apache_airflow is vulnerable to improper authorization. A deactivated user is able to continue using the UI or the API with an already authenticated session due to the insufficient checks in `create_a ...
Continue Reading
October 11, 2022
gnutls [3.7.6-12] - fips: mark PBKDF2 with short key and output sizes non-approved - fips: only mark HMAC as approved in PBKDF2 - fips: mark gnutls_key_generate with short key sizes non-approved - fip ...
Continue Reading
October 11, 2022
JSON Web Tokens, or JWTs, are an encoded set of claims commonly seen in REST APIs and Single page web applications (SPAs). These encoded claims are used to provide identification of the requester and ...
Continue Reading
October 11, 2022
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to ins ...
Continue Reading
October 11, 2022
ZoneMinder is a free, open source Closed-circuit television software application. In affected versions the ZoneMinder API Exposes Database Log contents to user without privileges, allows insertion, mo ...
Continue Reading
October 11, 2022
This advisory contains the following OpenShift Virtualization 4.8.7 images: RHEL-8-CNV-4.8 ============== vm-import-controller-container-v4.8.7-4 ovs-cni-marker-container-v4.8.7-6 virt-cdi-apiserver-c ...
Continue Reading
October 11, 2022
ZoneMinder is a free, open source Closed-circuit television software application. In affected versions the ZoneMinder API Exposes Database Log contents to user without privileges, allows insertion, mo ...
Continue Reading
October 11, 2022
Project Loom has made it into the JDK through [JEP 425](). It's available since Java 19 in September 2022 as a preview feature. Its goal is to dramatically reduce the effort of writing, maintaining, a ...
Continue Reading
October 11, 2022
Back to Main
