The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-66966ae3d0 advisory. A malicious HTTP/2 client which rapidly creates r ...
Continue Reading
December 15, 2023
Summary The json-web-token library is vulnerable to a JWT algorithm confusion attack. Details On line 86 of the 'index.js' file, the algorithm to use for verifying the signature of the JWT t ...
Continue Reading
December 15, 2023
NextAuth.js provides authentication for Next.js. next-auth applications prior to version 4.24.5 that rely on the default Middleware authorization are affected by a vulnerability. A bad actor could cre ...
Continue Reading
December 15, 2023
[]() While application development has evolved rapidly, the API man ...
Continue Reading
December 15, 2023
A hard-coded cryptographic private key used to sign JWT authentication tokens in ProLion CryptoSpike 3.0.15P2 allows remote attackers to impersonate arbitrary users and roles in web management and RES ...
Continue Reading
December 15, 2023
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-6420 advisory. Grafana is an open-source platform for monitoring an ...
Continue Reading
December 15, 2023
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-6420 advisory. Grafana is an open-source platform for monitoring an ...
Continue Reading
December 15, 2023
Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the applicatio ...
Continue Reading
December 15, 2023
Back to Main
