CVE-2022-2258
In affected versions of Octopus Deploy it is possible for a user to view Tagsets without being explicitly assigned permissions to view these items Read...
USN-5943-1: Thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could...
DSA-5372 rails – security update
Multiple vulnerabilities were discovered in rails, the Ruby based server-side MVC web application framework, which could result in XSS, data disclosure and open redirect. Read...
CVE-2016-15028
A vulnerability was found in ICEPAY REST-API-NET 0.9. It has been declared as problematic. Affected by this vulnerability is the function RestClient of the file...
CVE-2021-46875
An issue was discovered in eZ Platform Ibexa Kernel before 1.3.1.1. An XSS attack can occur because JavaScript code can be uploaded in a .html...
CVE-2021-46876
An issue was discovered in eZ Publish Ibexa Kernel before 7.5.15.1. The /user/sessions endpoint can be abused to determine account existence. Read More
Full Disclosure – Fastly
Posted by Andrey Stoykov on Mar 11 Correspondence from Fastly declined to comment regarding new discovered vulnerabilities within their website. Poor practices regarding password changes....
Full Disclosure – Shopify Application
Posted by Andrey Stoykov on Mar 11 Correspondence from Shopify declined to comment regarding new discovered vulnerabilities within their website. Although 'frontend' vulnerabilities are considered...
CVE-2013-10021
A vulnerability was found in dd32 Debug Bar Plugin up to 0.8. It has been declared as problematic. Affected by this vulnerability is the function...
CVE-2020-5002
IBM Financial Transaction Manager 3.2.0 through 3.2.10 could allow an authenticated user to perform unauthorized actions due to improper validation. IBM X-Force ID: 192954. Read...