### Impact The secret file stores the user's Planet API authentication information. It should only be accessible by the user, but its permissions allowed the user's group and non-group to read the fil ...
Continue Reading
May 12, 2023
### Impact The secret file stores the user's Planet API authentication information. It should only be accessible by the user, but its permissions allowed the user's group and non-group to read the fil ...
Continue Reading
May 12, 2023
 Today, Talos is publishing a glimpse into the most prevalent threats we've observe ...
Continue Reading
May 12, 2023
### Impact LeaseTimeToLive API allows access to key names (not value) associated to a lease when `Keys` parameter is true, even a user doesn't have read permission to the keys. The impact is limited t ...
Continue Reading
May 12, 2023
[]() In today's interconnected world, where organisations regularly exchange sens ...
Continue Reading
May 12, 2023
in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from dir ...
Continue Reading
May 12, 2023
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
May 12, 2023
drupal/core is vulnerable to Access Control Bypass. The API was not integrated with existing permission controls, resulting in access bypass for users who have access to revisions of content, but not ...
Continue Reading
May 12, 2023
Back to Main
