CVE-2024-28238

Directus is a real-time API and App dashboard for managing SQL database content. When reaching the /files page, a JWT is passed via GET request. Inclusion of session tokens in URLs poses a security ri ...

Continue Reading

May 23, 2025

CVE-2024-28238

Directus is a real-time API and App dashboard for managing SQL database content. When reaching the /files page, a JWT is passed via GET request. Inclusion of session tokens in URLs poses a security ri ...

Continue Reading

May 23, 2025

CVE-2024-33531

cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all JWT-parsing signature checks by crafting a JWT with an enc header with the value...Read More ...

Continue Reading

May 23, 2025

CVE-2024-28238

Directus is a real-time API and App dashboard for managing SQL database content. When reaching the /files page, a JWT is passed via GET request. Inclusion of session tokens in URLs poses a security ri ...

Continue Reading

May 23, 2025

CVE-2024-54150

cjwt is a C JSON Web Token (JWT) Implementation. Algorithm confusion occurs when a system improperly verifies the type of signature used, allowing attackers to exploit the lack of distinction between ...

Continue Reading

May 23, 2025

CVE-2023-48176

An Insecure Permissions issue in WebsiteGuide v.0.2 allows a remote attacker to gain escalated privileges via crafted jwt (JSON web...Read More ...

Continue Reading

May 23, 2025

CVE-2024-54150

cjwt is a C JSON Web Token (JWT) Implementation. Algorithm confusion occurs when a system improperly verifies the type of signature used, allowing attackers to exploit the lack of distinction between ...

Continue Reading

May 23, 2025

CVE-2023-48176

An Insecure Permissions issue in WebsiteGuide v.0.2 allows a remote attacker to gain escalated privileges via crafted jwt (JSON web...Read More ...

Continue Reading

May 23, 2025

1 195 196 197 198 199 551

Back to Main
Subscribe for the latest news: