Important: tomcat

**Issue Overview:** A privilege escalation flaw was found in Tomcat when the JMX Remote Lifecycle Listener was enabled. A local attacker without access to the Tomcat process or configuration files cou ...

Continue Reading

CVSS3 - HIGH

CVSS2 - MEDIUM

RHEL 8 : edk2 (RHSA-2023:2932)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2932 advisory. - A timing based side channel exists in t ...

Continue Reading

CVSS3 - HIGH

Security Bulletin: IBM Security Verify Information Queue has multiple third-party library vulnerabilities

## Summary IBM Security Verify Information Queue (ISIQ) v10.0.5 has remediated vulnerabilities in the third-party libraries that it uses. ## Vulnerability Details ** CVEID: **[CVE-2022-41946]() ** DES ...

Continue Reading

CVSS3 - HIGH

CVSS2 - MEDIUM

Ubuntu 18.04 ESM : Synapse vulnerabilities (USN-6076-1)

The remote Ubuntu 18.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6076-1 advisory. - Matrix Synapse before 0.28.1 is prone to a denial of ...

Continue Reading

CVSS3 - CRITICAL

CVSS2 - HIGH

Oracle Linux 9 : edk2 (ELSA-2023-2165)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2165 advisory. - Existing CommBuffer checks in SmmEntryPoint will n ...

Continue Reading

CVSS3 - CRITICAL

CVSS2 - HIGH

Oracle Linux 9 : fence-agents (ELSA-2023-2161)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-2161 advisory. - OAuthLib is an implementation of the OAuth request-signing ...

Continue Reading

CVSS3 - MEDIUM

ChatGPT: Friend or Foe? | API Security Newsletter

Welcome to our April API newsletter, recapping some of the events of last month. This month’s topic is Generative AI tools (e.g., ChatGPT) in cybersecurity. It – along with API Security †...

Continue Reading

CVSS3 - CRITICAL

ChatGPT: Friend or Foe? | API Security Newsletter

Welcome to our April API newsletter, recapping some of the events of last month. This month’s topic is Generative AI tools (e.g., ChatGPT) in cybersecurity. It – along with API Security †...

Continue Reading

CVSS3 - CRITICAL

Back to Main

Subscribe for the latest news: