Security Bulletin: IBM DataPower Gateway potentially vulnerable to HTTP request smuggling
## Summary These flaws have the potential to affect the API Gateway Sservice. IBM has addressed the CVEs ## Vulnerability Details ** CVEID: **[CVE-2022-32213]() ** DESCRIPTION: **Node.js is vulnerable ...
Continue Reading
November 21, 2022
Apache SOAP authentication error vulnerability
Apache SOAP is used as a client-side library by the Apache Foundation to invoke SOAP services available elsewhere, and as a server-side tool to implement SOAP-accessible services. an authentication er ...
Continue Reading
November 21, 2022
Atlassian Releases Patches for Critical Flaws Affecting Crowd and Bitbucket Products
[ 
Privilege Escalation
dolibarr/dolibarr is vulnerable to privilege escalation. The vulnerability exists due to improper authorization checks in the library, allowing an attacker to escalate privileges via crafted API call, ...
Continue Reading
November 18, 2022
Apache SOAP contains unauthenticated RPCRouterServlet
** UNSUPPORTED WHEN ASSIGNED ** In the default configuration of Apache SOAP, an RPCRouterServlet is available without authentication. This gives an attacker the possibility to invoke methods on the cl ...
Continue Reading
November 18, 2022
Deserialization Of Untrusted Data
soap is vulnerable to untrusted data deserialization. The vulnerability exists due to lack of authentication in `RPCRouterServlet` which allows an attacker to execute arbitrary code in to the system.R ...
Continue Reading
November 16, 2022
Quest NetVault Backup NVBUJobCountHistory SQL Injection (CVE-2017-17420)
An SQL injection vulnerability exists in the Server Process Manager Service of Quest NetVault Backup. The vulnerability is due to improper validation of user-supplied input on JSON-RPC requests invoki ...
Continue Reading
November 16, 2022
(RHSA-2022:7624) Moderate: php:8.0 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php (8.0.20). (BZ#2100876) Security Fix(es) ...
Continue Reading
November 16, 2022
(RHSA-2022:7628) Moderate: php:7.4 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php (7.4.30), php-pear (1.10.13). (BZ#20554 ...
Continue Reading
November 16, 2022
(RHSA-2022:7628) Moderate: php:7.4 security, bug fix, and enhancement update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php (7.4.30), php-pear (1.10.13). (BZ#20554 ...
Continue Reading
November 16, 2022
