Summary IBM Security QRadar EDR Software includes vulnerable components (e.g., framework libraries) that could be identified and exploited with automated tools. These have been addressed in the update ...
Continue Reading
June 11, 2025
The ArchiverSpaApi ASP.NET application uses a hard-coded JWT signing key. An unauthenticated remote attacker can generate and use a verifiable JWT token to access protected ArchiverSpaApi URL...Read ...
Continue Reading
June 11, 2025
Red Hat OpenShift Container Platform release 4.17.33 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Ha ...
Continue Reading
June 11, 2025
Summary An authenticated Local File Inclusion (LFI) vulnerability in the HAXCMS saveOutline endpoint allows a low-privileged user to read arbitrary files on the server by manipulating the location fie ...
Continue Reading
June 11, 2025
DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.10, secret verification does not take effect successfully, so a user can use any secret to forge a J ...
Continue Reading
June 11, 2025
A vulnerability has been found in PerfreeBlog 4.0.11 and classified as problematic. This vulnerability affects the function JwtUtil of the component JWT Handler. The manipulation leads to use of hard- ...
Continue Reading
June 11, 2025
The ArchiverSpaApi ASP.NET application uses a hard-coded JWT signing key. An unauthenticated remote attacker can generate and use a verifiable JWT token to access protected ArchiverSpaApi URL...Read ...
Continue Reading
June 10, 2025
The ArchiverSpaApi ASP.NET application uses a hard-coded JWT signing key. An unauthenticated remote attacker can generate and use a verifiable JWT token to access protected ArchiverSpaApi URL...Read ...
Continue Reading
June 10, 2025
Back to Main
