-Español--Administración-
  • Proyectos Projects of reverse engineering, biometrics, web security, cryptanalysis...
  • Ubicación Cryptology Laboratory - School of Computer Science - Campus de Montegancedo
Vulnerabilities
July 29, 2019
invenio-previewer before 1.0.0a12 allows XSS.
4.3[+]
July 29, 2019
Discourse before 2.3.0 and 2.4.x before 2.4.0.beta3 lacks a confirmation screen when logging in via an email link.
7.5[+]
July 29, 2019
Discourse before 2.3.0 and 2.4.x before 2.4.0.beta3 lacks a confirmation screen when logging in via a user-api OTP.
5.0[+]
July 29, 2019
ASH-AIO before 2.0.0.3 allows an open redirect.
5.8[+]
July 29, 2019
graphql-engine (aka Hasura GraphQL Engine) before 1.0.0-beta.3 mishandles the audience check while verifying JWT.
5.0[+]
July 29, 2019
docker-credential-helpers before 0.6.3 has a double free in the List functions.
2.1[+]
July 29, 2019
parse-server before 3.6.0 allows account enumeration.
5.0[+]
July 29, 2019
parse-server before 3.4.1 allows DoS after any POST to a volatile class.
5.0[+]
July 29, 2019
SmokeDetector intentionally does automatic deployments of updated copies of SmokeDetector without server operator authority.
6.5[+]
July 29, 2019
Misskey before 10.102.4 allows hijacking a user's token.
4.3[+]
View all
Latest news
    Conexion fallida