Description Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did
Description Discourse is an open-source discussion platform. Prior to version 3.2.3 on the `stable` branch and version 3.3.0.beta3 on the
Description An authentication bypass in the SSH service of gost v2.11.5 allows attackers to intercept communications via setting the HostKeyCallback
Description Uncontrolled Resource Consumption vulnerability in MESbook 20221021.03 version. An unauthenticated remote attacker can use the “message” parameter to inject
Description GeoTools is an open source Java library that provides tools for geospatial data. Prior to versions 31.2, 30.4, and
Description Improper Validation of Array Index vulnerability in Samsung Open Source Walrus Webassembly runtime engine allows a segmentation fault issue.
Description GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.23.6,
Description Fiber is an Express-inspired web framework written in Go A vulnerability present in versions prior to 2.52.5 is a
Description The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is
Description The N-central server is vulnerable to an authentication bypass of the user interface. This vulnerability is present in all
Description Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A
Description authentik is an open-source Identity Provider. Access restrictions assigned to an application were not checked when using the OAuth2
The smooth and connected digital world is also an arena for cybercriminals who organize account takeover (ATO) attacks. Consider this:
Description The WordPress Plugin for Google Maps – WP MAPS plugin for WordPress is vulnerable to SQL Injection via the
Description A Server-Side Request Forgery (SSRF) vulnerability exists in the upload processing interface of gaizhenbiao/ChuanhuChatGPT versions
Description BC Security Empire before 5.9.3 is vulnerable to a path traversal issue that can lead to remote code execution.
Description Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the
Identity and Access Management (IAM or IdAM) is a set of policies, procedures, and technologies that enable organizations to manage
Description IBM Security SOAR 51.0.2.0 could allow an authenticated user to execute malicious code loaded from a specially crafted script.
HTTPS cookies, essential for website functionality and user experience, become a security liability when not adequately secured. These small data
Description The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘hash’ parameter in
Description Envoy is a cloud-native, open source edge and service proxy. Envoyproxy with a Brotli filter can get into an
Insider threats refer to security risks caused by people inside an organization who are authorized to access confidential systems, data,
Prophaze’s Comprehensive Approach to API Security in the Patient-Centric Digital Health Era In the realm of modern healthcare, where digital