The websocket configuration endpoint of the Loxone Miniserver Go Gen.2 before 14.1.5.9 allows remote authenticated administrators to inject arbitrary OS commands via the timezone parameter.Read More ...
Continue Reading07 июля, 2023
### Impact The authenticated attacker can craft a malicious payloads to achieve command injection when entering the container terminal. 1. Vulnerability analysis. ``` backendappapiv1terminal.go#Contai ...
Continue Reading07 июля, 2023
### Impact The authenticated attacker can craft a malicious payloads to achieve command injection when entering the container terminal. 1. Vulnerability analysis. ``` backendappapiv1terminal.go#Contai ...
Continue Reading07 июля, 2023
## Releases * Ubuntu 18.04 ESM * Ubuntu 16.04 ESM ## Packages * golang-websocket - Go package implementing the WebSocket protocol It was discovered that Gorilla WebSocket incorrectly handled dec ...
Continue Reading07 июля, 2023
### Impact A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. > RangeError: Invalid WebSocket frame: RSV2 and RSV3 must be ...
Continue Reading01 июля, 2023
Between September 26, 2021 and October 8, 2021, [Radically Open Security](https://www.radicallyopensecurity.com/) conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund's [ ...
Continue Reading01 июля, 2023
## Summary IBM UrbanCode Release version 6.2.2.7 - 6.2.4 are affected by CVE-2020-13935 ## Vulnerability Details ** CVEID: **[CVE-2020-13935]() ** DESCRIPTION: **Apache Tomcat is vulnerable to a denia ...
Continue Reading01 июля, 2023
[![](https://4.bp.blogspot.com/-P5OdKM3AnzM/Yd0b-NXgU9I/AAAAAAAA8a0/Rld1093WLHssqXYXYPpzyIIQ3c2QSrkjACK4BGAYYCw/w640-h360/idacode_2_preview-767772.gif)]() IDACode makes it easy to execute and debug Py ...
Continue Reading01 июля, 2023
Back to Main