SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. The `spicedb serve` command contains a flag named `--grpc-pres ...
Continue Reading
May 01, 2023
An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Attackers may have been able to obtain sensitive access-token data fro ...
Continue Reading
May 01, 2023
An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. Attackers may have been able to obtain sensitive access-token data fro ...
Continue Reading
May 01, 2023
An OS Command Injection vulnerability in gRPC Network Operations Interface (gNOI) server module of Juniper Networks Junos OS Evolved allows an authenticated, low privileged, network based attacker to ...
Continue Reading
May 01, 2023
github.com/authzed/spicedb is vulnerable to Information Disclosure. The vulnerability exists in the `MetricsHandler` function in `defaults.go` because it exposes the `--grpc-preshared-key` flag in the ...
Continue Reading
May 01, 2023
## Security Advisory 0086 _._CSAF PDF #### Date: April 25, 2023 Revision | Date | Changes ---|---|--- 1.0 | April 25, 2023 | Initial release The CVE-ID tracking this issue: CVE-2023-24512 CVSSv3.1 ...
Continue Reading
May 01, 2023
ESPv2 is a service proxy that provides API management capabilities using Google Service Infrastructure. ESPv2 2.20.0 through 2.42.0 contains an authentication bypass vulnerability. API clients can cra ...
Continue Reading
May 01, 2023
Kotlin is a beautiful language that makes it trivial to take old Java libraries and make them much more concise, just by virtue of the Kotlin syntax itself. It shines, however, when you write DSLs. He ...
Continue Reading
March 16, 2023
Back to Main
