This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading23 июня, 2022
### Impact We found that this vulnerability is present when the developer is implementing an OAuth 1 provider (by extension, it means Twitter, which is the only built-in provider using OAuth 1), but * ...
Continue Reading23 июня, 2022
NextAuth.js (next-auth) is am open source authentication solution for Next.js applications. Prior to versions 3.29.3 and 4.3.3, an open redirect vulnerability is present when the developer is implemen ...
Continue Reading23 июня, 2022
# Description The application allows the usage of third-parties to store the files, such as Google Drive, Github, Gitlab, etc. It's possible to bypass the protection of the `redirect` parameter and re ...
Continue Reading23 июня, 2022
Researchers are warning attackers can abuse Microsoft Office 365 functionality to target files stored on SharePoint and OneDrive in ransomware attacks. Those files, stored via auto-save and backed ...
Continue Reading21 июня, 2022
The nestjs-proxy library did not have a way to control when Authorization headers should should be forwarded for specific backend services configured by the application developer. This could have resu ...
Continue Reading17 июня, 2022
The nestjs-proxy library did not have a way to control when Authorization headers should should be forwarded for specific backend services configured by the application developer. This could have resu ...
Continue Reading17 июня, 2022
This release of Red Hat Fuse 7.10.2.P1 serves as a replacement for Red Hat Fuse 7.10 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the Reference ...
Continue Reading17 июня, 2022
Back to Main