SmartSoft SmartBPM.NET has a vulnerability of using hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized payload to the server to execute arbitrary cod ...
Continue Reading
July 10, 2023
## Summary Vulnerability in the GraphQL Java library used by IBM WebSphere Application Server Liberty when the feature mpGraphQL-1.0 or mpGraphQL-2.0 is enabled. Following IBM® Engineering Lifecycl ...
Continue Reading
July 10, 2023
# CVE-2023-34362 POC for CVE-2023-34362 affecting MOVEit Transfe...Read More ...
Continue Reading
July 09, 2023
A potential Cross Site Scripting (XSS) vulnerablity ([CVE-2022-36180](https://security-tracker.debian.org/tracker/CVE-2022-36180)) and session handling vulnerability ([CVE-2022-36179](https://security ...
Continue Reading
July 08, 2023
A vulnerability has been found in phpCAS, a Central Authentication Service client library in php, which may allow an attacker to gain access to a victim's account on a vulnerable CASified service with ...
Continue Reading
July 08, 2023
The source package ocsinventory-server has been updated to address the API change in php-cas due to [CVE-2022-39369](https://security-tracker.debian.org/tracker/CVE-2022-39369), see DLA 3485-1 for det ...
Continue Reading
July 08, 2023
ruby [2.7.8-139] - Upgrade to Ruby 2.7.8. Resolves: rhbz#2149262 - Fix HTTP response splitting in CGI. Resolves: CVE-2021-33621 - Fix ReDoS vulnerability in URI. Resolves: CVE-2023-28755 - Fix R ...
Continue Reading
July 08, 2023
grpc is vulnerable to Connection Confusion. The vulnerability exists when the gRPC HTTP2 stack raised a header size exceeded error, and it skipped parsing the rest of the HPACK frame, which caused any ...
Continue Reading
July 08, 2023
Back to Main
