-
Greetings,
I am a security researcher, who is looking for security smells in Puppet scripts.
I noticed instances of hard-coded passwords, which are against the best practices
recommended by Commo…
-
### Is there an existing issue for this?
- [X] I have searched the existing issues
### Platform
all
### App version
any
### Feature
It would also be nice if there were timing mitigations so tha…
-
From the Status report page (https://www.pidramble.com/admin/reports/status):
> **Not enabled**
> The `trusted_host_patterns` setting is not configured in `settings.php`. This can lead to security…
-
> The attacks leverage unprotected resources for a denial-of-service by filling the disk and exhausting the CPU with unnecessary header and block data. This forces the node to halt operation. The at…
-
I just found this research about attacks on the rendering and status indication of signed mails in several MUAs: https://github.com/RUB-NDS/Johnny-You-Are-Fired
We should check if alot is affected.
-
**App and Neo4j sandbox are running condition**
_npm run seedDb_ cause following error on WSL:
```
Error: Error: GraphQL error: Failed to connect to server. Please ensure that your database is li…
-
@pmj642 Hey man, I found your repo while searching for a final project of a university subject. We need to find free software projects which have some kind of security vulnerability, fix it and patch …
-
As mentioned in #373, session authentication is working in djoser.
I would like to advocate to keep session authentication working after the code refactoring announced by @dekoza in #373 .
While…
-
A computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page conte…
-
Hi,
I have to do a security compliance audit on the liberator to get it accepted for use in the company I work for right now. What does liberator comply with or offers as a default sane protection…