Summary WebSocket upgrader has disabled origin checking, enabling Cross-Site WebSocket Hijacking (CSWSH) attacks against authenticated users Details https://github.com/komari-monitor/komari/blob/bd5a6 ...
Continue Reading
August 12, 2025
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1 ...
Continue Reading
August 11, 2025
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. A flaw was found in libsoup. The SoupWebsocketConnection may acc ...
Continue Reading
August 11, 2025
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. A mishandled security check when creating a WebSocket in a WebWo ...
Continue Reading
August 11, 2025
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. The host name verification when using TLS with the WebSocket cli ...
Continue Reading
August 09, 2025
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. If a web application sends a WebSocket message concurrently with ...
Continue Reading
August 07, 2025
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. Due to a mistake in libcurl's WebSocket code, a malicious s ...
Continue Reading
August 07, 2025
Cybersecurity researchers have demonstrated an "end-to-end privilege escalation chain" in Amazon Elastic Container Service (ECS) that could be exploited by an attacker to conduct lat ...
Continue Reading
August 06, 2025
Back to Main
