### API security — Wiki: What is ❓ Why ❓ For PenTest & Best Practice **What does api mean?** For beginners, API refers to the Application Programming Interface designed for effortless commun ...
Continue ReadingJune 23, 2022
Apache Dubbo prior to 2.6.9 and 2.7.10 by default supports generic calls to arbitrary methods exposed by provider interfaces. These invocations are handled by the GenericFilter which will find the ser ...
Continue ReadingJune 23, 2022
An update that fixes two vulnerabilities is now available. Description: This update for trivy fixes the following issues: trivy was updated to version 0.28.0 (boo#1199760, CVE-2022-28946): * ...
Continue ReadingJune 21, 2022
QRadar Community Edition version 7.3.1.6 has an issue where the RssFeedItem class of the QRadar web application is used to fetch and parse RSS feeds. No validation is performed on the user-supplied RS ...
Continue ReadingMay 30, 2022
Post ContentRead More ...
Continue ReadingMay 30, 2022
SALTO ProAccess SPACE versions 5.5 and below suffer from path traversal, arbitrary file write, persistent cross site scripting, privilege escalation, and clear text transmission of sensitive data vuln ...
Continue ReadingMay 30, 2022
Post ContentRead More ...
Continue ReadingMay 30, 2022
## Summary Credentials for a custom node are stored in plain text inside Local Storage on the user's machine. If this node is configured in a certain way this could lead to the theft of any funds in a ...
Continue ReadingMay 30, 2022
Back to Main