In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosu ...
Continue Reading15 августа, 2023
[![Identity Threat Detection and Response](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=)]() ## Why SaaS Security Is a Challenge In ...
Continue Reading14 августа, 2023
gitlab is vulnerable to Cross-Site Leak. The vulnerability exists in the OAuth flow, allowing an attacker to leak an OAuth access token by getting the victim to visit a malicious page with SafariRead ...
Continue Reading12 августа, 2023
gitlab is vulnerable to Authorization Bypasses. This vulnerability occurs due to a flaw in the way that GitLab handles OAuth subscriptions. An attacker can exploit this vulnerability to generate OAuth ...
Continue Reading12 августа, 2023
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. Security Fix(es): * envoy: Clie ...
Continue Reading11 августа, 2023
sentry is vulnerable to Authentication Bypass. The vulnerability exists due to the lack of a OIDC signing token inside the authentication mechanism which allows an attacker with sufficient client-side ...
Continue Reading11 августа, 2023
[![Microsoft Cross-Tenant Synchronization](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=)]() Attackers continue to target Microsoft ...
Continue Reading10 августа, 2023
### Impact An attacker with sufficient client-side exploits could retrieve a valid access token for another user during the OAuth token exchange due to incorrect credential validation. The client ID m ...
Continue Reading09 августа, 2023
Back to Main