An SQL injection vulnerability exists in the Server Process Manager Service of Quest NetVault Backup. The vulnerability is due to improper validation of user-supplied input on JSON-RPC requests invoki ...
Continue Reading
November 16, 2022
## Summary This SB contains a list for all CVE's listed here - CVE-2022-36083, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-21797, CVE-2022-35941, CVE-2021-42248, CVE-2021-42836, CVE-2022- ...
Continue Reading
October 20, 2022
WAFs were a top-notch security instrument a decade ago, but now they are not. They fail to protect APIs. Meanwhile, the number of API-specific vulnerabilities grew more than twofold in 2022. According ...
Continue Reading
October 17, 2022
## Summary: Reddit.secure.force.com is Reddit SalesForce instance. Attacker is able to send attachments of disallowed filetypes to this server. The attacker is able to send malicious documents such as ...
Continue Reading
October 10, 2022
Monero daemon (monerod) does not limit Content-length variable when processing incoming HTTP requests. We can force monerod to allocate arbitrary amount of memory. How to reproduce: 1) compile monero ...
Continue Reading
October 09, 2022
Microsoft has observed the Sliver command-and-control (C2) framework now being adopted and integrated in intrusion campaigns by [nation-state threat actors](), cybercrime groups directly supporting [r ...
Continue Reading
August 24, 2022
Microsoft has observed the Sliver command-and-control (C2) framework now being adopted and integrated in intrusion campaigns by [nation-state threat actors](), cybercrime groups directly supporting [r ...
Continue Reading
August 24, 2022
An update that fixes three vulnerabilities is now available. Description: This update for trivy fixes the following issues: Update to version 0.30.4: * fix: remove the first arg when running ...
Continue Reading
August 20, 2022
Back to Main
