88 matches found
PT-2024-22615 · Gocd · Gocd
Name of the Vulnerable Software and Affected Versions: GoCD versions 19.4.0 through 23.5.0 Description: The issue is a reflected cross-site scripting vulnerability on the loading page displayed while GoCD is starting, via abuse of a redirect to query parameter with inadequate validation. Attacker...
CVE-2024-28238 Session Token in URL in directus
Directus is a real-time API and App dashboard for managing SQL database content. When reaching the /files page, a JWT is passed via GET request. Inclusion of session tokens in URLs poses a security risk as URLs are often logged in various places e.g., web server logs, browser history. Attackers...
Jenkins Plugin GitLab Branch Source Security Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
CVE-2023-43990
An issue in cherub-hair mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...
Jenkins Plugin Google Login Security Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
CVE-2023-30530
Jenkins Consul KV Builder Plugin 2.0.13 and earlier stores the HashiCorp Consul ACL Token unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system...
PT-2023-19303 · Vantage6 · Vantage6
Name of the Vulnerable Software and Affected Versions: vantage6 versions prior to 3.8.0 Description: The issue concerns the refresh token in vantage6, a privacy-preserving federated learning infrastructure, which is currently valid indefinitely. This is considered bad security practice. The refre...
CVE-2023-26032 ZoneMinder contains SQL injection via malicious Jason Web Token
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain SQL Injection via malicious jason web token. The Username field of the JWT token was trusted when performing an SQL...
PT-2023-19809 · Onedev · Onedev
Name of the Vulnerable Software and Affected Versions: Onedev versions prior to 7.9.12 Description: Onedev is a self-hosted Git Server with CI/CD and Kanban. The algorithm used to generate access token and password reset keys was not cryptographically secure in versions prior to 7.9.12. Existing...
USE SAFEERC20 (SAFEAPPROVE/SAFEMINT/SAFETRANSFERFROM) INSTEAD OF APPROVE/MINT/TRANSFER FROM
Lines of code Vulnerability details Impact The classic openzepplin implementation of the ERC20 standard ie. functions : Approve, Transfer, TransferFrom and mint does not capture the fact that some ERC20 token do not return a boolean value eg. BNB, USDT, OMG. As results, these functions won't work...
GHSA-RQG8-XJP2-PG9W LinOTP replay vulnerability with auto resynchronization enabled for TOTP token
LinOTP is prone to a replay attack with activated automatic resynchronization. This vulnerability may allow an attacker to successfully log in with OTP values recorded at a previous point in time. This attack is only possible if automatic resynchronization is enabled for the TOTP token type. The...
TokenHandler.setToken ERC20 missing return value check
Handle cmichel Vulnerability details Vulnerability Details The setToken function performs an ERC20.approve call but does not check the success return value. Some tokens do not revert if the approval failed but return false instead. Impact Tokens that don't actually perform the approve and return...
Code injection
Protectimus SLIM NFC 70 10.01 devices allow a Time Traveler attack in which attackers can predict TOTP passwords in certain situations. The time value used by the device can be set independently from the used seed value for generating time-based one-time passwords, without authentication. Thus, a...
CVE-2021-32638
CVE-2021-32638 concerns Github CodeQL runner/CodeQL Action used in non-GitHub CI environments, where a GitHub access token supplied via the --github-auth flag could be exposed to other processes through system output (e.g., ps). The issue is resolved by deprecating --github-auth and using secure ...
Intelbras Router RF 301K 跨站请求伪造漏洞
The Intelbras Router RF 301K is a router from Intelbras in China. A cross-site request forgery vulnerability exists in Intelbras Router RF 301K Firmware 1.1.2, which stems from the lack of a security mechanism to protect tokens and insecure inputs and modules...
GO-2020-0004 Authentication bypass in github.com/nanobox-io/golang-nanoauth
If any of the ListenAndServe functions are called with an empty token, token authentication is disabled globally for all listeners. Also, a minor timing side channel was present allowing attackers with very low latency and able to make many requests to potentially recover the token...
IBM Sterling File Gateway Sensitive Information Access Vulnerability
IBM Sterling File Gateway is a centralized management gateway product for file transfers from IBM USA. IBM Sterling File Gateway suffers from a sensitive information acquisition vulnerability that stems from a failure to set a security attribute on an authorization token or session cookie. An...
PT-2020-14623 · Gradle · Gradle Enterprise
Name of the Vulnerable Software and Affected Versions: Gradle Enterprise versions 2018.2 through 2020.2.4 Description: An issue was discovered where the CSRF prevention token is stored in a request cookie that is not annotated as HttpOnly. This allows an attacker with the ability to execute...
CVE-2019-4688
IBM Security Guardium Data Encryption GDE 3.0.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the...
IBM Security Identity Governance and Intelligence Information Disclosure Vulnerability (CNVD-2018-24624)
IBM Security Identity Governance and Intelligence IGI is a suite of identity management and governance solutions from IBM in the United States. The product includes features such as lifecycle management, access risk assessment and identity management. A security vulnerability exists in IBM Securi...