CVE-2023-4599
The Slimstat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'eeb_mailto' shortcode in versions up to, and including, 2.1.7 due to insufficient input sanitization a ...
Continue Reading
August 30, 2023
Security Bulletin: gRPC component is vulnerable to CVE-2023-32731 is used by IBM Maximo Application Suite
## Summary IBM Maximo Application Suite uses gRPC package which is vulnerable to CVE-2023-32731. ## Vulnerability Details ** CVEID: **[CVE-2023-32731]() ** DESCRIPTION: **gRPC could allow a remote att ...
Continue Reading
August 29, 2023
CVE-2023-0921
A lack of length validation in GitLab CE/EE affecting all versions from 8.3 before 15.10.8, 15.11 before 15.11.7, and 16.0 before 16.0.2 allows an authenticated attacker to create a large Issue descri ...
Continue Reading
August 29, 2023
CVE-2023-38028
Sahoâs attendance devices ADM100 and ADM-100FP have insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication to read system informat ...
Continue Reading
August 28, 2023
CVE-2023-38030
Sahoâs attendance devices ADM100 and ADM-100FP have a vulnerability of missing authentication for critical functions. An unauthenticated remote attacker can execute system commands in partial web ...
Continue Reading
August 28, 2023
CVE-2023-40027
Keystone is an open source headless CMS for Node.js â built with GraphQL and React. When `ui.isAccessAllowed` is set as `undefined`, the `adminMeta` GraphQL query is publicly accessible (no sessi ...
Continue Reading
August 27, 2023
CVE-2023-40171
Dispatch is an open source security incident management tool. The server response includes the JWT Secret Key used for signing JWT tokens in error message when the `Dispatch Plugin - Basic Authenticat ...
Continue Reading
August 27, 2023
CVE-2023-24515
Server-Side Request Forgery (SSRF) vulnerability in API checker of Pandora FMS. Application does not have a check on the URL scheme used while retrieving API URL. Rather than validating the http/https ...
Continue Reading
August 27, 2023
CVE-2023-1428
There exists an vulnerability causing an abort() to be called in gRPC. The following headers cause gRPC's C++ implementation to abort() when called via http2: te: x (x != trailers) :scheme: x (x ! ...
Continue Reading
August 27, 2023
Important Photon OS Security Update – PHSA-2023-5.0-0078
Updates of ['grpc'] packages of Photon OS have been released.Read More ...
Continue Reading
August 27, 2023
