Category Archives: Advisories

CVE-2020-12507

Read Time:10 Second

In s::can moni::tools before version 4.2 an authenticated attacker could get full access to the database through SQL injection. This may result in loss of confidentiality, loss of integrity and DoS.

Read More

USN-5625-2: Mako vulnerability

Read Time:13 Second

USN-5625-1 fixed a vulnerability in Mako. This update provides the corresponding update for
Ubuntu 22.10.

Original advisory details:

It was discovered that Mako incorrectly handled certain regular expressions.
An attacker could possibly use this issue to cause a denial of service.

Read More

SEC Consult SA-20221114-0 :: Path Traversal Vulnerability in Payara Platform

Read Time:19 Second

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Nov 15

SEC Consult Vulnerability Lab Security Advisory < 20221114-0 >
=======================================================================
title: Path Traversal Vulnerability
product: Payara Platform
vulnerable version: Enterprise: <5.45.0
Community: <6.2022.1, <5.2022.4, <4.1.2.191.38
fixed version: Enterprise: 5.45.0
Community: 6.2022.1, 5.2022.4,…

Read More

SEC Consult SA-20221110-0 :: HTML Injection in BMC Remedy ITSM-Suite

Read Time:19 Second

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Nov 15

SEC Consult Vulnerability Lab Security Advisory < 20221110-0 >
=======================================================================
title: HTML Injection
product: BMC Remedy ITSM-Suite
vulnerable version: 9.1.10 (= 20.02 in new versioning scheme)
fixed version: 22.1
CVE number: CVE-2022-26088
impact: Low
homepage: https://www.bmc.com/it-solutions/remedy-itsm.html

Read More