CVE-2024-37843

Craft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API...Read More ...

Continue Reading
This Week in Spring – June 25th, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring! As I write this I'm in beautiful Amsterdam, having visited with customers and spoken at a local Java User Group. Now I' ...

Continue Reading
HackerOne: [IDOR] Improper Access Control on Embedded Submission Form

The researcher discovered an improper access control vulnerability that allowed them to access sensitive program information for private/inactive embedded submission forms by leveraging the form' ...

Continue Reading
CVE-2024-4006 Incorrect Authorization in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 w ...

Continue Reading
10 years of the GitHub Security Bug Bounty Program

Each year, we celebrate the GitHub Security Bug Bounty program, highlighting impressive bugs and researchers, rewards, live hacking events, and more. This year, we celebrate a new milestone: 10 years ...

Continue Reading
This Week in Spring – June 11th, 2024

This Week in Spring - June 10th, 2024 Hi, Spring fans! Welcome to another installment of This Week in Spring! I'm in Paris, France, to talk to organizations using and working with Spring. Then, n ...

Continue Reading
RHEL 8 : Satellite 6.13.1 Async Security Update (Moderate) (RHSA-2023:3387)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3387 advisory. Red Hat Satellite is a system management solution th ...

Continue Reading
CVE-2024-2440

A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on a detached repository by making a GraphQL mutation to alter repository permissions while the repositor ...

Continue Reading

Back to Main

Subscribe for the latest news: