In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosu ...
Continue Reading
15 августа, 2023
[]() ## Why SaaS Security Is a Challenge In ...
Continue Reading
14 августа, 2023
gitlab is vulnerable to Cross-Site Leak. The vulnerability exists in the OAuth flow, allowing an attacker to leak an OAuth access token by getting the victim to visit a malicious page with SafariRead ...
Continue Reading
12 августа, 2023
gitlab is vulnerable to Authorization Bypasses. This vulnerability occurs due to a flaw in the way that GitLab handles OAuth subscriptions. An attacker can exploit this vulnerability to generate OAuth ...
Continue Reading
12 августа, 2023
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. Security Fix(es): * envoy: Clie ...
Continue Reading
11 августа, 2023
sentry is vulnerable to Authentication Bypass. The vulnerability exists due to the lack of a OIDC signing token inside the authentication mechanism which allows an attacker with sufficient client-side ...
Continue Reading
11 августа, 2023
[]() Attackers continue to target Microsoft ...
Continue Reading
10 августа, 2023
### Impact An attacker with sufficient client-side exploits could retrieve a valid access token for another user during the OAuth token exchange due to incorrect credential validation. The client ID m ...
Continue Reading
09 августа, 2023
Back to Main
