[SECURITY] Fedora 37 Update: python-oauthlib-3.2.1-1.fc37
OAuthLib is a generic utility which implements the logic of OAuth without assuming a specific HTTP request object or web framework. Use it to graft OAuth client support onto your favorite HTTP library ...
Continue Reading
October 04, 2022
CVE-2022-32173
In OrchardCore rc1-11259 to v1.2.2 vulnerable to HTML injection, allow an authenticated user with an editor security role to inject a persistent HTML modal dialog component into the dashboard that wil ...
Continue Reading
October 03, 2022
Privilege Escalation
github.com/bytebase/bytebase is vulnerable to privilege escalation. The vulnerability exists due to a lack of verification and validation of users allowing an attacker to access admin 'projects' at en ...
Continue Reading
October 01, 2022
Zammad Access Control Error Vulnerability (CNVD-2022-66765)
Zammad is a suite of ticket management software from Zammad Germany. version 5.2.1 of Zammad contains an access control error vulnerability, which stems from the existence of faulty access control in ...
Continue Reading
September 30, 2022
Apache Pulsar Broker, Proxy, and WebSocket Proxy vulnerable to Improper Certificate Validation
TLS hostname verification cannot be enabled in the Pulsar Broker's Java Client, the Pulsar Broker's Java Admin Client, the Pulsar WebSocket Proxy's Java Client, and the Pulsar Proxy's Admin Client lea ...
Continue Reading
September 29, 2022
Apache Pulsar Broker, Proxy, and WebSocket Proxy vulnerable to Improper Certificate Validation
TLS hostname verification cannot be enabled in the Pulsar Broker's Java Client, the Pulsar Broker's Java Admin Client, the Pulsar WebSocket Proxy's Java Client, and the Pulsar Proxy's Admin Client lea ...
Continue Reading
September 29, 2022
ARC Informatique PcVue (Update A)
Skip to main content Toolbar items Manage Administration menu Tools Extend Tools Content Extend Content Structure Configuration Extend Configuration Help Horizontal orientation dgloria Edit ICS Adviso ...
Continue Reading
September 29, 2022
Information Disclosure
Rancher is vulnerable to information disclosure. Confidential information such as passwords and API keys are stored in kubernetes objects using plaintext which allows an attacker with read permission ...
Continue Reading
September 28, 2022
CVE-2022-28815
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy server was discovered to contain a SQL injection vulnerability allowing an attacker to query oth ...
Continue Reading
September 28, 2022
CVE-2022-32170
The Bytebase application does not restrict low privilege user to access admin projects for which an unauthorized user can view the projects created by Admin and the affected endpoint i ...
Continue Reading
September 28, 2022
