SimpleSAMLphp exposes credentials in session storage

Background In order to implement support for the SAML Enhanced Client or Proxy profile, the credentials obtained for authentication were stored in the state in order to pass them to the relevant routi ...

Continue Reading
SimpleSAMLphp exposes credentials in session storage

Background In order to implement support for the SAML Enhanced Client or Proxy profile, the credentials obtained for authentication were stored in the state in order to pass them to the relevant routi ...

Continue Reading
fence-agents security and bug fix update

[4.2.1-129] - bundled urllib3: fix CVE-2023-45803 Resolves: RHEL-18132 - bundled pycryptodome: fix CVE-2023-52323 Resolves: RHEL-20915 - bundled jinja2: fix CVE-2024-22195 Resolves: RHEL-22174 [ ...

Continue Reading
Security Bulletin: IBM Tivoli Application Dependency Discovery Manager is vulnerable to server-side request forgery due to Apache CXF

Summary This security bulletin addresses the vulnerabilitiy in Open Source Apache CXF that affect IBM Tivoli Application Dependency Discovery Manager (CVE-2024-28752). IBM Tivoli Application Dependenc ...

Continue Reading
CVE-2024-5291

D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations ...

Continue Reading
CVE-2024-5291 D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability

D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations ...

Continue Reading
CVE-2024-5291 D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability

D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations ...

Continue Reading
RHEL 8 : fence-agents (RHSA-2024:2968)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2968 advisory. The fence-agents packages provide a collect ...

Continue Reading

Back to Main

Subscribe for the latest news: