Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4T. Russian cybersecurity company Kaspersky said it discovere ...
Continue Reading
April 19, 2024
Airflow versions 2.7.0 through 2.8.4 have a vulnerability that allows an authenticated user to see sensitive provider configuration via the "configuration" UI page when "no ...
Continue Reading
April 19, 2024
Airflow versions 2.7.0 through 2.8.4 have a vulnerability that allows an authenticated user to see sensitive provider configuration via the "configuration" UI page when "no ...
Continue Reading
April 19, 2024
Tolgee is an open-source localization platform. When API key created by admin user is used it bypasses the permission check at all. This error was introduced in v3.57.2 and immediately fixed in...Read ...
Continue Reading
April 19, 2024
Tolgee is an open-source localization platform. For the /v2/projects/translations and /v2/projects/{projectId}/translations endpoints, translation data was returned even when API key was missing trans ...
Continue Reading
April 19, 2024
...Read More ...
Continue Reading
April 19, 2024
An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateIntern ...
Continue Reading
April 18, 2024
源码中密码校验处使用 != 符号,而不是hmac.Equal,这可能导致产生计时攻击漏洞,从而爆破密码。 建议使用 hmac.Equal...Read More ...
Continue Reading
April 18, 2024
Back to Main
