CVE-2023-36456

authentik is an open-source Identity Provider. Prior to versions 2023.4.3 and 2023.5.5, authentik does not verify the source of the X-Forwarded-For and X-Real-IP headers, both in the Python code and t ...

Continue Reading

July 07, 2023

CVE-2023-36461

Mastodon is a free, open-source social network server based on ActivityPub. When performing outgoing HTTP queries, Mastodon sets a timeout on individual read operations. Prior to versions 3.5.9, 4.0.5 ...

Continue Reading

July 07, 2023

CVE-2023-3531

Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to...Read More ...

Continue Reading

July 07, 2023

CVE-2023-35934

yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different ho ...

Continue Reading

July 07, 2023

CVE-2023-30195

In the module "Detailed Order" (lgdetailedorder) in version up to 1.1.20 from Linea Grafica for PrestaShop, a guest can download personal informations without restriction formatted i ...

Continue Reading

July 07, 2023

CVE-2023-36462

Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 2.6.0 and prior to versions 3.5.9, 4.0.5, and 4.1.3, an attacker can craft a verified profile link using ...

Continue Reading

July 07, 2023

CVE-2023-29824

A use-after-free issue was discovered in Py_FindObjects() function in SciPy versions prior to 1.8.0.Read More ...

Continue Reading

July 07, 2023

CVE-2023-33868

The number of login attempts is not limited. This could allow an attacker to perform a brute force on HTTP basic...Read More ...

Continue Reading

July 07, 2023

1 476 477 478 479 480 3,551

Back to Main
Subscribe for the latest news: