If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that ...
Continue ReadingJune 23, 2022
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated u ...
Continue ReadingJune 23, 2022
Thinfinity VNC v4.0.0.1 contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can trick a user into browse malicious site, to obtain an ...
Continue ReadingJune 23, 2022
![](https://raw.githubusercontent.com/spring-projects/spring-graphql/main/spring-graphql-docs/src/docs/spring-graphql.svg) On behalf of the Spring for GraphQL team and every contributor, it is my plea ...
Continue ReadingJune 23, 2022
Unauthenticated Remote Denial of Service Attack in the WebSocket interfaceRead More ...
Continue ReadingJune 20, 2022
[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvOzTXaMbb9CXjEw9netji8LfGIK_L72Soe_LhhPvFxptiS9UQBigpE1Nu58_nQ1_YmTWOfSy2b4-6gCKnQbpEZELP2AyM4uVnwLYPT0UyvIZVqO-qYfzFOkv_j7YMAUKJCa88ao ...
Continue ReadingJune 12, 2022
FreeTAKServer-UI v1.9.8 was discovered to leak sensitive API and Websocket keys.Read More ...
Continue ReadingJune 09, 2022
The version of Aruba ClearPass Policy Manager installed on the remote host is prior or equal to 6.7, 6.8.9-HF2, 6.9.9, 6.10.4. It is, therefore, affected by multiple vulnerabilities as referenced in t ...
Continue ReadingMay 31, 2022
Back to Main