Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 C ...
Continue Reading30 мая, 2022
Found **https://suncoast-auth[.]dns05.com/auth.php?oauth** in [...Read More ...
Continue Reading30 мая, 2022
We have released Spring Security OAuth 2.5.2 to address the following CVE report. * [CVE-2022-22969: Denial-of-Service (DoS) in spring-security-oauth2]() This vulnerability exposes OAuth 2.0 Client ...
Continue Reading30 мая, 2022
According to its self-reported version, the instance of GitLab running on the remote web server is 7.7.x prior to 14.4.5, 14.5.0 prior to 14.5.3, or 14.6.0 prior to 14.6.2. It is, therefore, affected ...
Continue Reading30 мая, 2022
[![GitHub](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjxX2jD8VVilJjQZkcsQwvoW0ZvAYbtJTCbmXDltSql9D4lPJW4bUlaSg9BnGka9yPYv829y-vn5ks9eFbNR9NaZd9WiHUEDQLsczRpWMDIz2fOCNxh-f8tAD_BfMy2zIiFu ...
Continue Reading30 мая, 2022
This module exploits CVE-2022-22954, an unauthenticated server-side template injection (SSTI) in VMware Workspace ONE Access, to execute shell commands as the "horizon" user.Read More ...
Continue Reading30 мая, 2022
![Widespread Exploitation of VMware Workspace ONE Access CVE-2022-22954](https://blog.rapid7.com/content/images/2022/04/vmware-one-etr.jpg) On April 6, 2022, VMware published [VMSA-2022-0011](), which ...
Continue Reading30 мая, 2022
GitHub revealed details tied to last weeks incident where hackers, using stolen OAuth tokens, downloaded data from private repositories. We do not believe the attacker obtained these tokens via a ...
Continue Reading30 мая, 2022
Back to Main