Category: CVE Notifications


The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the table_id parameter which allows unauthenticated SQL Injection. An attacker can send malicious input in the...

Read More


An issue was discovered in Bitrix24 Bitrix Framework (1c site management) 20.0. An “User enumeration and Improper Restriction of Excessive Authentication Attempts” vulnerability exists in the admin login form,...

Read More


Python oic is a Python OpenID Connect implementation. In Python oic before version 1.2.1, there are several related cryptographic issues affecting client implementations that use the library. The issues are: 1) The IdToken...

Read More


The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user. System using the Crux Linux Docker container deployed by affected versions of the Docker image may allow an attacker to achieve root...

Read More