GHSA-95v9-hv42-pwrj: gnark is vulnerable to signature malleability in EdDSA and ECDSA due to missing scalar checks

GHSA-fvqv-593q-qp8r: Liferay Portal Reflected Cross-Site Scripting Vulnerability via PortalUtil.escapeRedirect

GHSA-xwc5-q44v-p6gg: Liferay Portal User Enumeration Vulnerability via the Create Account Page

GHSA-655h-hg88-5qmf: Rust XCB `xcb::Connection::connect_to_fd*` functions violate I/O safety

GHSA-vv6j-3g6g-2pvj: Picklescan missing detection when calling pytorch function torch.utils._config_module.load_config

It has been discovered that login failures have been logged on the default stream with log level "warning" including plain-text user credentials.

**Typo3 Information Disclosure in User Authentication**

Moderate severity GitHub Reviewed Published Jun 5, 2024 to the GitHub Advisory Database • Updated Jun 5, 2024

Headline

GHSA-m96r-7vqm-j95g: Typo3 Information Disclosure in User Authentication

ghsa: Latest News