A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due t ...
Continue Reading21 августа, 2023
[![Investigate an OAuth Grant](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=)]() From a user's perspective, OAuth works like magic. ...
Continue Reading21 августа, 2023
Improper Restriction of XML External Entity Reference, XML Injection (aka Blind XPath Injection) vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy pri ...
Continue Reading21 августа, 2023
Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.35.0, pipelines do not validate child UIDs, which means that a user that has access to ...
Continue Reading21 августа, 2023
[![](https://blogger.googleusercontent.com/img/a/AVvXsEjbqMpCBUUuH_Cebb86EAw3o01arD1MdWw1KdtOCRSkwF81E7-nCpouAZZpYj6IJCOF6T5uKeSTVMlN4gsmfXObLsJ37Dk5lk1fiQ0acqK_XK8MTP2ZIJd8sUlgLfrrsLvzuM3ur23Sx8lf_VB ...
Continue Reading20 августа, 2023
Welcome to the 5th post in our weekly series on the new [2023 OWASP API Security Top-10]() list, with a particular focus on security practitioners. This post will focus on [API4:2023 Unrestricted Reso ...
Continue Reading19 августа, 2023
[![](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=)]() Cybersecurity researchers have detailed an updated version of an advanced fi ...
Continue Reading19 августа, 2023
Back to Main