Improper Limitation of a Pathname to a Restricted Directory in Jenkins Google OAuth Credentials Plugin

An arbitrary file read vulnerability in Jenkins Google OAuth Credentials Plugin 0.9 and earlier allowed attackers able to configure jobs and credentials in Jenkins to obtain the contents of any file o ...

Continue Reading

June 28, 2022

(RHSA-2022:5338) Moderate: ruby:2.6 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a la ...

Continue Reading

June 28, 2022

WSO2 Management Console Cross Site Scripting

Post ContentRead More ...

Continue Reading

June 27, 2022

WSO2 Management Console (Multiple Products) – Unauthenticated Reflected XSS Exploit

Post ContentRead More ...

Continue Reading

June 27, 2022

WSO2 Management Console (Multiple Products) – Unauthenticated Reflected Cross-Site Scripting (XSS)

Post ContentRead More ...

Continue Reading

June 27, 2022

(RHSA-2022:5188) Important: RHACS 3.69 security update

Release of RHACS 3.69.2 Security Fix(es): * stackrox: Improper sanitization allows users to retrieve Notifier secrets from GraphQL API in plaintext (CVE-2022-1902)Read More ...

Continue Reading

June 24, 2022

CVE-2022-32143

In multiple CODESYS products, file download and upload function allows access to internal files in the working directory e.g. firmware files of the PLC. All requests are processed on the controller on ...

Continue Reading

June 24, 2022

CVE-2022-32141

Multiple CODESYS Products are prone to a buffer over read. A low privileged remote attacker may craft a request with an invalid offset, which can cause an internal buffer over-read, resulting in a den ...

Continue Reading

June 24, 2022

1 376 377 378 379 380 427

Back to Main
Subscribe for the latest news: