Rocky Linux 9 : grafana (RLSA-2022:5716)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:5716 advisory. Grafana is an open-source platform for monitoring and observabi ...

Continue Reading
Description of the security update for Microsoft Exchange Server 2019 and 2016: November 14, 2023 (KB5032146)

None Notice For Microsoft Exchange Server 2016 installations, see also KB 5032147 for additional information about issues that are fixed in this security update. This security update rollup resolve ...

Continue Reading
RHEL 8 : grafana (RHSA-2023:6972)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:6972 advisory. Grafana is validating Azure AD accounts based on th ...

Continue Reading
Apigee API Security policies howto

## The Genesis of Apigee API Security Guidelines In today's digital epoch, [APIs (Application Programming Interfaces)]( "APIs (Application Programming Interfaces)" ) have ascended to be the fundamenta ...

Continue Reading
Improper Authorization

next-auth is vulnerable to Improper Authorization. A malicious actor could create an empty/mock user by getting hold of a NextAuth.js-issued JWT from an interrupted OAuth sign-in flow (state, PKCE or ...

Continue Reading
Authentication Bypass

authentik is vulnerable to authentication bypass due to an insufficient PKCE check. The vulnerability is caused by code_verifier step during the OAUTH initialisation flow. Authentik improperly accepts ...

Continue Reading
Moderate: grafana security and enhancement update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): grafana: account takeover possible when using Azure AD OAuth ( ...

Continue Reading
Moderate: mod_auth_openidc:2.3 security and bug fix update

The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. ...

Continue Reading

Back to Main

Subscribe for the latest news: