It was observed that while login into Business-central console, HTTP request discloses sensitive information like username and password when intercepted using some tool like burp…

Sensitive information can be obtained through the handling of serialized data. The issue results from the lack of proper authentication required to query the server…

A flaw was found in darkhttpd. Invalid error handling allows remote attackers to cause denial-of-service by accessing a file with a large modification date. The…

It was found in OpenShift Container Platform 4 that ignition config, served by the Machine Config Server, can be accessed externally from clusters without authentication.…

It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 (https://access.redhat.com/errata/RHSA-2020:4676) erratum released as part of Red Hat Enterprise Linux 8.3 failed…

Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control Builder Safe, Compact Product Suite – Control and I/O, ABB Base Software…

A command injection vulerability found in quick game engine allows arbitrary remote code in quick app. Allows remote attacke0rs to gain arbitrary code execution in…

The vulnerability exists due to insufficient validation of input of certain resources within the IPM software. This issue affects: Intelligent Power Manager (IPM 1) versions…

The vulnerability exists due to insufficient validation of input from certain resources by the IPP software. The attacker would need access to the local Subnet…

Improper cleaning of secure memory between authenticated users can lead to face authentication bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon…