On May 4, 2022, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 de ...
Continue ReadingJune 23, 2022
The Deviceconnect microservice through 1.3.0 in Northern.tech Mender Enterprise before 3.2.2. allows Cross-Origin Websocket Hijacking.Read More ...
Continue ReadingJune 23, 2022
FreeTAKServer-UI v1.9.8 was discovered to leak sensitive API and Websocket keys.Read More ...
Continue ReadingJune 23, 2022
FreeTAKServer-UI v1.9.8 was discovered to leak sensitive API and Websocket keys.Read More ...
Continue ReadingJune 23, 2022
If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that ...
Continue ReadingJune 23, 2022
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated u ...
Continue ReadingJune 23, 2022
Not only is RSAC back in person, but [API security]() is coming to the forefront. Wallarm, the G2 leader in Application Security, is thrilled to be back at RSAC where we will show off all of our new A ...
Continue ReadingJune 23, 2022
Thinfinity VNC v4.0.0.1 contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can trick a user into browse malicious site, to obtain an ...
Continue ReadingJune 23, 2022
Back to Main