Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands may be vulnerable to loss of confidentiality due to CVE-2022-35948 and CVE-2022-35949

## Summary Node.js module undici is used by IBM App Connect Enterprise Certified Container when testing API endpoints. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that us ...

Continue Reading

CVSS3 - CRITICAL

CVE-2022-35174

A stored cross-site scripting (XSS) vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field.Read More ...

Continue Reading

CVSS3 - MEDIUM

CVE-2022-37061

All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited to inject and execute arbitrary shell commands as the root use ...

Continue Reading

CVSS3 - CRITICAL

CVE-2022-35175

Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /blotter/blotter.php.Read More ...

Continue Reading

CVSS3 - CRITICAL

CVE-2022-37062

All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are affected by an insecure design vulnerability due to an improper directory access restriction. An unauthenticated, remote att ...

Continue Reading

CVSS3 - HIGH

CVE-2022-37063

All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Cross Site Scripting (XSS) due to improper input sanitization. An authenticated remote attacker can execute a ...

Continue Reading

CVSS3 - MEDIUM

Nodejs ‘undici’ Vulnerable to CRLF Injection via Content-Type

### Impact `=Read More ...

Continue Reading

CVSS3 - CRITICAL

Cockpit Content Platform vulnerable to 2FA bypass

Cockpit Content Platform through version 2.2.1 is vulnerable to a two-factor authentication (2FA) bypass. The 2FA secret is disclosed in a JWT token after user logs into their account, allowing an att ...

Continue Reading

CVSS3 - HIGH

Back to Main

Subscribe for the latest news:
Generated by Feedzy