1894 matches found
WordPress plugin Royal Elementor Addons 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An information disclosure vulnerability...
Mantra - A Tool Used To Hunt Down API Key Leaks In JS Files And Pages
The tool in question was created in Go and its main objective is to search for API keys in JavaScript files and HTML pages. It works by checking the source code of web pages and script files for strings that are identical or similar to API keys. These keys are often used for authentication to...
JumpCloud Resets API Keys Amid Ongoing Cybersecurity Incident
JumpCloud, a provider of cloud-based identity and access management solutions, has swiftly reacted to an ongoing cybersecurity incident that impacted some of its clients. As part of its damage control efforts, JumpCloud has reset the application programming interface API keys of all customers...
Code injection
tktchurch/website contains the codebase for The King's Temple Church website. In version 0.1.0, a Stripe API key was found in the public code repository of the church's project. This sensitive information was unintentionally committed and subsequently exposed in the codebase. If an unauthorized...
CVE-2023-36817 The King's Temple Church website Leaked Stripe API Key in Public Code Repository
tktchurch/website contains the codebase for The King's Temple Church website. In version 0.1.0, a Stripe API key was found in the public code repository of the church's project. This sensitive information was unintentionally committed and subsequently exposed in the codebase. If an unauthorized...
CVE-2023-36817 The King's Temple Church website Leaked Stripe API Key in Public Code Repository
tktchurch/website contains the codebase for The King's Temple Church website. In version 0.1.0, a Stripe API key was found in the public code repository of the church's project. This sensitive information was unintentionally committed and subsequently exposed in the codebase. If an unauthorized...
CVE-2023-36817 The King's Temple Church website Leaked Stripe API Key in Public Code Repository
tktchurch/website contains the codebase for The King's Temple Church website. In version 0.1.0, a Stripe API key was found in the public code repository of the church's project. This sensitive information was unintentionally committed and subsequently exposed in the codebase. If an unauthorized...
CVE-2023-28387
"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4.2 and earlier use hard-coded credentials, which may allow a local attacker to analyze data in the app and to obtain API key for an external service...
Hardcoded credentials
"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4.2 and earlier use hard-coded credentials, which may allow a local attacker to analyze data in the app and to obtain API key for an external service...
CVE-2023-28387
"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4.2 and earlier use hard-coded credentials, which may allow a local attacker to analyze data in the app and to obtain API key for an external service...
CVE-2023-28387
The CVE-2023-28387 entry concerns the NewsPicks mobile apps for Android (versions 10.4.5 and earlier) and iOS (versions 10.4.2 and earlier) that hard‑code credentials, enabling a local attacker to access app data and potentially obtain an API key for an external service. Affected components are t...
CVE-2023-28387
"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4.2 and earlier use hard-coded credentials, which may allow a local attacker to analyze data in the app and to obtain API key for an external service...
PT-2023-21688 · Unknown · Newspicks App
Name of the Vulnerable Software and Affected Versions: NewsPicks App for Android versions 10.4.5 and earlier NewsPicks App for iOS versions 10.4.2 and earlier Description: The issue is related to hard-coded credentials in the NewsPicks App, which may allow a local attacker to analyze data in the...
CVE-2023-30993
IBM Cloud Pak for Security CP4S 1.9.0.0 through 1.9.2.0 could allow an attacker with a valid API key for one tenant to access data from another tenant's account. IBM X-Force ID: 254136...
CVE-2023-30993
IBM Cloud Pak for Security CP4S 1.9.0.0 through 1.9.2.0 could allow an attacker with a valid API key for one tenant to access data from another tenant's account. IBM X-Force ID: 254136...
CVE-2023-30993 IBM Cloud Pak for Security information disclosure
IBM Cloud Pak for Security CP4S 1.9.0.0 through 1.9.2.0 could allow an attacker with a valid API key for one tenant to access data from another tenant's account. IBM X-Force ID: 254136...
CVE-2023-30993 IBM Cloud Pak for Security information disclosure
IBM Cloud Pak for Security CP4S 1.9.0.0 through 1.9.2.0 could allow an attacker with a valid API key for one tenant to access data from another tenant's account. IBM X-Force ID: 254136...
PT-2023-23102 · Ibm · Ibm Cloud Pak For Security
Name of the Vulnerable Software and Affected Versions: IBM Cloud Pak for Security CP4S versions 1.9.0.0 through 1.9.2.0 Description: The issue allows an attacker with a valid API key for one tenant to access data from another tenant's account. Recommendations: For versions 1.9.0.0 through 1.9.2.0...
Fedora 37 : chromium (2023-f4954af225)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-f4954af225 advisory. update to 114.0.5735.106. Fixes the following security issue: CVE-2023-3709 Tenable has extracted the preceding description block directly from the...
Fedora 38 : chromium (2023-6fe7ff3452)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-6fe7ff3452 advisory. update to 114.0.5735.106. Fixes the following security issue: CVE-2023-3709 Tenable has extracted the preceding description block directly from the...