The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.6.8 due to incorrect implementation of get_items_ ...
Continue Reading
June 07, 2024
CyberPower PowerPanel business application code contains a hard-coded JWT signing key. This could result in an attacker forging JWT tokens to bypass...Read More ...
Continue Reading
June 06, 2024
'OfferBox' App for Android versions 2.0.0 to 2.3.17 and 'OfferBox' App for iOS versions 2.1.7 to 2.6.14 use a hard-coded secret key for JWT. Secret key for JWT may be retrieved if ...
Continue Reading
June 06, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.6.8 due to incorrect implementation of get_items_ ...
Continue Reading
June 06, 2024
A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue ("iss") check during JSON web token (JWT).. ...
Continue Reading
June 06, 2024
An attacker with access to the private network (the charger is connected to) or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the pas ...
Continue Reading
June 06, 2024
An attacker with access to the private network (the charger is connected to) or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the pas ...
Continue Reading
June 06, 2024
An attacker with access to the private network (the charger is connected to) or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the pas ...
Continue Reading
June 06, 2024
Back to Main
