An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6.50 before 2.11.0, where Authorization headers was leaked in vulnerability report evidence.Read More ...
Continue Reading
March 28, 2023
discordrb is an implementation of the Discord API using Ruby. In discordrb before commit `91e13043ffa` the `encoder.rb` file unsafely constructs a shell string using the file parameter, which can pote ...
Continue Reading
March 28, 2023
### Impact Due to a missing permissions check, an attacker with an authenticated Apiman Manager account may be able to gain access to API keys they do not have permission for if they correctly guess t ...
Continue Reading
March 27, 2023
Apiman is a flexible and open source API Management platform. Due to a missing permissions check, an attacker with an authenticated Apiman Manager account may be able to gain access to API keys they d ...
Continue Reading
March 27, 2023
### Impact Due to a missing permissions check, an attacker with an authenticated Apiman Manager account may be able to gain access to API keys they do not have permission for if they correctly guess t ...
Continue Reading
March 27, 2023
Post ContentRead More ...
Continue Reading
March 27, 2023
Post ContentRead More ...
Continue Reading
March 27, 2023
### Impact A malicious invalid input crashes a tensorflow model (Check Failed) and can be used to trigger a denial of service attack. To minimize the bug, we built a simple single-layer TensorFlow mod ...
Continue Reading
March 27, 2023
Back to Main
