David
the RT option for a tweet like this: testing denby # "#" ends being displayed encoded --> e.g. " becomes %22
[wishlist] Please add an option to show a given user's 'name' instead of just their twitter @'s.
``` In the logout view the 'continue' parameter is placed directly into the href value of the 'no' option without rejecting invalid url/locations (url which are not actual http link)....
I don't know much php but ... in loaders.php the class H2o_File_Cache constructor may create a directory using 'tempnam' which is not done securely(as far as I know it is...
The cookies test should be using tempfile.mkstemp instead of tempfile.mktemp. One example of using the tempfile.mktemp method is TempfileTestMixin in test/test_cookies.py. tempfile.mktemp - as per [0] , it is Deprecated...
It seems that at the present time the updater service found in su.apk fetches new su binaries over http and checks that the md5sum of the downloaded binary matches that...
Hi, there are several security issues in the code found in this repository. The first is that https://github.com/thinkingserious/sendgrid-python-dmarc-parser/blob/9cfac0992f75031e45f7eaea45710e2182742694/dmarc_parser/unzip.py#L28 is vulnerable to path traversal. It needs to filter out path traversal...
Seemingly Openwrt's odhcp6c configuration means that interface metric specification is not used for setup routes. This matters when a primary connection and a fallback connection: * are active at the...