Homepage is a highly customizable homepage with Docker and service API integrations. The default setup of homepage 0.9.1 is vulnerable to DNS rebinding. Homepage is setup without certificate and authe ...
Continue Reading
August 23, 2024
Homepage is a highly customizable homepage with Docker and service API integrations. The default setup of homepage 0.9.1 is vulnerable to DNS rebinding. Homepage is setup without certificate and authe ...
Continue Reading
August 23, 2024
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrus ...
Continue Reading
August 23, 2024
authentik is an open-source Identity Provider. Several API endpoints can be accessed by users without correct authentication/authorization. The main API endpoints affected by this are /api/v3/crypto/c ...
Continue Reading
August 23, 2024
Logging is a long established part of troubleshooting applications and one of the three pillars of observability, next to metrics and traces. No one likes flying blind in production, and when incident ...
Continue Reading
August 23, 2024
TL;DR Rooting is useful for Android assessments The process is relatively simple It will wipe all user data from the device and void any warranty Introduction For mobile testing, be it for apps or h ...
Continue Reading
August 23, 2024
Security Advisory Description Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling (HRS) vulnerabilities. By crafting requests with conflicting Transfer-Enc ...
Continue Reading
August 23, 2024
Summary IBM Concert Software uses multiple open source libraries which are susceptible to various security vulnerabilities. Vulnerability Details ** CVEID: CVE-2015-5739 DESCRIPTION: **Go is vulnerab ...
Continue Reading
August 22, 2024
Back to Main
