admin panel can view private and sensitive data, such as email and password reset tokens, for API users if content types accessible to the authenticated ...
Continue Reading
May 19, 2022
In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file. ...
Continue Reading
May 19, 2022
XML External Entity (XXE) vulnerability in the file based service provider creation feature of the Management Console in WSO2 API Manager 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; and WSO2 IS as Key Mana ...
Continue Reading
May 19, 2022
In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attr ...
Continue Reading
May 19, 2022
Back to Main
