In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an unauthenticated endpoint provided access to certain phone-number data. (Authy accounts were not compromised, however.)
https://cwe.mitre.org/data/definitions/203.html
https://www.twilio.com/docs/usage/security/reporting-vulnerabilities
https://www.twilio.com/en-us/changelog
Description zot is a production-ready vendor-neutral OCI image registry. The group data stored for users in the boltdb database (meta.db)
Description Server-Side Request Forgery in URL Mapper in Arctic Security’s Arctic Hub versions 3.0.1764-5.6.1877 allows an unauthenticated remote attacker to
Description A server-side request forgery exists in Satellite. When a PUT HTTP request is made to /http_proxies/test_connection, when supplied with