![]() ![]() □ CVE-2023-51656Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 through 0.13.4.Users are recommended to upgrade to version 1.2.2, which fixes the 18:07:25 NOTE: The vendor was contacted early about this disclosure but did not respond in any 18:07:26 VDB-248578 is the identifier assigned to this vulnerability. ![]() The exploit has been disclosed to the public and may be used. The manipulation leads to improper access controls. This vulnerability affects the function init_kcm of the component DBus Handler. □ CVE-2023-7025A vulnerability was found in KylinSoft hedron-domain-hook up to 3.8.0.12-0k0.5. An attacker client could abuse the missing validation to spoof a client consent request and trick an authorization admin into granting consent to a malicious OAuth client or possible unauthorized access to an existing OAuth 18:37:24 □ CVE-2023-2585Keycloak's device authorization grant does not correctly validate the device code and client ID.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |