In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. #### Notes Author| Note ---|--- [sbeattie]() | paraview uses ...
Continue Reading
July 01, 2023
A Command Injection in action_power.py in Cobbler prior to v2.6.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) username or (2) password fields to the power ...
Continue Reading
July 01, 2023
## Summary IBM WebSphere Application Server 9.0 traditional is vulnerable to a privilege escalation vulnerability when using token-based authentication in an admin request over the SOAP connector. X-F ...
Continue Reading
June 30, 2023
A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from insi ...
Continue Reading
June 30, 2023
Ganeti - Multiple VulnerabilitiesRead More ...
Continue Reading
June 30, 2023
Cap=EF=BF=BD=EF=BF=BD=EF=BF=BDn Proto is an insanely fast data interchange format and capability-based RPC system. Think JSON, except binary. Or think Protocol Buffers, except faster. In fact, in ben ...
Continue Reading
June 30, 2023
Post ContentRead More ...
Continue Reading
June 30, 2023
### Summary An exploitable improper authorization vulnerability exists in admin_peers API of cpp-ethereumâs JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an ...
Continue Reading
June 30, 2023
Back to Main
