## Summary There is a vulnerability in the GraphQL Java library used by IBM WebSphere Application Server Liberty with the mpGraphQL-1.0 or mpGraphQL-2.0 feature enabled. This has been addressed. ## Vu ...
Continue Reading
July 01, 2023
### Impact A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. > RangeError: Invalid WebSocket frame: RSV2 and RSV3 must be ...
Continue Reading
July 01, 2023
## Summary IBM UrbanCode Release version 6.2.2.7 - 6.2.4 are affected by CVE-2020-13935 ## Vulnerability Details ** CVEID: **[CVE-2020-13935]() ** DESCRIPTION: **Apache Tomcat is vulnerable to a denia ...
Continue Reading
July 01, 2023
This module uses a blind SQL injection (CVE-2020-5724) affecting the Grandstream UCM62xx IP PBX to dump the users table. The injection occurs over a websocket at the websockify endpoint, and specifica ...
Continue Reading
July 01, 2023
Palo Alto Networks Firewalls - Root Remote Code ExecutionRead More ...
Continue Reading
July 01, 2023
### Summary An exploitable improper authorization vulnerability exists in admin_nodeInfo API of cpp-ethereumâs JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause ...
Continue Reading
July 01, 2023
### Summary An exploitable improper authorization vulnerability exists in miner_stop API of cpp-ethereumâs JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an ...
Continue Reading
July 01, 2023
A Command Injection in action_power.py in Cobbler prior to v2.6.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) username or (2) password fields to the power ...
Continue Reading
July 01, 2023
Back to Main
