MeshCentral cross-site websocket hijacking (CSWSH) vulnerability

We have identified a cross-site websocket hijacking (CSWSH) vulnerability within the control.ashx endpoint of MeshCentral. This component is the primary mechanism used within MeshCentral to perform ad ...

Continue Reading
CVE-2024-26135

MeshCentral is a full computer management web site. Versions prior to 1.1.21 a cross-site websocket hijacking (CSWSH) vulnerability within the control.ashx endpoint. This component is the primary mech ...

Continue Reading
Amazon Linux 2 : jetty (ALAS-2024-2460)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2460 advisory. Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 1 ...

Continue Reading
Medium: jetty

Issue Overview: Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the + character proceeding the content-length value in a HTTP ...

Continue Reading
CVE-2023-51437

Observable timing discrepancy vulnerability in Apache Pulsar SASL Authentication Provider can allow an attacker to forge a SASL Role Token that will pass signature verification. Users are recommended ...

Continue Reading
Siemens RUGGEDCOM APE1808

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities ...

Continue Reading
(RHSA-2024:0775) Important: jenkins and jenkins-2-plugins security update

Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Security Fix(es): apache-commons-text: variable interpo ...

Continue Reading
(RHSA-2024:0776) Important: jenkins and jenkins-2-plugins security update

Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Security Fix(es): apache-commons-text: variable interpo ...

Continue Reading

Back to Main

Subscribe for the latest news: