A vulnerability was found in ArgoCD's web-based terminal. This issue may allow a user to continue sending WebSocket messages and access sensitive information even after their p, role:myrole, exec ...
Continue Reading
July 26, 2024
Argo CD v2.11.3 and before, discovering that even if the user's p, role:myrole, exec, create, */*, allow permissions are revoked, the user can still send any Websocket message, which allows the u ...
Continue Reading
July 25, 2024
Argo CD v2.11.3 and before, discovering that even if the user's p, role:myrole, exec, create, */*, allow permissions are revoked, the user can still send any Websocket message, which allows the u ...
Continue Reading
July 24, 2024
The remote host is missing an update for...Read More ...
Continue Reading
July 24, 2024
Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading...Read More ...
Continue Reading
July 23, 2024
The version of httpd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36387 advisory. Serving WebSo ...
Continue Reading
July 21, 2024
We're gearing up with some seriously cool stuff for Black Hat! But first, a little sneak peek - not just one, but TWO of Wallarm's open-source tools will be featured in the Arsenal showcase ...
Continue Reading
July 19, 2024
The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-37890 advisory. ws is an ope ...
Continue Reading
July 15, 2024
Back to Main
