GLSA-202210-12 : Lighttpd: Denial of Service

The remote host is affected by the vulnerability described in GLSA-202210-12 (Lighttpd: Denial of Service) - In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an inv ...

Continue Reading
Lighttpd: Denial of Service

### Background Lighttpd is a lightweight high-performance web server. ### Description Lighttpd's mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket hands ...

Continue Reading

CVSS3 - HIGH

Jscythe – Abuse The Node.Js Inspector Mechanism In Order To Force Any Node.Js/Electron/V8 Based Process To Execute Arbitrary Javascript Code

[![](https://blogger.googleusercontent.com/img/a/AVvXsEgLC9Dxt9yBdiz2pq3Q2c74VF0pe_SsZ-WUdP5Si9Z6hkSqbUZV4E8-7312uXYH-WXijdbNanQGafOyRVPBAFrgm7vNOLJMAHmk6CRNx_hcnEkCNrhU-Z1WyrIBQ93rgNn6UUFoxpj5yIt3CQc ...

Continue Reading
Evilgophish – Evilginx2 + Gophish

[![](https://blogger.googleusercontent.com/img/a/AVvXsEg4W8DUvoZAz5gpA-NmxLHaP3iAIo_Yu8Z0By3oagKW8eix8CL46E8GUexK7gfFah68qJrOr8w5CaF_KhYcgtGborKR3MEybAV5dl02pllRXmJjjJThJ2gn3RaSgcfDiyBgnbDAZ8YXUI9E5z_ ...

Continue Reading
fastify/websocket vulnerable to uncaught exception via crash on malformed packet

### Impact Any application using @fastify/websocket could crash if a specific, malformed packet is sent. All versions of fastify-websocket are also impacted. That module is deprecated, so it will not ...

Continue Reading
fastify/websocket vulnerable to uncaught exception via crash on malformed packet

### Impact Any application using @fastify/websocket could crash if a specific, malformed packet is sent. All versions of fastify-websocket are also impacted. That module is deprecated, so it will not ...

Continue Reading

CVSS3 - HIGH

CVE-2022-39386

@fastify/websocket provides WebSocket support for Fastify. Any application using @fastify/websocket could crash if a specific, malformed packet is sent. All versions of fastify-websocket are also impa ...

Continue Reading

CVSS3 - HIGH

Denial Of Service (DoS)

@fastify/websocket and fastify-websocket are vulnerable to denial of service. The vulnerability is due to the `fastifyWebsocket` function in `index.js` which crashes the application on an uncaught exc ...

Continue Reading

CVSS3 - HIGH

Back to Main

Subscribe for the latest news:
Generated by Feedzy