-
- [x] define scope and objectives of the project
-
We got a security vulnerability from our pentest team, “The application uses insecure encryption mode CBC with PKCS7 padding, an insecure and deprecated algorithm.” And it is related to com.nimbusds:n…
-
# 每日安全资讯(2023-06-07)
- 先知安全技术社区
- [ ] [udf自动化提权](https://xz.aliyun.com/t/12592)
- Security Boulevard
- [ ] [11 Ways ArmorCode Helps AppSec Teams](https://securityboulevard.com/2023/06/11-ways-arm…
-
Options:
- `--from` taking the appversion id
- `--filterset` taking a filter set by name or id (implement a `FilterSetHelper` class that allows for resolving filter set names and id's)
- Existing `…
-
### **Summary**
The method powmodhelper() in OpenSSL.php performs public key RSA encryption without OAEP padding, which makes the encryption weak.Public key RSA encryption is performed without using …
-
### **SUMMARY**
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) a…
-
# :rocket: Feature request
### Description
While testing some ideas for CTF I encountered this project. Great work!
Since we're trying to stay "up to date" with our standards and risk assessmen…
-
We are currently using Datadog Agent version 7.47.0, and we've identified 25 vulnerabilities in our environment using "docker scout cves" for scanning. Could you please assist us in addressing and rem…
-
Hello,
Roundcube Webmail 1.6.1's extension jqueryui 1.13.1 - jQuery UI - v1.13.1 is vulnerable to cross site scripting CVE-2022-31160
https://nvd.nist.gov/vuln/detail/CVE-2022-31160
https://…
-
**NGINX Ingress controller version**
-------------------------------------------------------------------------------
NGINX Ingress controller
Release: v1.1.1
Build: a17181e43ec8…