An issue has been discovered in GitLab EE/CE affecting all versions from 16.9.7 prior to 17.1.7, 17.2 prior to 17.2.5, and 17.3 prior to 17.3.2. An improper input validation error allows attacker to s ...
Continue Reading
September 26, 2024
IceCMS v3.4.7 and before was discovered to contain a hardcoded JWT key, allowing an attacker to forge JWT authentication...Read More ...
Continue Reading
September 25, 2024
IceCMS v3.4.7 and before was discovered to contain a hardcoded JWT key, allowing an attacker to forge JWT authentication...Read More ...
Continue Reading
September 24, 2024
IceCMS v3.4.7 and before was discovered to contain a hardcoded JWT key, allowing an attacker to forge JWT authentication...Read More ...
Continue Reading
September 24, 2024
IceCMS v3.4.7 and before was discovered to contain a hardcoded JWT key, allowing an attacker to forge JWT authentication...Read More ...
Continue Reading
September 24, 2024
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Moxa Equipment: MXview One, MXview One Central Manager Series Vulnerabilities: Cleartext Stora ...
Continue Reading
September 24, 2024
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Moxa Equipment: MXview One, MXview One Central Manager Series Vulnerabilities: Cleartext Stora ...
Continue Reading
September 24, 2024
Impact An attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string. request message: ``` POST /de2api/datasource/validate HTTP/1.1 Host: dataeas ...
Continue Reading
September 24, 2024
Back to Main
