CVE-2023-28656
NGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned environment.  Note: Software versions which have reached End of Tech ...
Continue Reading
May 03, 2023
CVE-2023-29163
When UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End ...
Continue Reading
May 03, 2023
CVE-2023-28742
When DNS is provisioned, an authenticated remote command execution vulnerability exists in DNS iQuery mesh. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated ...
Continue Reading
May 03, 2023
CVE-2023-27378
Multiple reflected cross-site scripting (XSS) vulnerabilities exist in undisclosed pages of the BIG-IP Configuration utility which allow an attacker to run JavaScript in the context of the currently l ...
Continue Reading
May 03, 2023
CVE-2023-28724
NGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files on NGINX Instance Manager and NGINX API Connectivity Manager.  ...
Continue Reading
May 03, 2023
CVE-2023-28656
NGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned environment.  Note: Software versions which have reached End of Tech ...
Continue Reading
May 03, 2023
(RHSA-2023:2083) Moderate: Red Hat Advanced Cluster Management 2.6.5 security updates and bug fixes
Red Hat Advanced Cluster Management for Kubernetes 2.6.5 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site r ...
Continue Reading
May 02, 2023
Debian DLA-3409-1 : libapache2-mod-auth-openidc – LTS security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3409 advisory. - A flaw was found in mod_auth_openidc before version 2.4.1. An ...
Continue Reading
May 02, 2023
Wordfence Intelligence Weekly WordPress Vulnerability Report (Apr 17, 2023 to Apr 23, 2023)
Last week, there were 152 vulnerabilities disclosed in 134 WordPress Plugins and 0 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 41 Vulnera ...
Continue Reading
May 01, 2023
Denial Of Services (DoS)
graphql-java is vulnerable to Denial Of Services (DoS). An attacker can send a maliciously crafted GraphQL query that causes excessive stack consumption, which can lead to an application crash.Read Mo ...
Continue Reading
May 01, 2023
