-
CWE 123
CWE_123
CWe: 123
OWASP Top 10 A1
sql injection
xss
ssrf
-
Hi thanks for writing and sharing this tool.
It is very interesting engineering. I Particularly love that it uses existing mechanisms, such as LD_PRELOAD and flatpak sandboxing. What I am about to …
-
Depends on better authentication and authorization - #1901
Production suite operators sometimes need to change certain job parameters on the fly before re-running a task, but letting them edit the…
-
### Describe the solution you'd like
Because of certain common security concerns in the CCU/OCCU ecosystem and especially due to the point that users still unfortunately tend to make a CCU availabl…
-
@patwater via NYC Big Apps competition. They already have a prototype up and running on https://www.powerchain.nyc
via https://www.perpetualny.com/blog/building-perpetual-power-chain-from-idea-to-t…
vr00n updated
4 years ago
-
# Documentation
I recently needed to generate some cryptographic key material. As far as I can tell, `secrets.token_bytes()` is the recommended way of doing this, and cpython's concrete implementat…
-
Security Testing focal points
1). While analyzing some part of the business logic, we found that an adversary could add duplicate record of a teacher with the same mail id and name using an admin acc…
-
This is an issue that have been brought up before team requirement lifted up.
here is a thread for that [[Discussion] 4th Generation BOINC credit system](https://boinc.berkeley.edu/forum_thread.php?i…
-
Given: A MultisigWallet with three Owners: Alice, Bob and Mallory. The wallet is configured to require two confirmations.
Alice and Bob want to change the Daily Limit to 1 ETC, which should be poss…
-
# Feature Request
About audited Directus version.
It has been cloned from suite repo.
Latest commit https://github.com/directus/directus/commit/1d151a9034514e3f2ec1c80001e7c5fffdef2d4e
## Des…