mTLS: When certificate authentication is done wrong
Although [X.509]() certificates have been here for a while, they have become more popular for client authentication in zero-trust networks in recent years. Mutual TLS, or authentication based on X.509 ...
Continue Reading
August 18, 2023
mTLS: When certificate authentication is done wrong
Although [X.509]() certificates have been here for a while, they have become more popular for client authentication in zero-trust networks in recent years. Mutual TLS, or authentication based on X.509 ...
Continue Reading
August 18, 2023
mTLS: When certificate authentication is done wrong
Although [X.509]() certificates have been here for a while, they have become more popular for client authentication in zero-trust networks in recent years. Mutual TLS, or authentication based on X.509 ...
Continue Reading
August 18, 2023
Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to permissions bypass, privilege escalation, key generation failure, denial of service and request smuggling due to vulnerabilities in Node.js
## Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to permissions bypass, privilege escalation, key generation failure, denial of service and request s ...
Continue Reading
August 18, 2023
[SECURITY] Fedora 37 Update: opensc-0.23.0-5.fc37
OpenSC provides a set of libraries and utilities to work with smart cards. Its main focus is on cards that support cryptographic operations, and facilitate their use in security applications such as ...
Continue Reading
August 18, 2023
[SECURITY] Fedora 38 Update: opensc-0.23.0-5.fc38
OpenSC provides a set of libraries and utilities to work with smart cards. Its main focus is on cards that support cryptographic operations, and facilitate their use in security applications such as ...
Continue Reading
August 18, 2023
[SECURITY] Fedora 37 Update: python-aiohttp-3.8.5-1.fc37
Python HTTP client/server for asyncio which supports both the client and the server side of the HTTP protocol, client and server websocket, and webserve rs with middlewares and pluggable routing.Read ...
Continue Reading
August 18, 2023
CVE-2023-34412
A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker to store an arbitrary JavaScript payload ...
Continue Reading
August 17, 2023
CVE-2023-3958
The WP Remote Users Sync plugin for WordPress is vulnerable to Server Side Request Forgery via the 'notify_ping_remote' AJAX function in versions up to, and including, 1.2.12. This can allow authentic ...
Continue Reading
August 16, 2023
CVE-2023-3958
The WP Remote Users Sync plugin for WordPress is vulnerable to Server Side Request Forgery via the 'notify_ping_remote' AJAX function in versions up to, and including, 1.2.12. This can allow authentic ...
Continue Reading
August 16, 2023
