Connect with us
Older versions of the Spotify Backstage development portal builder are vulnerable to a critical (CVSS score: 9.8) unauthenticated remote code execution flaw allowing attackers to run...
A prototype pollution vulnerability that could lead to remote code execution (RCE) in Parse Server has been patched. An attacker could potentially trigger RCE through the...
The REST API of Plesk was vulnerable to client-side request forgery (CSRF), which could lead to multiple potential attacks, including malicious file upload and the takeover of the...
Analysts at Orca Security have found a critical vulnerability affecting Azure Cosmos DB that allowed unauthenticated read and write access to containers. Named CosMiss, the security...
A much-anticipated security update from OpenSSL landed today (November 1) but its impact appears to be considerably less than developers initially feared. OpenSSL 3.0.7 tackles two vulnerabilities...
VMware released security updates to address the CVE-2021-39144 flaw reported by Sina Kheirkhah of MDSec and Steven Seeley of Source Incite on Tuesday. Additionally, because of the severity...
VMWare has patched a critical vulnerability in the management service for NSX, its network virtualization and security platform. The vulnerability, caused by an old deserialization bug...
VMware has released security updates today to fix a critical vulnerability in VMware Cloud Foundation, a hybrid cloud platform for running enterprise apps in private or...
Melis Platform, the open source e-commerce and content management system (CMS), was vulnerable to remote code execution (RCE) via a critical deserialization vulnerability. Tracked as CVE-2022-39297 and with a CVSS score of...
Security researchers have discovered a serious vulnerability in HyperSQL DataBase (HSQLDB) that poses a remote code execution (RCE) risk. HSQLDB offers a Java-based SQL relational database...
Recent Comments