CVE-2023-38419

An authenticated attacker with guest privileges or higher can cause the iControl SOAP process to terminate by sending undisclosed requests.  Note: Software versions which have reached End of Tec ...

Continue Reading

August 02, 2023

CVSS3 - MEDIUM

CVSS2 - MEDIUM

CVE-2023-34960

A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.Read ...

Continue Reading

August 01, 2023

Insufficient Random Numbers

PHP is vulnerable to Insufficient Random Numbers. The vulnerability is due to the SOAP HTTP Digest authentication using uninitialized memory as the nonce from the client which gets sent to the server, ...

Continue Reading

July 27, 2023

RWS WorldServer 11.7.3 – Session Token Enumeration

Post ContentRead More ...

Continue Reading

July 24, 2023

CVE-2023-3247

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...

Continue Reading

July 22, 2023

CVE-2023-3247

In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower rang ...

Continue Reading

July 22, 2023

RWS WorldServer 11.7.3 – Session Token Enumeration

Post ContentRead More ...

Continue Reading

July 21, 2023

Updated php packages fix security vulnerability

Fixed SOAP bug GHSA-76gg-c692-v2mw (Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP). (CVE-2023-3247)Read More ...

Continue Reading

July 19, 2023

1 240 241 242 243 244 274

Back to Main
Subscribe for the latest news: