-
**Vulnerabilities**
DepShield reports that this application's usage of [lodash.debounce:4.0.8](https://ossindex.sonatype.org/component/pkg:npm/lodash.debounce@4.0.8) results in the following vulnerab…
-
## Affected Puppet, Ruby, OS and module versions/distributions
- Puppet: 4.8.1
- Ruby: ruby 2.1.9p490
- Distribution: CentOS7
- Module version: 2.6.1
I've created zabbix proxy with such h…
-
spin-off from https://github.com/OWASP/ASVS/issues/1916 "Discussion/Proposal 1"
The [summary](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-browser-based-apps#section-6.3.3.3) for browser …
-
Support the name and version identification of the third-party jar package of Java programs, such as fastjson.jar
Fastjson < 1.2.67 deserialization Remote Code Execution Vulnerability
Traverse t…
-
### Pitch
Version number information from lib/mastodon/version.rb is currently displayed to web site visitors, and via the API. I'd rather not advertise the version number of Mastodon that I'm runn…
-
https://github.com/mozilla/positron/blob/master/positron/electron/lib/browser/rpc-server.js#L46 checks if a prototype object is strictly equal to _Object.prototype_, i.e. `proto === Object.prototype`.…
-
### Environment
* **Version**: Version: 2.5.4
* **Installation**: git clone
* **PHP version**:
* **OS**: Debian stable
* **Database**: MariaDB
* **Parameters**: unavailable (hosted by a frie…
-
So I think a security vulnerability would be if a malicious website sent a request to localhost:port, as flask-desktop is connected to python that has a higher amount of user access(such as modifying …
-
```
We're running on 64-bit Ubuntu with the following versions installed (as part
of the script):
eventlog_0.2.12.tar.gz
syslog-ng_3.2.2.tar.gz
elsa-0.1.1.tar.gz
We're trying to write a new parser…
-
I'm using ubutu 20, nodejs 8.17. After installing the dependencies I install the stf globally by 'npm install -g @devicefarmer/stf', then I can run stf successfully and connect one device.
Here is …