Ory Keto has a SQL injection via forged pagination tokens

Description The GetRelationships API in Ory Keto is vulnerable to SQL injection due to flaws in its pagination implementation. Pagination tokens are encrypted using the secret configured in secrets.pagination. An attacker who knows this secret can craft their own tokens, including malicious token...

CVE-2019-13352

WolfVision Cynap before 1.30j uses a static, hard-coded cryptographic secret for generating support PINs for the 'forgot password' feature. By knowing this static secret and the corresponding algorithm for calculating support PINs, an attacker can reset the ADMIN password and thus gain remote...

Researcher Uncovers Flaws in Cox Modems, Potentially Impacting Millions

Now-patched authorization bypass issues impacting Cox modems could have been abused as a starting point to gain unauthorized access to the devices and run malicious commands. "This series of vulnerabilities demonstrated a way in which a fully external attacker with no prerequisites could've...

Palo Alto Networks PAN-OS 8.1.x < 8.1.0 / 9.0.x < 9.0.0 / 9.1.x < 9.1.0 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.0 or 9.0.x prior to 9.0.0 or 9.1.x prior to 9.1.0. It is, therefore, affected by a vulnerability. - In versions of Palo Alto Networks PAN-OS software earlier than PAN-OS 10.0, the DHE cipher available for us...

CVE-2019-13352

WolfVision Cynap before 1.30j uses a static, hard-coded cryptographic secret for generating support PINs for the 'forgot password' feature. By knowing this static secret and the corresponding algorithm for calculating support PINs, an attacker can reset the ADMIN password and thus gain remote...

CVE-2019-13352

WolfVision Cynap before 1.30j uses a static, hard-coded cryptographic secret for generating support PINs for the 'forgot password' feature. By knowing this static secret and the corresponding algorithm for calculating support PINs, an attacker can reset the ADMIN password and thus gain remote...

CVE-2019-13352

CVE-2019-13352 affects WolfVision Cynap prior to version 1.30j. The vulnerability arises from a static, hard-coded cryptographic secret used to generate support PINs for the forgotten-password feature, enabling an attacker who knows the secret and the calculation method to reset the ADMIN passwor...

Kaltura Community Edition 11.1.0-2 - Multiple Vulnerabilities

Kaltura Community Edition 11.1.0-2 - Multiple Vulnerabilities , , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Kaltura Community Edition Multiple Vulnerabilities Affected versions: Kaltura Community...

Kaltura Community Edition &lt; 11.1.0-2 - Multiple Vulnerabilities

, , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Kaltura Community Edition Multiple Vulnerabilities Affected versions: Kaltura Community Edition =11.1.0-2 PDF:...