9 matches found
EUVD-2023-55486
Malicious code in bioql PyPI...
CVE-2023-50713
Speckle Server provides server, frontend, 3D viewer, and other JavaScript utilities for the Speckle 3D data platform. A vulnerability in versions prior to 2.17.6 affects users who: authorized an application which requested a 'token write' scope or, using frontend-2, created a Personal Access Toke...
Fast and Robust Speckle Pattern Authentication by Scale Invariant Feature Transform Algorithm in Physical Unclonable Functions
Nowadays, due to the growing phenomenon of forgery in many fields, the interest in developing new anti-counterfeiting device and cryptography keys, based on the Physical Unclonable Functions PUFs paradigm, is widely increased. PUFs are physical hardware with an intrinsic, irreproducible disorder...
CVE-2023-50713
Speckle Server provides server, frontend, 3D viewer, and other JavaScript utilities for the Speckle 3D data platform. A vulnerability in versions prior to 2.17.6 affects users who: authorized an application which requested a 'token write' scope or, using frontend-2, created a Personal Access Toke...
Code injection
Speckle Server provides server, frontend, 3D viewer, and other JavaScript utilities for the Speckle 3D data platform. A vulnerability in versions prior to 2.17.6 affects users who: authorized an application which requested a 'token write' scope or, using frontend-2, created a Personal Access Toke...
CVE-2023-50713 Speckle Server API Token Privilege Escalation
Speckle Server provides server, frontend, 3D viewer, and other JavaScript utilities for the Speckle 3D data platform. A vulnerability in versions prior to 2.17.6 affects users who: authorized an application which requested a 'token write' scope or, using frontend-2, created a Personal Access Toke...
CVE-2023-50713
CVE-2023-50713 – Speckle Server Token Privilege Escalation : Affects Speckle Server versions prior to 2.17.6. When creating a new token (via app with token write scope or frontend-2), the requesting token must authorize the new token, but the service did not verify that the new token’s privileges...
CVE-2023-50713 Speckle Server API Token Privilege Escalation
Speckle Server provides server, frontend, 3D viewer, and other JavaScript utilities for the Speckle 3D data platform. A vulnerability in versions prior to 2.17.6 affects users who: authorized an application which requested a 'token write' scope or, using frontend-2, created a Personal Access Toke...
Speckle Security Breach
Speckle is an open source digital infrastructure from Speckle, Inc. A security vulnerability exists in Speckle Server versions prior to 2.17.6 that stems from Speckle Server not verifying that additional permissions granted to a new token exceed the permissions of the requesting token, which coul...