Dolibarr Open Source ERP & CRM for Business before v14.0.1 allows attackers to escalate privileges via a crafted API.Read More ...

Continue Reading

November 21, 2022

## Summary These flaws have the potential to affect the API Gateway Sservice. IBM has addressed the CVEs ## Vulnerability Details ** CVEID: **[CVE-2022-32213]() ** DESCRIPTION: **Node.js is vulnerable ...

Continue Reading

November 21, 2022

An API Endpoint used by Miele's "AppWash" MobileApp in all versions was vulnerable to an authorization bypass. A low privileged, remote attacker would have been able to gain read and partial write acc ...

Continue Reading

November 21, 2022

An API Endpoint used by Miele's "AppWash" MobileApp in all versions was vulnerable to an authorization bypass. A low privileged, remote attacker would have been able to gain read and partial write acc ...

Continue Reading

November 21, 2022

Apache SOAP is used as a client-side library by the Apache Foundation to invoke SOAP services available elsewhere, and as a server-side tool to implement SOAP-accessible services. an authentication er ...

Continue Reading

November 21, 2022

[ ![Atlassian](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEgXWvoG3Wa2O4iFP8_YIndzkCWMmuv9PIBNhyHdxMESLUy5-NEOPklfY8GfEfsAjbezb2jW6-Cs1Z45TmiwQAGS2DdMEJQ3dKjOpoQCvPLHSXD_nsfTUIWxYqab5F2I2 ...

Continue Reading

November 18, 2022

dolibarr/dolibarr is vulnerable to privilege escalation. The vulnerability exists due to improper authorization checks in the library, allowing an attacker to escalate privileges via crafted API call, ...

Continue Reading

November 18, 2022

** UNSUPPORTED WHEN ASSIGNED ** In the default configuration of Apache SOAP, an RPCRouterServlet is available without authentication. This gives an attacker the possibility to invoke methods on the cl ...

Continue Reading

November 18, 2022