CVE-2022-41040

Microsoft Exchange Server Elevation of Privilege Vulnerability.Read More ...

Continue Reading

CVSS3 - HIGH

[SECURITY] Fedora 36 Update: knot-resolver-5.5.3-1.fc36

The Knot Resolver is a DNSSEC-enabled caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core t ...

Continue Reading

CVSS3 - HIGH

[SECURITY] Fedora 35 Update: knot-resolver-5.5.3-1.fc35

The Knot Resolver is a DNSSEC-enabled caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core t ...

Continue Reading

CVSS3 - HIGH

Privilege Escalation

github.com/bytebase/bytebase is vulnerable to privilege escalation. The vulnerability exists due to a lack of verification and validation of users allowing an attacker to access admin 'projects' at en ...

Continue Reading

CVSS3 - MEDIUM

Security Bulletin: Vulnerability in Apache Tomcat affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

## Summary A vulnerability in Apache Tomcat affects the product's management GUI. The Command Line Interface is unaffected. ## Vulnerability Details **CVEID: **[CVE-2022-25762]() **DESCRIPTION: **Apac ...

Continue Reading

CVSS3 - HIGH

CVSS2 - HIGH

Atlassian Bitbucket Server and Data Center Command Injection Vulnerability

Multiple API endpoints of Atlassian Bitbucket Server and Data Center contain a command injection vulnerability where an attacker with access to a public Bitbucket repository, or with read permissions ...

Continue Reading

CVSS3 - HIGH

Zammad Access Control Error Vulnerability (CNVD-2022-66765)

Zammad is a suite of ticket management software from Zammad Germany. version 5.2.1 of Zammad contains an access control error vulnerability, which stems from the existence of faulty access control in ...

Continue Reading

CVSS3 - MEDIUM

Apache Pulsar Broker, Proxy, and WebSocket Proxy vulnerable to Improper Certificate Validation

TLS hostname verification cannot be enabled in the Pulsar Broker's Java Client, the Pulsar Broker's Java Admin Client, the Pulsar WebSocket Proxy's Java Client, and the Pulsar Proxy's Admin Client lea ...

Continue Reading

CVSS3 - MEDIUM

Back to Main

Subscribe for the latest news:
Generated by Feedzy