**Issue Overview:** XML external entity (XXE) vulnerability in the Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forge ...
Continue Reading
June 13, 2023
Please note this advisory is for a historical preexisting issue in the legacy server from 2018. It has long since been triaged. It is being moved here for visibility. The text below is copied from the ...
Continue Reading
June 12, 2023
## Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to a denial of service due to GraphQL Java (CVE-2023-28867) ## Vulnerability Deta ...
Continue Reading
June 12, 2023
## Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to a denial of service due to GraphQL Java (CVE-2023-28867) ## Vulnerability De ...
Continue Reading
June 12, 2023
The c-ares C library defines asynchronous DNS (Domain Name System) requests and provides name resolving API. Security Fix(es): * c-ares: 0-byte UDP payload Denial of Service (CVE-2023-32067) For more ...
Continue Reading
June 12, 2023
[]() The threat actor known as **Asylum Ambuscade** has been obse ...
Continue Reading
June 09, 2023
**Issue Overview:** An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server c ...
Continue Reading
June 08, 2023
## Summary There is a vulnerability in GraphQL used by IBM Maximo Asset Management. ## Vulnerability Details **CVEID: **[CVE-2022-37734]() **DESCRIPTION: **GraphQL Java is vulnerable to a denial of se ...
Continue Reading
June 08, 2023
Back to Main
