Synopsys Coverity Connect 跨站脚本漏洞

Synopsys Coverity Connect is a Web-based platform from Synopsys. It consists primarily of static code analysis and dynamic code analysis tools. A cross-site scripting vulnerability exists in Synopsys Coverity Connect versions prior to 2022.12.0. An attacker could exploit this vulnerability to...

CVE-2022-23555

authentik is an open-source Identity Provider focused on flexibility and versatility. Versions prior to 2022.11.4 and 2022.10.4 are vulnerable to Improper Authentication. Token reuse in invitation URLs leads to access control bypass via the use of a different enrollment flow than in the one...