The plugin does not have authorisation and CSRF when updating its settings, which could allow unauthenticated attackers to update them and change the OAuth endpoints to ones they controls, allowing th ...
Continue Reading12 сентября, 2022
OAuthLib is an implementation of the OAuth request-signing logic for P ...Read More ...
Continue Reading10 сентября, 2022
OAuthLib is an implementation of the OAuth request-signing logic for Python 3.6+. In OAuthLib versions 3.1.1 until 3.2.1, an attacker providing malicious redirect uri can cause denial of service. An a ...
Continue Reading09 сентября, 2022
## Summary Cross reference list for security vulnerabilites fixed in IBM WebSphere Application Server, IBM WebSphere Application Server Hypervisor, WebSphere Application Server Liberty Profile and IBM ...
Continue Reading07 сентября, 2022
## Summary Cross reference list for security vulnerabilites fixed in IBM WebSphere Application Server 8.5.5.5, IBM WebSphere Application Server Hypervisor 8.5.5.5 and IBM HTTP Server 8.5.5.5 ## Vulne ...
Continue Reading07 сентября, 2022
* [CVE-2020-26237]() Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can b ...
Continue Reading06 сентября, 2022
Microsoft has posted a [reminder]() on the Exchange Team blog that Basic authentication for Exchange Online will be disabled in less than a month, on October 1, 2022. The first announcement of the cha ...
Continue Reading05 сентября, 2022
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading05 сентября, 2022
Back to Main