CVE-2023-3452
The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wp_abspath' parameter. This allows unauthenticated attackers to include and execu ...
Continue Reading
August 12, 2023
(RHSA-2023:4623) Important: Red Hat OpenShift Service Mesh 2.2.9 security update
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. Security Fix(es): * envoy: Clie ...
Continue Reading
August 11, 2023
(RHSA-2023:4624) Important: Red Hat OpenShift Service Mesh Containers for 2.3.6 security update
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Security Fix(es): * ...
Continue Reading
August 11, 2023
(RHSA-2023:4623) Important: Red Hat OpenShift Service Mesh 2.2.9 security update
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. Security Fix(es): * envoy: Clie ...
Continue Reading
August 11, 2023
Metasploit weekly wrap-up
## New module content (1) ### Metabase Setup Token RCE  Authors: Maxwell Garrett, Shubham Shah, and ...
Continue Reading
August 11, 2023
Metabase Remote Code Execution Exploit
Metabase versions before 0.46.6.1 contain a flaw where the secret setup-token is accessible even after the setup process has been completed. With this token a user is able to submit the setup function ...
Continue Reading
August 09, 2023
CVE-2023-3717
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Farmakom Remote Administration Console allows SQL Injection.This issue affects Remote Administrati ...
Continue Reading
August 08, 2023
CVE-2023-3898
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mAyaNet E-Commerce Software allows SQL Injection.This issue affects E-Commerce Software: before 1. ...
Continue Reading
August 08, 2023
(RHSA-2023:4335) Important: Security Update for cert-manager Operator for Red Hat OpenShift 1.10.3
The cert-manager Operator for Red Hat OpenShift builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it pos ...
Continue Reading
August 08, 2023
