GO-2022-0386

Import tokens valid for one account may be used for any other account. Validation of Import token bindings incorrectly warns on mismatches, rather than rejecting the Goken. This permits a token for on ...

Continue Reading

July 01, 2022

GO-2022-0187

The ScalarMult implementation of curve P-256 for amd64 architectures generates incorrect results for certain specific input points. An adaptive attack can progressively extract the scalar input to Sca ...

Continue Reading

July 01, 2022

GO-2022-0402

A malicious account can create and sign a User JWT which causes a panic when decoded by the NATS JWT library.Read More ...

Continue Reading

July 01, 2022

GO-2022-0385

The AuthenticateMethod authentication hook is not called for WebSocket connections, allowing unauthenticated access. This issue only affects WebSockets with an AuthenticateMethod hook. Request handler ...

Continue Reading

July 01, 2022

CVE-2022-32412

An issue in the /template/edit component of HongCMS v3.0 allows attackers to getshell.Read More ...

Continue Reading

July 01, 2022

CVE-2022-32325

JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at jpegoptim.c.Read More ...

Continue Reading

July 01, 2022

CVE-2022-32411

An issue in the languages config file of HongCMS v3.0 allows attackers to getshell.Read More ...

Continue Reading

July 01, 2022

CVE-2022-34903

GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery v ...

Continue Reading

July 01, 2022

1 99,245 99,246 99,247 99,248 99,249 101,951

Back to Main
Subscribe for the latest news: