CVE-2024-5798

Vault and Vault Enterprise did not properly validate the JSON Web Token (JWT) role-bound audience claim when using the Vault JWT auth method. This may have resulted in Vault validating a JWT the audie ...

Continue Reading

June 12, 2024

CVE-2024-29849: Veeam discloses Critical Vulnerability that allows attackers to bypass user authentication on its Backup Enterprise Manager web interface

On May 21, 2024, Veeam revealed a severe flaw across its Veeam Backup Enterprise Manager (VBEM) web interface that enables an unauthenticated attacker to log into the web interface as any user. Offici ...

Continue Reading

June 11, 2024

CVE-2024-29855

Hard-coded JWT secret allows authentication bypass in Veeam Recovery...Read More ...

Continue Reading

June 11, 2024

CVE-2024-29855

Hard-coded JWT secret allows authentication bypass in Veeam Recovery...Read More ...

Continue Reading

June 11, 2024

CVE-2024-29855

Hard-coded JWT secret allows authentication bypass in Veeam Recovery...Read More ...

Continue Reading

June 11, 2024

Authentication Bypass By Spoofing

github.com/openshift/telemeter/ is vulnerable to Authentication Bypass By Spoofing. The vulnerability is due to improper checks which allows an attacker to bypass the issue ("iss") c ...

Continue Reading

June 11, 2024

Authentication Bypass By Spoofing

github.com/kubernetes/kubernetes/ is vulnerable to Authentication Bypass By Spoofing. The vulnerability is due to improper issuers check which allows an attacker to bypass the issue ("iss& ...

Continue Reading

June 11, 2024

RHEL 8 : python-jwt (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. python-jwt: Key con ...

Continue Reading

June 09, 2024

1 32 33 34 35 36 187

Back to Main
Subscribe for the latest news: