-
# PHAR deserialization allowing remote code execution
## Description
`Gregwar\Image` is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fi…
-
Bandit shows in the logs that its node version is deprecated:
Actual version -> Node 12
Needed version -> Node 16
@cools9 I think you need to update the node version
-
There are CORS headers that allow any Origin to make a request to dagu
https://github.com/dagu-org/dagu/blob/e66978da753838e48dded8431c0e97002b621dfa/internal/frontend/middleware/global.go#L122-L13…
-
**Describe the bug**
Lack of size checks on blobs or topology state.
E.g.
- `comp_dev_get_first_data_*` missing nullity checks
- `comp_get_data_blob` not checking the size params
- Not checking …
-
# Microsoft Security Advisory CVE-2024-43498 | .NET Remote Code Execution Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerabilit…
-
### Describe the issue
I have about had it with this piece of junk "authenticator." It doesn't respond to prompts when I get a request from Facebook to add a security code to login
![Facebook Google…
-
While it correctly asks for the security code, the security code is never sent, so I can't log in.
Using WSL with the default Ubuntu distro:
```
x@x:~/lgogdownloader-3.12/build$ lgogdownloader --…
-
I have voluntarily reviewed the files that could potentially contain backdoors or security issues.
https://github.com/scramblr/1password/pull/1
My methodology was to compare my own local 1password…
Alino updated
3 months ago
-
hi, openscanhub code security scanner reports a number of Missing Initialization and Resource Leaks in the qatlib code. they can be a low-impact, but still i would like to share security scanner findi…
-
## Summary
Currently sourcerer code & tests are huge and should be divided into modular pieces. [This PR](https://github.com/elastic/kibana/pull/168230) divides some test but it is not still not cl…