The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5485 advisory. - Versions of the package semver before 7 ...
Continue Reading
December 15, 2023
The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-6b89bc0305 advisory. Contains updates to address CVE-2022-{28357,41717} and also ...
Continue Reading
December 15, 2023
Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the applicatio ...
Continue Reading
December 15, 2023
Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the applicatio ...
Continue Reading
December 15, 2023
An Insecure Permissions issue in WebsiteGuide v.0.2 allows a remote attacker to gain escalated privileges via crafted jwt (JSON web...Read More ...
Continue Reading
December 15, 2023
Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the applicatio ...
Continue Reading
December 15, 2023
The [2023 SANS Survey on API Security]() (Jun-2023) found that less than 50 percent of respondents have API security testing tools in place. Even fewer (29 percent) have API discovery tools. Wallarm d ...
Continue Reading
December 15, 2023
next-auth is vulnerable to Improper Authorization. A malicious actor could create an empty/mock user by getting hold of a NextAuth.js-issued JWT from an interrupted OAuth sign-in flow (state, PKCE or ...
Continue Reading
December 15, 2023
Back to Main
