Improper socket reuse in Apache Tomcat

If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that ...

Continue Reading
GO-2021-0321

An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because th ...

Continue Reading
(RHSA-2022:4711) Moderate: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update

The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a co ...

Continue Reading
Malware in ctx

The `ctx` hosted project on [PyPI](https://pypi.org/project/ctx/) was taken over via user account compromise and replaced with a malicious project which contained runtime code that collected the cont ...

Continue Reading
CVE-2022-29253

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting with version 8.3-rc-1 and prior to versions 12.10.3 and 14.0, one can ask for any file ...

Continue Reading
CVE-2022-26833

An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthentica ...

Continue Reading
Cross-domain cookie leakage in Guzzle

### Impact Previous version of Guzzle contain a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets th ...

Continue Reading
Undefined behavior when users supply invalid resource handles

### Impact Multiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid: ```python import tensorflow as tf tf.raw_ops.QueueIsClosedV2(handle=[]) ``` ```p ...

Continue Reading

Back to Main

Subscribe for the latest news: