The remote NewStart CGSL host, running version MAIN 6.02, has webkit2gtk3 packages installed that are affected by multiple vulnerabilities: - A code execution vulnerability exists in the WebSocket f ...

Continue Reading

May 30, 2022

## Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities including those in Node.js, swagger, jQuery, Netty, Apache commons, validator.js, Chalk ansi-regex, Json-sch ...

Continue Reading

May 30, 2022

BIG-IP Advanced WAF and ASM incorrectly handle certain WebSocket requests. This issue occurs when the following condition is met: * BIG-IP Advanced WAF or ASM handles a malicious WebSocket message. ...

Continue Reading

May 30, 2022

[![](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjPILqKGY0VarXgycC38XiNZhAds6X8o4a6aZIypxuNJBbuABj-1FrSZopkW4WFvI6bREwF6gwOdlZ-yuSGrYoZ80YsnYB09qjJJg-N1myjDderbxzi5hQXUQQqn0PHRkaTvFBMU0- ...

Continue Reading

May 30, 2022

## 1. EXECUTIVE SUMMARY * **CVSS v3 9.8** * **ATTENTION: **Exploitable remotely/low attack complexity * **Vendor:** Aethon (owned by ST Engineering) * **Equipment: **TUG Home Base Server * * ...

Continue Reading

May 30, 2022

## Capture Plugin  Capturing credentials is a critical and early phase in the playbook of many offens ...

Continue Reading

May 30, 2022

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated u ...

Continue Reading

May 30, 2022

If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that ...

Continue Reading

May 30, 2022