K000138679 : GoLang vulnerabilities CVE-2023-24540, CVE-2023-29400, and CVE-2023-29403

Security Advisory Description CVE-2023-24540 Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set & ...

Continue Reading

February 21, 2024

CVE-2024-1547

The Mozilla Foundation Security Advisory describes this flaw as: Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the ...

Continue Reading

February 21, 2024

How to stay safe from repo-jacking

“Repo-jacking” is a type of supply chain attack that has received attention for its potential impact on open source software. In this blog post, I’ll explain what repo-jacking is and what you ca ...

Continue Reading

February 21, 2024

Ivanti Connect Secure Unauthenticated Remote Code Execution

...Read More ...

Continue Reading

February 21, 2024

Data Matters ? Empowering Threat Hunters to Reduce API Risk

...Read More ...

Continue Reading

February 21, 2024

CVE-2022-45177

An issue was discovered in LIVEBOX Collaboration vDesk through v031. An Observable Response Discrepancy can occur under the /api/v1/vdeskintegration/user/isenableuser endpoint, the /api/v1/sharedsearc ...

Continue Reading

February 21, 2024

CVE-2023-46241

discourse-microsoft-auth is a plugin that enables authentication via Microsoft. On sites with the discourse-microsoft-auth plugin enabled, an attack can potentially take control of a victim's Dis ...

Continue Reading

February 21, 2024

CVE-2022-45179

An issue was discovered in LIVEBOX Collaboration vDesk through v031. A basic XSS vulnerability exists under the /api/v1/vdeskintegration/todo/createorupdate endpoint via the title parameter and /dashb ...

Continue Reading

February 21, 2024

1 8,459 8,460 8,461 8,462 8,463 9,321

Back to Main
Subscribe for the latest news: