The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. NATS Server 2.x before 2.2.0 and JWT library before 2.0.1 have I ...
Continue Reading
September 02, 2025
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. Perl Crypt::JWT prior to 0.023 is affected by: Incorrect Access ...
Continue Reading
September 02, 2025
The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. An unauthenticated remote attacker can generate valid HS256 tokens and bypass authentication/authorizatio ...
Continue Reading
September 02, 2025
The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. An unauthenticated remote attacker can generate valid HS256 tokens and bypass authentication/authorizatio ...
Continue Reading
September 02, 2025
Name of the Vulnerable Software and Affected Versions: Payload versions prior to 3.44.0 Description: A session fixation issue existed in Payload's SQLite adapter due to identifier reuse during ac ...
Continue Reading
September 02, 2025
Name of the Vulnerable Software and Affected Versions: Payload versions prior to 3.44.0 Description: Payload utilizes JSON Web Tokens (JWT) for authentication. Following a user logout, the JWT is not ...
Continue Reading
September 02, 2025
jwe is vulnerable to Brute-force Attack. The vulnerability is due to insufficient validation of JWE authentication tags, which allows an attacker to brute force tags, recover the GCM GHASH key, and cr ...
Continue Reading
September 02, 2025
This Metasploit module executes a payload within a Kubernetes...Read More ...
Continue Reading
September 02, 2025
Back to Main
