modoboa is vulnerable to Improper Authorization. The vulnerability exists due to missing authorization checks on the `/api/v2/parameters/core/` API endpoint which allows an attacker to gain sensitive ...
Continue Reading
May 06, 2023
Due to insufficient validation of parameters passed to the legacy HTTP query API, it is possible to inject crafted OS commands into multiple parameters and execute malicious code on the OpenTSDB host ...
Continue Reading
May 05, 2023
The version of tomcat7 installed on the remote host is prior to 7.0.109-1.42. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1738 advisory. - Apache Commons Fi ...
Continue Reading
May 04, 2023
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Carlo Gavazzi Powersoft up to version 2.1.1.1 allows an unauthenticated, remote attacker to download any ...
Continue Reading
May 04, 2023
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-176 advisory. - The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back- ...
Continue Reading
May 04, 2023
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-165 advisory. - Envoy is an open source edge and service proxy designed for cloud-native applications. Prior ...
Continue Reading
May 04, 2023
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-165 advisory. - Envoy is an open source edge and service proxy designed for cloud-native applications. Prior ...
Continue Reading
May 04, 2023
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-165 advisory. - Envoy is an open source edge and service proxy designed for cloud-native applications. Prior ...
Continue Reading
May 04, 2023
Back to Main
