This module uses a blind SQL injection (CVE-2020-5724) affecting the Grandstream UCM62xx IP PBX to dump the users table. The injection occurs over a websocket at the websockify endpoint, and specifica ...

Continue Reading

July 01, 2023

Palo Alto Networks Firewalls - Root Remote Code ExecutionRead More ...

Continue Reading

July 01, 2023

Post ContentRead More ...

Continue Reading

June 30, 2023

# July 7th 2022 Security Releases By Rafael Gonzaga, 2022-07-07 ## _(Update 07-July-2022)_ Security releases available Updates are now available for the v18.x, v16.x, and v14.x Node.js release lines f ...

Continue Reading

June 30, 2023

**Issue Overview:** It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbit ...

Continue Reading

June 30, 2023

Google gRPC before 2017-03-29 has an out-of-bounds write caused by a heap-based use-after-free related to the grpc_call_destroy function in core/lib/surface/call.c.Read More ...

Continue Reading

June 30, 2023

Gitlab reports: SSRF GCP access token disclosure Persistent XSS on issue details Diff formatter DoS in Sidekiq jobs Confidential information disclosure in events API endpoint validate_localhost functi ...

Continue Reading

June 30, 2023

Kata runtime to run containers in virtual machines Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel a ...

Continue Reading

June 30, 2023

## Summary App Connect Enterprise Certified Container Integration Servers and Designers are vulnerable to code injection and Denial of Service attacks due to CVE-2020-7766 and CVE-2020-7768 ## Vulnera ...

Continue Reading

June 30, 2023

## Security Advisory 0071 _._CSAF PDF #### **Date:** January 11th, 2022 Revision | Date | Changes ---|---|--- 1.0 | January 11th, 2022 | Initial release ### Security Advisory 0071 The CVE-ID tracki ...

Continue Reading

June 30, 2023