This vulnerability allows local attackers to escalate privileges on affected installations of Cisco RV340 routers. An attacker must first obtain the ability to execute low-privileged code on the targe ...
Continue ReadingMay 30, 2022
(This advisory is canonically ) ## Problem Description The NATS server provides for Subjects which are namespaced by Account; all Subjects are supposed to be private to an account, with an Export/Impo ...
Continue ReadingMay 30, 2022
## Problem Description The NATS account system has an Operator trusted by the servers, which signs Accounts, and each Account can then create and sign Users within their account. The Operator should ...
Continue ReadingMay 30, 2022
## Problem Description NATS nats-server through 2020-10-07 has Incorrect Access Control because of how expired credentials are handled. The NATS accounts system has expiration timestamps on credential ...
Continue ReadingMay 30, 2022
### Impact Several vulnerabilities have been reported in the `time` and `chrono` crates related to handling of calls to `localtime_r`. You can follow some of the discussions [here](https://github.com/ ...
Continue ReadingMay 30, 2022
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers ...
Continue ReadingMay 30, 2022
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers ...
Continue ReadingMay 30, 2022
A [server-side request forgery (SSRF) flaw]() in an API of a large financial technology (fintech) platform potentially could have compromised millions of bank customers, allowing attackers to defraud ...
Continue ReadingMay 30, 2022
Back to Main