-
Since the last update about two weeks ago I have been unable to identify which save is which in NMSSE. The save selection shows nothing useful. Timestamp, location, nothing. I have avoided using NMSSE…
-
Support the name and version identification of the third-party jar package of Java programs, such as fastjson.jar
Fastjson < 1.2.67 deserialization Remote Code Execution Vulnerability
Traverse t…
-
### Summary:
Thank you for designing the F-Curator Desktop Application and making it open source and available. The application adds an event listener that prevents opening new windows, the sanitizat…
-
# Microsoft Security Advisory CVE-2018-0787: ASP.NET Core Elevation Of Privilege Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a v…
-
# Microsoft Security Advisory CVE-2023-44487: .NET Denial of Service Vulnerability
## Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerabilit…
-
Vulnerable Library - spring-boot-starter-web-3.1.2.jar
Path to dependency file: /server/build.gradle
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframe…
-
**Is your feature request related to a problem? Please describe.**
The app i'm working on at the minute is undergoing a security audit. The auditors noticed a GET request adding a JWT token to the qu…
-
Similarly to some providers like youtube or plex, setting up a new client could:
1. ask for the server url
2. display a pin like `9F3L`
3. allow user to enter the PIN straight from any other logged…
-
Package version (if known): v1.2.7 & current (2022-02-16) [InvenioRDM demo](https://inveniordm.web.cern.ch/) install
## Describe the bug
Posting to the REST api (e.g. https://inveniordm.web.cern.…
-
Some of our AWS examples assume you have a default VPC, and break if you do not. It is often common security practice to delete an account's default VPC upon creation to avoid accidental ingress/egres…