openSUSE 15 Security Update : weechat (openSUSE-SU-2022:0083-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0083-1 advisory. - WeeChat before 3.2.1 allows remote attackers to ...

Continue Reading
CVE-2022-24595

Automotive Grade Linux Kooky Koi 11.0.0, 11.0.1, 11.0.2, 11.0.3, 11.0.4, and 11.0.5 is affected by Incorrect Access Control in usr/bin/afb-daemon. To exploit the vulnerability, an attacker should send ...

Continue Reading
Security update for weechat (moderate)

An update that fixes one vulnerability is now available. Description: This update for weechat fixes the following issues: update to 3.2.1: * CVE-2021-40516: relay: fix crash when decoding a m ...

Continue Reading
Information Disclosure

FreeTAKServer-UI is vulnerable to information disclosure. The vulnerability exists because it exposes sensitive API and Websocket keys through the leakage of the RestAPI and Websocket tokens in WebUI. ...

Continue Reading
Exposure of Sensitive Information to an Unauthorized Actor in FreeTAKServer-UI

FreeTAKServer-UI v1.9.8 was discovered to leak sensitive API and Websocket keys.Read More ...

Continue Reading
CVE-2022-22971

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated u ...

Continue Reading
CVE-2022-25762

If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that ...

Continue Reading
Denial Of Service (DoS)

spring-messaging is vulnerable to denial of service. The vulnerability exists because the `handleMessageInternal` function of `SimpleBrokerMessageHandler.java` does not properly handle to ignore the i ...

Continue Reading

Back to Main

Subscribe for the latest news: