Denial Of Service (DoS)
github.com/cometbft/cometbft is vulnerable to Denial of Service (DoS) attacks. A deadlock is introduced when serializing the struct `PeerState` to JSON when the new method `MarshallJSON` is used. One ...
Continue Reading
July 20, 2023
Medium: python-rsa
**Issue Overview:** A flaw was found in python-rsa, where it is vulnerable to Bleichenbacher timing attacks. This flaw allows an attacker, via the RSA decryption API, to decrypt parts of the ciphertex ...
Continue Reading
July 20, 2023
CVE-2023-25838
There is SQL injection vulnerability in Esri ArcGIS Insights 2022.1 for ArcGIS Enterprise and that may allow a remote, authorized attacker to execute arbitrary SQL commands against the back-end dat ...
Continue Reading
July 19, 2023
Microsoft Office 365 18.2305.1222.0 Remote Code Execution
Post ContentRead More ...
Continue Reading
July 19, 2023
CVE-2023-21974
Vulnerability in the Application Express Team Calendar Plugin product of Oracle Application Express (component: User Account). Supported versions that are affected are Application Express Team Calend ...
Continue Reading
July 18, 2023
CVE-2023-21975
Vulnerability in the Application Express Customers Plugin product of Oracle Application Express (component: User Account). Supported versions that are affected are Application Express Customers Plugi ...
Continue Reading
July 18, 2023
CVE-2023-22004
Vulnerability in the Oracle Applications Technology product of Oracle E-Business Suite (component: Reports Configuration). Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable ...
Continue Reading
July 18, 2023
CVE-2023-21983
Vulnerability in the Application Express Administration product of Oracle Application Express (component: None). Supported versions that are affected are Application Express Administration: 18.2-22.2 ...
Continue Reading
July 18, 2023
(RHSA-2023:3884) Important: Red Hat Single Sign-On 7.6.4 security update on RHEL 8
Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This rel ...
Continue Reading
July 18, 2023
CVE-2023-2433
The YARPP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'className' parameter in versions up to, and including, 5.30.3 due to insufficient input sanitization and output escapin ...
Continue Reading
July 18, 2023
