The Knot Resolver is a DNSSEC-enabled caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core t ...
Continue Reading
October 01, 2022
github.com/bytebase/bytebase is vulnerable to privilege escalation. The vulnerability exists due to a lack of verification and validation of users allowing an attacker to access admin 'projects' at en ...
Continue Reading
October 01, 2022
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 04422df1-40d8-11ed-9be7-454b1dd82c64 advisor ...
Continue Reading
October 01, 2022
Gitlab reports: Denial of Service via cloning an issue Arbitrary PUT request as victim user through Sentry error list Content injection via External Status Checks Project maintainers can access Datado ...
Continue Reading
September 30, 2022
### Impact If the untrusted v8 cached data is passed to the API through CachedDataOptions, the attackers can bypass the sandbox and run arbitrary code in the nodejs process. There are currently no kno ...
Continue Reading
September 30, 2022
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
September 30, 2022
Multiple API endpoints of Atlassian Bitbucket Server and Data Center contain a command injection vulnerability where an attacker with access to a public Bitbucket repository, or with read permissions ...
Continue Reading
September 30, 2022
I recently recorded an episode of HTTP 203 on `DOMPoint` and `DOMMatrix`. If you'd rather watch the video version, [here it is](), but come back here for some bonus details on a silly mistake I made, ...
Continue Reading
September 30, 2022
Back to Main
