CDI < 5.1.9 – Reflected Cross-Site-Scripting

The plugin does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cros ...

Continue Reading
CDI < 5.1.9 – Reflected Cross-Site-Scripting

The plugin does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cros ...

Continue Reading
PHP vulnerabilities

USN-5479-1 fixed vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: Charles Fol discovered that PHP incorrectly handled initializin ...

Continue Reading
Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities

## Summary Security vulnerabilities have been addressed in IBM Cognos Analytics 11.1.7 FP5. These vulnerabilities have also been previously addressed in IBM Cognos Analytics 11.2.2. The following 3rd ...

Continue Reading
CVE-2022-29474

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, a director ...

Continue Reading
ECP SAML binding bypasses authentication flows

### Description A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. By exploiting this behavior, an attacker can bypass the MFA authentic ...

Continue Reading
CVE-2022-1026: Kyocera Net View Address Book Exposure

![CVE-2022-1026: Kyocera Net View Address Book Exposure](https://blog.rapid7.com/content/images/2022/03/kyocera-vuln.jpg) Rapid7 researcher Aaron Herndon has discovered that several models of Kyocera ...

Continue Reading
PHP vulnerabilities

Charles Fol discovered that PHP incorrectly handled initializing certain arrays when handling the pg_query_params function. A remote attacker could use this issue to cause PHP to crash, resulting in a ...

Continue Reading

Back to Main

Subscribe for the latest news: