Server side request forgery (ssrf)

An XML external entity (XXE) vulnerability in CommandCenterWebServices/.*?wsdl in Raritan CommandCenter Secure Gateway before 8.0.0 allows remote unauthenticated users to read arbitrary files or condu ...

Continue Reading

December 14, 2023

Exploit for CVE-2021-28169

Eclipse Jetty Canonical Repository =============================...Read More ...

Continue Reading

December 14, 2023

CVE-2023-6394

A flaw was found in Quarkus. This issue occurs when receiving a request over websocket with no role-based permission specified on the GraphQL operation, Quarkus processes the request without authentic ...

Continue Reading

December 14, 2023

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Eclipse Jetty

Eclipse Jetty Canonical Repository =============================...Read More ...

Continue Reading

December 14, 2023

CVE-2023-48230

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be ca ...

Continue Reading

December 14, 2023

AlmaLinux 8 : ruby:2.6 (ALSA-2021:2588)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:2588 advisory. - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x th ...

Continue Reading

December 14, 2023

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Eclipse Jetty

Eclipse Jetty Canonical Repository =============================...Read More ...

Continue Reading

December 14, 2023

Authorization bypass in Quarkus

A flaw was found in Quarkus. This issue occurs when receiving a request over websocket with no role-based permission specified on the GraphQL operation, Quarkus processes the request without authentic ...

Continue Reading

December 14, 2023

1 72,682 72,683 72,684 72,685 72,686 103,559

Back to Main
Subscribe for the latest news: