Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2019-10199: 1729261 – (CVE-2019-10199) CVE-2019-10199 keycloak: CSRF check missing in My Resources functionality in the Account Console

It was found that Keycloak’s account console, up to 6.0.1, did not perform adequate header checks in some requests. An attacker could use this flaw to trick an authenticated user into performing operations via request from an untrusted domain.

CVE
#csrf

Related news

CVE-2015-5278: [SECURITY] Fedora 23 Update: xen-4.5.1-9.fc23

The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907