Exploit for Authentication Bypass by Spoofing in Python-Jwt Project Python-Jwt

# CVE-2022-39227 CVE-2022-39227 : Proof of Concept Proof of co...Read More ...

Continue Reading

June 07, 2023

CVSS3 - CRITICAL

CVSS2 - MEDIUM

PocketMine-MP vulnerable to server crash with certain invalid JSON payloads in `LoginPacket` due to vulnerable dependency

### Impact An attacker could crash the server by sending malformed JWT JSON in `LoginPacket` due to a security vulnerability in [`netresearch/jsonmapper`](https://github.com/cweiske/JsonMapper), due t ...

Continue Reading

June 06, 2023

PocketMine-MP vulnerable to server crash with certain invalid JSON payloads in `LoginPacket` due to vulnerable dependency

### Impact An attacker could crash the server by sending malformed JWT JSON in `LoginPacket` due to a security vulnerability in [`netresearch/jsonmapper`](https://github.com/cweiske/JsonMapper), due t ...

Continue Reading

June 06, 2023

Moxa MXsecurity Series Hard-coded JWT Key Authentication Bypass (CVE-2023-33236)

The Moxa MXsecurity Series running on the remote host uses a hard-coded JWT key. An unauthenticated, remote attacker can exploit this, via a specially crafted message, to bypass authentication to perf ...

Continue Reading

June 05, 2023

Pydio Cells 4.1.2 – Unauthorised Role Assignments

Post ContentRead More ...

Continue Reading

June 01, 2023

Pydio Cells 4.1.2 – Cross-Site Scripting (XSS) via File Download

Post ContentRead More ...

Continue Reading

June 01, 2023

Pydio Cells 4.1.2 – Server-Side Request Forgery

Post ContentRead More ...

Continue Reading

June 01, 2023

CVE-2023-34088

Collabora Online is a collaborative online office suite. A stored cross-site scripting (XSS) vulnerability was found in Collabora Online prior to versions 22.05.13, 21.11.9.1, and 6.4.27. An attacker ...

Continue Reading

May 31, 2023

1 2 3 35

Back to Main
Subscribe for the latest news: