CVE-2025-58468

A cross-site request forgery CSRF vulnerability has been reported to affect Notification Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: Notification Center 1.10.0.3291...

CVE-2022-36065 GrowthBook account creation and file upload vulnerability in self-hosted configurations

GrowthBook is an open-source platform for feature flagging and A/B testing. With some self-hosted configurations in versions prior to 2022-08-29, attackers can register new accounts and upload files to arbitrary directories within the container. If the attacker uploads a Python script to the righ...

CVE-2022-36065 GrowthBook account creation and file upload vulnerability in self-hosted configurations

GrowthBook is an open-source platform for feature flagging and A/B testing. With some self-hosted configurations in versions prior to 2022-08-29, attackers can register new accounts and upload files to arbitrary directories within the container. If the attacker uploads a Python script to the righ...

About the security content of Security Update 2019-002 High Sierra and Security Update 2019-002 Sierra - Apple Support

Install the latest build for your version of macOS Security Update 2019-002 for macOS High Sierra and macOS Sierra has been updated. If your Mac is running macOS High Sierra or macOS Sierra, please update your Mac to use the latest build number for your version of macOS: The latest build number f...

H2O vulnerable to directory traversal

Overview H2O is an open source web server software. H2O contains an issue in processing URL, which may result in a directory traversal CWE-22 vulnerability. Yusuke OSUMI reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...