CVE-2021-22696

CXF supports (via JwtRequestCodeFilter) passing OAuth 2 parameters via a JWT token as opposed to query parameters (see: The OAuth 2.0 Authorization Framework: JWT Secured Authorization Request (JAR)). ...

Continue Reading

June 06, 2022

Exploit for Unrestricted Upload of File with Dangerous Type in Wso2 Api Manager

# Better CVE-2022-29464 Certain WSO2 products allow unrestricte...Read More ...

Continue Reading

June 04, 2022

Microweber CMS 1.2.15 – Account Takeover Vulnerability

Post ContentRead More ...

Continue Reading

June 03, 2022

Denial of service in Spring Security OAuth

Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 C ...

Continue Reading

June 03, 2022

Microweber CMS 1.2.15 – Account Takeover

Post ContentRead More ...

Continue Reading

June 02, 2022

(RHSA-2022:4880) Moderate: ACS 3.70 enhancement and security update

New features and enhancements 1. Verifying image signatures against Cosign public keys: You can use RHACS to ensure the integrity of the container images in your clusters by verifying image signatures ...

Continue Reading

June 01, 2022

CVE-2022-30190

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.Read More ...

Continue Reading

June 01, 2022

CVE-2022-30128

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30127.Read More ...

Continue Reading

June 01, 2022

1 397 398 399 400 401 427

Back to Main
Subscribe for the latest news: