Mercurius is a GraphQL adapter for Fastify. Any users of Mercurius until version 10.5.0 are subjected to a denial of service attack by sending a malformed packet over WebSocket to `/graphql`. This iss ...

Continue Reading

January 09, 2023

Gotify server is a simple server for sending and receiving messages in real-time per WebSocket. Versions prior to 2.2.2 contain an XSS vulnerability that allows authenticated users to upload .html fil ...

Continue Reading

December 30, 2022

# CVE-2022-37797 In lighttpd 1.4.65, mod_wstunnel does not init...Read More ...

Continue Reading

December 23, 2022

zeppelin-web is vulnerable to cross-site scripting. The vulnerability exists because the `WebsocketEventFactory` function in `websocket-event.factory.js` does not properly escape the `message` attribu ...

Continue Reading

December 19, 2022

In 2020, Spotify coined the term ["Golden Path”]() to refer to a supported approach and set of components to build and deploy software. Having these paths simplifies the development process, lets ...

Continue Reading

December 07, 2022

[![Zerobot Botnet IoT Vulnerabilities](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEiiN7P-JbzDiqMiJ5aMyYzbPj10BSDjFXMvPw3ZyXZgZ4ddehVpZGTJqe3NCavOxqmM5LGXQtYlY04ZVd4WktIHIGML-uIrRBHvX2yr7 ...

Continue Reading

December 06, 2022

## Summary This Security Bulletin addresses multiple vulnerabilities that have been remediated in IBM Cognos Controller 10.4.2 FP2 and 10.4.1 IF15 . There are multiple vulnerabilities in IBM® Runti ...

Continue Reading

December 02, 2022

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8502 advisory. - follow-redirects: Exposure of Private P ...

Continue Reading

November 17, 2022