-
## CVE-2013-0248 - Medium Severity Vulnerability
Vulnerable Library - commons-fileupload-1.2.jar
The FileUpload component provides a simple yet flexible means of adding support for multipart
fil…
-
Suggested by Davide, apparently FiveM uses this too.
First do a TCP handshake ~(on the same port number)~ with the server, then connect over UDP.
> If you implement the TCP port "punching" and y…
def- updated
2 months ago
-
I am very well aware of the efforts taken in #12, however, I do not agree with the implementation.
PKCEs are a way for SPAs to authenticate securely. They are protected by `redirect_uri`s and use S…
-
Vulnerable Library - react-scripts-5.0.1.tgz
Path to dependency file: /client/package.json
Path to vulnerable library: /client/node_modules/cross-spawn/package.json
Found in HEAD commit: 73928da…
-
## CVE-2024-43796 - Medium Severity Vulnerability
Vulnerable Library - express-4.17.1.tgz
Fast, unopinionated, minimalist web framework
Library home page: https://registry.npmjs.org/express/-/expres…
-
LZ_security
High
# InsertBulkReputerPayload can be DoS
## Summary
After discovering the `InsertBulkReputerPayload` transaction, the attacker initiates the same call to reduce the number of `Value…
-
## CVE-2019-10639 - High Severity Vulnerability
Vulnerable Libraries - linuxlinux-4.1.18, linuxlinux-4.1.18
Vulnerability Details
The Linux kernel 4.x (starting from 4.1) and 5.x before …
-
### Description
### Overview
Upon user login to the Reduced.to platform, an access_token is generated and stored as an HttpOnly cookie. However, the access_token lacks signature verification, enabli…
-
## CVE-2022-24736 - Low Severity Vulnerability
Vulnerable Libraries - redis6.2.6, redis6.2.6, redis6.2.6, redis6.2.6, redis6.2.6
Vulnerability Details
Redis is an in-memory database that…
-
The documentation for the Meshcentral Design Architecture mentions a possible attack regarding cloning a Meshcentral agent:
"A possible attack would occur if someone were to be able to access the a…