#git

Categories: Business Categories: News Tags: blob Tags: SAS Tags: Microsoft Tags: Wiz Tags: secrets Microsoft AI researchers posted a long-living, overly permissive, SAS token on GitHub, exposing 38 TB of data. (Read more...) The post Microsoft AI researchers accidentally exposed terabytes of sensitive data appeared first on Malwarebytes Labs.

SpringBlade <=V3.6.0 is vulnerable to Incorrect Access Control due to incorrect configuration in the default gateway resulting in unauthorized access to error logs

By Owais Sultan In today’s digitally driven world, the cybersecurity aspect of brand identity has become paramount. A company’s brand is… This is a post from HackRead.com Read the original post: Branded Merchandise: The Secret Weapon for Building a Strong Brand Identity

SQL injection vulnerability in Novel-Plus v.4.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /sys/menu/list.

An information leak in youmart-tokunaga v13.6.1 allows attackers to obtain the channel access token and send crafted messages.

An information leak in TonTon-Tei_waiting Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages.

A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request.

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine (EVM). Starting in version 0.2.9 and prior to version 0.3.10, locks of the type `@nonreentrant("")` or `@nonreentrant('')` do not produce reentrancy checks at runtime. This issue is fixed in version 0.3.10. As a workaround, ensure the lock name is a non-empty string.

An information leak in THE_B_members card v13.6.1 allows attackers to obtain the channel access token and send crafted messages.

An information leak in YKC Tokushima_awayokocho Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages.