Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
1509 Results
Critical Vulnerability in Zoho ManageEngine Products
ManageEngine released an advisory to address a Critical vulnerability in several Zoho ManageEngine Products. An attacker could exploit this vulnerability to perform unauthenticated remote code execution.
High Vulnerability Apache SOAP
Mandiant reported a High vulnerability in Apache Soap. An attacker could exploit this vulnerability to perform unauthenticated remote code execution. For a complete description of the vulnerabilities and affected systems go to CVE-2022-45378 Detail . IT Security Read more about IT Security service offerings.
Vulnerabilities in Oracle Products
Oracle released their January Critical Patch Update to address vulnerabilities in Oracle products. For a complete description of the vulnerabilities and affected systems go to Oracle Critical Patch Update Advisory - January 2022. IT Security
Critical Vulnerabilities in Git
The maintainers of the Git source code version control system have released updates to remediate two Critical vulnerabilities in Git. An attacker could exploit some of these vulnerabilities to take control of an affected system. For a complete description of the vulnerabilities and affected systems go to:
Vulnerability in Cacti Servers
NIST reported a vulnerability in Cacti servers. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. For a complete description of the vulnerabilities and affected systems go to CVE-2022-46169 Detail. IT Security
High Vulnerabilities in Mozilla Products
Mozilla released security updates to address High vulnerabilities in Firefox ESR and Firefox. An attacker could exploit some of these vulnerabilities to take control of an affected system. For a complete description of the vulnerabilities and affected systems go to Mozilla Foundation Security Advisories. IT Security
Vulnerability in the Linux Foundation loopback-connector-postgresql 5.5.0 for Node[.]js.
Mandiant reported a vulnerability in the Linux Foundation loopback-connector-postgresql 5.5.0 for Node[.]js. Improper input validation on the `contains` LoopBack filter may allow for arbitrary SQL injection For a complete description of the vulnerabilities and affected systems go to CVE-2022-35942 Detail. IT Security
Vulnerabilities Affecting Multiple Juniper Products
Juniper Networks has released security updates to address vulnerabilities affecting multiple Juniper products.
Vulnerability Impacting Drupal Private Taxonomy Terms
Drupal has released a Moderately Critical security advisory to address a vulnerability in Drupal Private Taxonomy Terms. An unauthorized user could exploit this vulnerability to bypass access permissions to create, modify, and delete private vocabulary terms. For a complete description of the vulnerabilities and affected systems go to Private Taxonomy Terms - Moderately critical - Access bypass - SA-CONTRIB-2023-001.
High Vulnerability in the Open Source jsonwebtoken (JWT) Library
NIST reported a High vulnerability the open source jsonwebtoken (JWT) library. An attacker could exploit these vulnerabilities to take control of an affected system. If a malicious actor has the ability to modify the key retrieval parameter (referring to the `secretOrPublicKey` argument from the readme link of the `jwt.verify()` function, they can write arbitrary files on the host machine.