YApi mongo Injection Vulnerability Alert
novembro 12, 2022
Overview Recently, NSFOCUS CERT detected that an open source API interface management platform YApi mongo injection vulnerability was publicly released on the Internet. Due to the splicing of a certain function in YApi, MongoDB injection can be realized. Unauthenticated remote attackers can exploit this vulnerability to obtain the user token (including necessary parameters such as […]
Advisory: Open-Source Compression Library Libarchive Code Execution Vulnerability (CVE-2019-18408)
novembro 19, 2019
Overview
Recently, a code execution vulnerability (CVE-2019-18408) was disclosed in the security update of Debian, Ubuntu, Gentoo and other distributions. (mais…)
