php-jwt 1.0.0 uses strcmp (which is not constant time) to verify authentication, which makes it easier to bypass authentication via a timing side...Read More ...
Continue Reading
February 08, 2024
Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and ...
Continue Reading
February 08, 2024
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0712 advisory. All versions of Apache Santuario - XML Se ...
Continue Reading
February 08, 2024
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0711 advisory. All versions of Apache Santuario - XML Se ...
Continue Reading
February 08, 2024
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0710 advisory. All versions of Apache Santuario - XML Se ...
Continue Reading
February 08, 2024
Nginx-UI is a web interface to manage Nginx configurations. It is vulnerable to arbitrary command execution by abusing the configuration settings. The Home > Preference page exposes a list of s ...
Continue Reading
February 07, 2024
Open edX Platform is a service-oriented platform for authoring and delivering online learning. A user with a JWT and more limited scopes could call endpoints exceeding their access. This vulnerability ...
Continue Reading
February 07, 2024
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.15 serve ...
Continue Reading
February 06, 2024
Back to Main
