A vulnerability in Keylime before 6.3.0 allows an attacker to craft a request to the agent that resets the U and V keys as if…

A flaw was found in Keylime before 6.3.0. The logic in the Keylime agent for checking for a secure mount can be fooled by previously…

The Web Server component of TIBCO Software Inc.’s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged attacker with network access…

Applications that allow HTTP PATCH access to resources exposed by Spring Data REST in versions 3.6.0 – 3.5.5, 3.7.0 – 3.7.2, and older unsupported versions,…

The Web Server component of TIBCO Software Inc.’s TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to…

Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.6. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute in GitHub repository ikus060/minarca prior to 4.2.2. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…

Rapid7 InsightVM suffers from an information exposure issue whereby, when the user’s session has ended due to inactivity, an attacker can use the Inspect Element…

The Identity and Directory Management System developed by Çekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability. This has been fixed in…

If an attacker can control a script that is executed in the victim’s browser, then they can typically fully compromise that user. Amongst other things,…