Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-38124: Portal

Remote Code Execution vulnerability in Micro Focus ArcSight Enterprise Security Manager (ESM) product, affecting versions 7.0.2 through 7.5. The vulnerability could be exploited resulting in remote code execution.

CVE

Related news

CVE-2021-37124: Security Advisory - Path Traversal Vulnerability in Huawei PC Product

There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport a file to certain path.Affected product versions include:PC Smart Full Scene 11.1 versions PCManager 11.1.1.97.

Fugue Adds Kubernetes Security Checks to Secure Infrastructure-As-Code

Developers can apply proper security controls as they programmatically deploy Kubernetes clusters.

Fugue Adds Kubernetes Security Checks to Secure Infrastructure-as-Code

Developers can apply proper security controls as they programmatically deploy Kubernetes clusters.

IDrive Remote Desktop Offers Protection from RDP Cyberattacks and Vulnerabilities

Remote Desktop aims to solve vulnerability issues with RDP by implementing robust access and security controls.

Dolibarr ERP / CRM 14.0.2 Cross Site Scripting / Privilege Escalation

Dolibarr ERP and CRM 14.0.2 suffers from a persistent cross site scripting vulnerability that enables privilege escalation.

CVE-2021-22930: HackerOne

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.

CVE-2021-40310: OpenSIS 8.0 'cp_id_miss_attn' - Reflected Cross-Site Scripting (XSS) PoC

OpenSIS Community Edition version 8.0 is affected by a cross-site scripting (XSS) vulnerability in the TakeAttendance.php via the cp_id_miss_attn parameter.

CVE-2021-40868: Cloudron 6.2 Cross Site Scripting ≈ Packet Storm

In Cloudron 6.2, the returnTo parameter on the login page is vulnerable to Reflected XSS.

CVE-2021-22528: Cross-Site Scripting Vulnerability (CVE-2021-22528)

Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4

CVE-2021-22526: Potential redirection vulnerability (CVE-2021-22526)

Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4

CVE-2021-22527: Potential information leakage vulnerability (CVE-2021-22527)

Information leakage vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907