"OfferBox" App provided by i-plug inc. uses a hard-coded secret key for JWT (CWE-321). ## Impact The hard-coded secret key for JWT may be retrieved if the application binary is rever ...
Continue Reading
May 10, 2024
Gitlab reports: ReDoS in branch search when using wildcards ReDoS in markdown render pipeline Redos on Discord integrations Redos on Google Chat Integration Denial of Service Attack via Pin Menu DoS b ...
Continue Reading
May 09, 2024
The python-jwcrypto package provides Python implementations of the JSON Web Key (JWK), JSON Web Signature (JWS), JSON Web Encryption (JWE), and JSON Web Token (JWT) JOSE (JSON Object Signing and Encry ...
Continue Reading
May 08, 2024
The python-jwcrypto package provides Python implementations of the JSON Web Key (JWK), JSON Web Signature (JWS), JSON Web Encryption (JWE), and JSON Web Token (JWT) JOSE (JSON Object Signing and Encry ...
Continue Reading
May 07, 2024
The version of Atlassian Jira Service Management Data Center and Server (Jira Service Desk) running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-15248 advisory. In ...
Continue Reading
May 03, 2024
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: CyberPower Equipment: PowerPanel Vulnerabilities: Use of Hard-coded Password, Relative Path Tr ...
Continue Reading
May 02, 2024
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2097 advisory. jackson-databind: Possible DoS if using J ...
Continue Reading
May 02, 2024
The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-5f984129b2 advisory. NATS.io is a high performance open source pub-sub ...
Continue Reading
May 02, 2024
Back to Main
