Leaving Authentication Credentials in Public Code

Interesting article about a surprisingly common vulnerability: programmers leaving authentication credentials and other secrets in publicly accessible software code: Researchers from security firm Gi ...

Continue Reading
RHEL 8 : grafana (RHSA-2023:6972)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:6972 advisory. Grafana is validating Azure AD accounts based on th ...

Continue Reading
grafana security and enhancement update

[9.2.10-7] - resolve RHEL-12649 - resolve CVE-2023-39325 CVE-2023-44487 rapid stream resets can cause excessive work - testing is turned off due to test failures caused by testing date mismatch [9.2.1 ...

Continue Reading
Threat Roundup for November 3 to November 10

![Threat Roundup for November 3 to November 10](https://blog.talosintelligence.com/content/images/2023/11/threat-roundup-1.jpg) Today, Talos is publishing a glimpse into the most prevalent threats we' ...

Continue Reading
ownCloud vulnerability can be used to extract admin passwords

ownCloud has warned users about three critical security flaws in its file-sharing software which, if exploited, could reveal sensitive information and modify files. An especially and potentially impac ...

Continue Reading
Fedora 39 : python-oauthlib (2023-da094276a2)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-da094276a2 advisory. OAuthLib is an implementation of the OAuth request-signing ...

Continue Reading
BIT-gitlab-2020-13292

In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow.Read More ...

Continue Reading
(RHSA-2023:6365) Moderate: mod_auth_openidc security and bug fix update

The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. ...

Continue Reading

Back to Main

Subscribe for the latest news: