Impact SAP BTP Security Services Integration Library ([Java] cloud-security-services-integration-library) allows under certain conditions an escalation of privileges. On successful exploitation, an un ...
Continue Reading
December 15, 2023
Impact SAP BTP Security Services Integration Library ([Java] cloud-security-services-integration-library) allows under certain conditions an escalation of privileges. On successful exploitation, an un ...
Continue Reading
December 15, 2023
A vulnerability, which was classified as critical, was found in Thecosy IceCMS 2.0.1. Affected is an unknown function of the file /article/DelectArticleById/ of the component Article Handler. The mani ...
Continue Reading
December 15, 2023
## Summary Operations Dashboard is vulnerable to remote code execution, privilege escalation, and denial of service due to multiple Go vulnerabilities with details below (CVE-2023-29405, CVE-2023-2940 ...
Continue Reading
August 29, 2023
An issue in Konga v0.14.9 allows attackers to bypass authentication via a crafted JWT token.Read More ...
Continue Reading
August 27, 2023
Dispatch is an open source security incident management tool. The server response includes the JWT Secret Key used for signing JWT tokens in error message when the `Dispatch Plugin - Basic Authenticat ...
Continue Reading
August 27, 2023
In Spring Security 5, we saw many developments in the OAuth2 story with the introduction of OAuth2 Resource Server and OAuth2 Client into the framework. Today, it is quite convenient to develop applic ...
Continue Reading
August 23, 2023
Although [X.509]() certificates have been here for a while, they have become more popular for client authentication in zero-trust networks in recent years. Mutual TLS, or authentication based on X.509 ...
Continue Reading
August 18, 2023
Back to Main
