A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due t ...

Continue Reading

21 августа, 2023

[]() From a user's perspective, OAuth works like magic. ...

Continue Reading

21 августа, 2023

Improper Restriction of XML External Entity Reference, XML Injection (aka Blind XPath Injection) vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy pri ...

Continue Reading

21 августа, 2023

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.35.0, pipelines do not validate child UIDs, which means that a user that has access to ...

Continue Reading

21 августа, 2023

[![](https://blogger.googleusercontent.com/img/a/AVvXsEjbqMpCBUUuH_Cebb86EAw3o01arD1MdWw1KdtOCRSkwF81E7-nCpouAZZpYj6IJCOF6T5uKeSTVMlN4gsmfXObLsJ37Dk5lk1fiQ0acqK_XK8MTP2ZIJd8sUlgLfrrsLvzuM3ur23Sx8lf_VB ...

Continue Reading

20 августа, 2023

Read More ...

Continue Reading

20 августа, 2023

Welcome to the 5th post in our weekly series on the new [2023 OWASP API Security Top-10]() list, with a particular focus on security practitioners. This post will focus on [API4:2023 Unrestricted Reso ...

Continue Reading

19 августа, 2023

[]() Cybersecurity researchers have detailed an updated version of an advanced fi ...

Continue Reading

19 августа, 2023