Pydio Cells 4.1.2 Server-Side Request Forgery

Post ContentRead More ...

Continue Reading

May 30, 2023

Pydio Cells 4.1.2 Privilege Escalation

Post ContentRead More ...

Continue Reading

May 30, 2023

Pydio Cells 4.1.2 Cross Site Scripting

Post ContentRead More ...

Continue Reading

May 30, 2023

CVE-2021-3509

A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component. In response to CVE-2020-27839, the JWT token was moved from localStorage to an httpOnly cookie. However, token cookies are used ...

Continue Reading

May 25, 2023

CVE-2021-29157

Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location ...

Continue Reading

May 25, 2023

CVE-2020-26160

jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m["aud"] (which is allowed by the specification). Because the type assertion fail ...

Continue Reading

May 25, 2023

CVE-2022-29217

PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the JWT token can choose the used signing algorithm. The PyJWT ...

Continue Reading

May 25, 2023

Moxa MXsecurity Series Hardcoded JWT Key Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Moxa MXsecurity Series appliances. Authentication is not required to exploit this vulnerability. The sp ...

Continue Reading

May 24, 2023

1 152 153 154 155 156 187

Back to Main
Subscribe for the latest news: