Improper Removal of Sensitive Information Before Storage or Transfer in irrd

IRRd did not always filter password hashes in query responses relating to `mntner` objects and database exports. This may have allowed adversaries to retrieve some of these hashes, perform a brute-for ...

Continue Reading
This Week in Spring – March 29th, 2022

Aloha, Spring fans, from beautiful Maui, Hawaii, where I am with my family on a bit of vacation. It's our daughter's Spring break and so we're enjoying the family time while we can get it! I wanted to ...

Continue Reading
This Week in Spring – May 24th, 2022

Hi, Spring fans! I'm in Spain for business and not just a little pleasure. Yesterday, my partner, her mother, and I went to Formentera, Spain, a little island off of Ibiza, Spain. It was amazing. We'r ...

Continue Reading
Remote Code Execution (RCE)

graphql-upload is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization of file name via the `upload` function.Read More ...

Continue Reading
Constrained environment breakout. .NET Assembly exfiltration via Internet Options

![](https://www.pentestpartners.com/content/uploads/2022/05/dotNET-breakout-headline.png) It’s not uncommon for developers to find that they need to help their end users. For starter, the business r ...

Continue Reading
Graphql-Threat-Matrix – GraphQL Threat Framework Used By Security Professionals To Research Security Gaps In GraphQL Implementations

# [![](https://blogger.googleusercontent.com/img/a/AVvXsEjct_YmCLc-18AnApBUspPpG3TqJm6idF8kXXzhip6ehKOT6BfkPAmSl5giOn-9YO41mRxa2ob3NpNTpGXMABoNhKw0JstsaRZ3T1geeh-tAfUjm8ZGP37g1AXeTCjWlmatsSLJ1BcN1C4jA ...

Continue Reading
GitLab 13.10 < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.2 Unauthorized Access

According to its self-reported version, the instance of GitLab running on the remote web server is 13.10 prior to 14.4.5, 14.5.0 prior to 14.5.3, or 14.6.0 prior to 14.6.2. It is, therefore, vulnerabl ...

Continue Reading

Back to Main

Subscribe for the latest news:
Generated by Feedzy