TPAS Log4Shell PoC This repository contains a Proof of Concept (PoC) for the Log4Shell vulnerability (CVE-2021-44228), developed as part of the coursework for the curricular unit TPAS in the Master&#x ...
Continue Reading
October 08, 2024
Directus is a real-time API and App dashboard for managing SQL database content. Access tokens from query strings are not redacted and are potentially exposed in system logs which may be persisted. Th ...
Continue Reading
October 08, 2024
All versions of the package ggit are vulnerable to Command Injection via the fetchTags(branch) API, which allows user input to specify the branch to be fetched and then concatenates this string along ...
Continue Reading
October 08, 2024
All versions of the package ggit are vulnerable to Arbitrary Argument Injection via the clone() API, which allows specifying the remote URL to clone and the file on disk to clone to. The library does ...
Continue Reading
October 08, 2024
In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST...Read More ...
Continue Reading
October 08, 2024
Directus is a real-time API and App dashboard for managing SQL database content. Access tokens from query strings are not redacted and are potentially exposed in system logs which may be persisted. Th ...
Continue Reading
October 08, 2024
Directus is a real-time API and App dashboard for managing SQL database content. Access tokens from query strings are not redacted and are potentially exposed in system logs which may be persisted. Th ...
Continue Reading
October 08, 2024
Directus is a real-time API and App dashboard for managing SQL database content. Access tokens from query strings are not redacted and are potentially exposed in system logs which may be persisted. Th ...
Continue Reading
October 08, 2024
Back to Main
