CVSS3 - LOW - API Security Blog

Authentication Bypass

flarum is vulnerable to Authentication Bypass. The vulnerability exists because the library does not properly check access for post creation when the first post is deleted, allowing an attacker who ca ...

January 27, 2023

CVE-2023-21889

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerab ...

January 18, 2023

CVE-2023-21882

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privi ...

January 18, 2023

CVE-2023-21843

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.1 ...

January 18, 2023

CVE-2023-21885

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerab ...

January 18, 2023

CVE-2023-21874

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high ...

January 18, 2023

Security Bulletin: IBM InfoSphere Information Server is affected by an information disclosure vulnerability in Kubernetes (CVE-2021-25740)

## Summary An information disclosure vulnerability in Kubernetes used by IBM InfoSphere Information Server was addressed. ## Vulnerability Details ** CVEID: **[CVE-2021-25740]() ** DESCRIPTION: **Kube ...

January 03, 2023