Category Archives: information exposure

Does Asp.Net Core exposes too much information for required enums that were not supplied?

Posted on by

I have a simple code for an input model:

public class MyClass
{
[Required]
public MyEnum? Type { get; set; }
}

Now if I do not send Type as a part of json to the request, I get this error from Web.Api:

“The JSON value coul… Continue reading Does Asp.Net Core exposes too much information for required enums that were not supplied?

Nexus Intelligence Insights: CVE-2018-5382 Bouncycastle Information Exposure

Posted on by

For our last Nexus Intelligence Insight of 2019, we’ll cover a component vulnerability discovered in a not-so-happy accident that appears far more dangerous than the researcher had previously hypothesized.
The post Nexus Intelligence Insights: CVE… Continue reading Nexus Intelligence Insights: CVE-2018-5382 Bouncycastle Information Exposure

Nexus Intelligence Insights CVE-2019-15753: OpenStack (os-vif), Denial of Service & Information Exposure

Posted on by

Our news feeds are filled with reports of malicious attacks on open source code at the project source, most of which are bad actors leveraging code bases for their own gain. While we’re taking this growing issue, more seriously than anyone else, w… Continue reading Nexus Intelligence Insights CVE-2019-15753: OpenStack (os-vif), Denial of Service & Information Exposure

VU#667480: AVer Information EH6108H+ hybrid DVR contains multiple vulnerabilities

Posted on by

AVer Information EH6108H+hybrid DVR,version X9.03.24.00.07l and possibly earlier,reportedly contains multiple vulnerabilities,including undocumented privileged accounts,authentication bypass,and information exposure. Continue reading VU#667480: AVer Information EH6108H+ hybrid DVR contains multiple vulnerabilities