A flaw was found in Grafana, which validates Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique across Azure AD tenants, which enables Grafana account takeo ...
Continue Reading23 июня, 2023
Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. This leads to account takeover and authentication byp ...
Continue Reading22 июня, 2023
[![](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=)]() _Losing sleep over Generative-AI apps? You're not alone or wrong. According ...
Continue Reading22 июня, 2023
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2578-1 advisory. - All versions of package trim ...
Continue Reading22 июня, 2023
The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2575-1 advisory. - All versions of pac ...
Continue Reading22 июня, 2023
## Summary Components with the following Known Vulnerabilities have been upgraded in IBM Security Verify Governance. ## Vulnerability Details ** CVEID: **[CVE-2021-22696]() ** DESCRIPTION: **Apache C ...
Continue Reading21 июня, 2023
[![Microsoft Azure AD OAuth](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=)]() A security shortcoming in Microsoft Azure Active Dir ...
Continue Reading21 июня, 2023
doorkeeper is vulnerable to Improper Authentication. The vulnerability exists because user authentication is automatically processed without consent of the user if the authentication token matches, wh ...
Continue Reading21 июня, 2023
Back to Main