CVE-2024-36368

In JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 reflected XSS via OAuth provider configuration was...Read More ...

Continue Reading
CVE-2024-36370

In JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via OAuth connection settings was...Read More ...

Continue Reading
CVE-2024-36368

In JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 reflected XSS via OAuth provider configuration was...Read More ...

Continue Reading
CVE-2024-36370

In JetBrains TeamCity before 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via OAuth connection settings was...Read More ...

Continue Reading
FreeBSD : QtNetworkAuth — predictable seeding of PRNG in QAbstractOAuth (f5fa174d-19de-11ef-83d8-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f5fa174d-19de-11ef-83d8-4ccc6adda413 advisory. Andy S ...

Continue Reading
QtNetworkAuth — predicatable seeding of PRNG in QAbstractOAuth

Andy Shaw reports: The OAuth1 implementation in QtNetworkAuth created nonces using a PRNG that was seeded with a predictable seed. This means that an attacker that can somehow control the time ...

Continue Reading
Cross-site Request Forgery (CSRF)

Sensiolabs/connect is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability is due to the absence of a state parameter in OAuth requests, which exposes applications to CSRF attacks during ...

Continue Reading
Security advisory: OAuth1 in QtNetworkAuth

The OAuth1 implementation in QtNetworkAuth created nonces using a PRNG that was seeded with a predictable seed. This issue has been assigned the CVE id CVE-2024-36048. This means that an attacker that ...

Continue Reading

Back to Main

Subscribe for the latest news: