API - CVE CyberSecurity Database News (Page 241)

Nov 9, 2023 API Exploit Harbor Project

CVE-2023-20902 - Timing Attack in Harbor Allows Unauthorized Job Task Actions

TL;DR: CVE-2023-20902 is a significant security vulnerability found in various Harbor versions, including 2.6.x and older, 2.7.2 and older, 2.

Nov 8, 2023 API Java Red Hat Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9

CVE-2023-4061 - Exploiting Wildfly-Core’s resolve-expression Flaw For Sensitive Information Disclosure

In August 2023, a serious vulnerability (CVE-2023-4061) was disclosed in Wildfly-Core, an important management framework used in many enterprise Java applications. This vulnerability, if left

Nov 7, 2023 RCE Windows API Exploit SQL Veeam One

CVE-2023-38547 - How Attackers Can Use Veeam ONE’s SQL Server Info Leak for RCE

Veeam ONE is a popular monitoring and reporting solution for backup infrastructures—used worldwide by many companies. But in June 2023, a serious security hole,

Nov 7, 2023 Windows Microsoft API Exploit Microsoft Edge (Chromium-based)

CVE-2023-36409 - Inside the Microsoft Edge Chromium-Based Information Disclosure Vulnerability

In the fast-moving world of browsers, Microsoft Edge—now running on Chromium—has become a go-to for Windows users. But like all software, it isn’

Nov 6, 2023 API Exploit GitLab

CVE-2023-4700: GitLab EE Authorization Issue Allows Users to Bypass Required Approvals in Jobs and Run in Protected Environments

A critical authorization issue, tagged as CVE-2023-4700, affects GitLab EE and may allow users, without any required permissions, to run jobs within protected environments. This