If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that ...

Continue Reading

23 июня, 2022

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated u ...

Continue Reading

23 июня, 2022

Unauthenticated Remote Denial of Service Attack in the WebSocket interfaceRead More ...

Continue Reading

20 июня, 2022

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvOzTXaMbb9CXjEw9netji8LfGIK_L72Soe_LhhPvFxptiS9UQBigpE1Nu58_nQ1_YmTWOfSy2b4-6gCKnQbpEZELP2AyM4uVnwLYPT0UyvIZVqO-qYfzFOkv_j7YMAUKJCa88ao ...

Continue Reading

12 июня, 2022

FreeTAKServer-UI v1.9.8 was discovered to leak sensitive API and Websocket keys.Read More ...

Continue Reading

09 июня, 2022

The version of Aruba ClearPass Policy Manager installed on the remote host is prior or equal to 6.7, 6.8.9-HF2, 6.9.9, 6.10.4. It is, therefore, affected by multiple vulnerabilities as referenced in t ...

Continue Reading

31 мая, 2022

## Summary There are multiple vulnerabilities in Spring Framework used by SPSS Collaboration and Deployment Services. SPSS Collaboration and Deployment Services is affected but not classified as vulne ...

Continue Reading

30 мая, 2022

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4711 advisory. - nodejs-trim-off-newlines: ReDoS via str ...

Continue Reading

30 мая, 2022