The Birthday attack against 64-bit block ciphers (CVE-2016-2183) was reported for the health checks port (9979) on the etcd grpc-proxy component. Even though the CVE-2016-2183 has been fixed in the et ...
Continue Reading
January 16, 2023
## Summary Security Vulnerablities have been addressed in IBM Common Licensing. Faster-XML Jackson is a JSON to Java object conversion API (217968, CVE-2020-36518). A fix is available to address the v ...
Continue Reading
January 04, 2023
github.com/usememos/memos is vulnerable to improper authentication. The vulnerability allows a remote attacker to use the `Reset` API on any user without consent via IDOR.Read More ...
Continue Reading
January 04, 2023
## Summary IBM Sterling B2B Integrator has addressed the CKEditor security vulnerabilities in B2B API. ## Vulnerability Details ** CVEID: **[CVE-2021-32808]() ** DESCRIPTION: **CKEditor is vulnerable ...
Continue Reading
January 03, 2023
aEnrich a+HRD has insufficient user input validation for specific API parameter. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify an ...
Continue Reading
January 03, 2023
aEnrich a+HRD has improper validation for login function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and access API function to perform arbitrary system ...
Continue Reading
January 03, 2023
The Administrator function of EasyTest has an Incorrect Authorization vulnerability. A remote attacker authenticated as a general user can exploit this vulnerability to bypass the intended access rest ...
Continue Reading
January 03, 2023
Realtek GPON router has insufficient filtering for special characters. A remote attacker authenticated as an administrator can exploit this vulnerability to perform command injection attacks, to execu ...
Continue Reading
January 03, 2023
Back to Main
