CVE-2021-28648

Trend Micro Antivirus for Mac 2020 v10.5 and 2021 v11 Consumer is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application. Please note that an...

CVE-2021-21298

Node-Red is a low-code programming for event-driven applications built using nodejs. Node-RED 1.2.7 and earlier has a vulnerability which allows arbitrary path traversal via the Projects API. If the Projects feature is enabled, a user with projects.read permission is able to access any file via t...

Recent enhancements for Microsoft Power Platform governance

An emerging trend in digital transformation efforts has been the rise of low-code development platforms. Of course, these low-code platforms must be grounded in best-of-breed governance capabilities which include security and compliance features. Without strong governance, the full benefits of...

Recent enhancements for Microsoft Power Platform governance

An emerging trend in digital transformation efforts has been the rise of low-code development platforms. Of course, these low-code platforms must be grounded in best-of-breed governance capabilities which include security and compliance features. Without strong governance, the full benefits of...

Beijing Guo Torch Information Technology Co. jeecg-boot suffers from SQL injection vulnerability (CNVD-2020-59429)

JeecgBoot is a low-code BPM-based platform. A SQL injection vulnerability exists in Beijing Guo Torch Information Technology Co. jeecg-boot, which can be exploited by an attacker to obtain sensitive information from a database...

Beijing Guo Torch Information Technology Co. jeecg-boot suffers from SQL injection vulnerability (CNVD-2020-59430)

JeecgBoot is a low-code BPM-based platform. A SQL injection vulnerability exists in Beijing Guo Torch Information Technology Co. jeecg-boot, which can be exploited by an attacker to obtain sensitive information from a database...