Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to a denial of service attack due to Connect2id Nimbus-JOSE-JWT (CVE-2023-52428)

Summary Integrated File Agent used by IBM Sterling Connect:Direct for Microsoft Windows uses Connect2id Nimbus-JOSE-JWT. This bulletin identifies the steps to take to address the vulnerability. Vulner ...

Continue Reading

March 28, 2024

CVE-2024-28255

OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The JwtFilter handles the A ...

Continue Reading

March 28, 2024

Token Exchange support in Spring Security 6.3.0-M3

I'm excited to share that the there will be support for the OAuth 2.0 Token Exchange Grant (RFC 8693) in Spring Security 6.3, which is available for preview now in the latest milestone (6.3.0-M3) ...

Continue Reading

March 28, 2024

Missing Authorization Check

djangorestframework_simplejwt is vulnerable to Missing Authorization Check. The vulnerability is due to the for_user() function which fails to check if a user is active before generation. Django' ...

Continue Reading

March 28, 2024

Sharepoint Dynamic Proxy Generator Remote Command Execution

...Read More ...

Continue Reading

March 28, 2024

Sharepoint Dynamic Proxy Generator Remote Command Execution Exploit

This Metasploit module exploits two vulnerabilities in Sharepoint 2019 - an authentication bypass as noted in CVE-2023-29357 which was patched in June of 2023 and CVE-2023-24955 which was a remote com ...

Continue Reading

March 28, 2024

GHSA-C8V6-786G-VJX6 vulnerabilities

Vulnerabilities for packages: ruby3.2-json-jwt,...Read More ...

Continue Reading

March 28, 2024

CVE-2023-51774 vulnerabilities

Vulnerabilities for packages: ruby3.2-json-jwt,...Read More ...

Continue Reading

March 28, 2024

1 53 54 55 56 57 187

Back to Main
Subscribe for the latest news: