-
- The software page shows vulnerabilities
- Vulnerabilities from Apple applications are shown (Like Safari), which update with the OS itself
- There are also vulnerabilities shown for applications …
-
# RCE vulnerability in Subrion CMS 4.2.1
Affected version
- Subrion CMS 4.2.1
Source code: https://subrion.org/download/
Exploiting vulnerabilities:
1、login address:
~~~
http://127.…
-
Create a security recommendation/hardening guide for applications that use the Kubernetes client. This could include different use-cases like:
1. Creating an application which runs `kubectl` comman…
-
Invicti Enterprise detected a missing X-Content-Type-Options header which means that this website could be at risk of a MIME-
sniffing attacks.
Remedy:
Add the X-Content-Type-Options header with a va…
-
1. Vulnerability affects product:onekeyadmin
2. Vulnerability affects version 1.3.9
3. Vulnerability type:storage xss vulnerability(Cross-site scripting)
4. Vulnerability Details:
url
http://1…
-
Hi,
`git-rev-sync` has a dependency on `shelljs` package version 0.8.4.
Snyk has identified this vulnerability : https://security.snyk.io/vuln/SNYK-JS-SHELLJS-2332187 and the fix is now available …
-
Based on user feedback, we're missing some fields in our ECS vulnerability fields and suggest the following additions.
- **Mitigations and Solutions**
- This is a free-text field that explain…
-
### Improper Privilege Management Vulnerability
**Description:**
I recently came across a Dependabot alert on GitHub regarding an improper privilege management vulnerability in `djangorestframewor…
-
**Github username:** @olaoyesalem
**Twitter username:** salthegeek1
**Submission hash (on-chain):** 0x06cb50e8b225f95a4fb970af72e465348e897fe64bd972a364f96c0fa3c7a41c
**Severity:** high
**Descriptio…
-
# Summary
> FastAdmin is a PHP backend development framework that is open-source under the Apache 2.0 license. It is designed for rapid development of backend systems, featuring a permission manageme…