CVE-2019-19791
In LemonLDAP::NG (aka lemonldap-ng) before 2.0.7, the default Apache HTTP Server configuration does not properly restrict access to SOAP/REST endpoints (when some LemonLDAP::NG setup options are used) ...
Continue Reading
June 07, 2023
(RHSA-2023:3366) Important: OpenShift Container Platform 4.13.2 packages and security update
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages ...
Continue Reading
June 07, 2023
Security Bulletin: IBM Security Directory Suite is vulnerable to multiple issues
## Summary Multiple Security Vulnerabilities in the IBM Security Directory Suite have been addressed by code updates and updating the relevant components. ## Vulnerability Details ** CVEID: **[CVE-202 ...
Continue Reading
June 06, 2023
(RHSA-2023:3441) Important: Red Hat OpenStack Platform 17.0 (etcd) security update
A highly-available key value store for shared configuration Security Fix(es): * Information discosure via debug function (CVE-2021-28235) * Key name can be accessed via LeaseTimeToLive API (CVE-2023-3 ...
Continue Reading
June 05, 2023
CVE-2023-30603
Hitron Technologies CODA-5310 Telnet function with the default account and password, and there is no warning or prompt to ask users to change the default password and account. An unauthenticated remot ...
Continue Reading
June 02, 2023
CVE-2023-30604
It is identified a vulnerability of insufficient authentication in the system configuration interface of Hitron Technologies CODA-5310. An unauthorized remote attacker can exploit this vulnerability t ...
Continue Reading
June 02, 2023
CVE-2023-28701
ELITE TECHNOLOGY CORP. Web Fax has a vulnerability of SQL Injection. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to perform arbitrary system comma ...
Continue Reading
June 02, 2023
CVE-2023-28698
Wade Graphic Design FANTSY has a vulnerability of insufficient authorization check. An unauthenticated remote user can exploit this vulnerability by modifying URL parameters to gain administrator priv ...
Continue Reading
June 02, 2023
CVE-2023-3000
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Erikoglu Technology ErMon allows Command Line Execution through SQL Injection, Authentication Bypa ...
Continue Reading
June 02, 2023
Private APIs at Risk: Q1-2023 API ThreatStats⢠Report
According to a Mar-2022 API survey by Gartner, 98% of organizations use or are planning to use internal APIs â up from 88% in 2019. And 90% of organizations use or are planning to use private API ...
Continue Reading
June 01, 2023
