Amazon Linux 2 : tomcat (ALASTOMCAT8.5-2023-013)

The version of tomcat installed on the remote host is prior to 8.5.87-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2TOMCAT8.5-2023-013 advisory. - When Apache T ...

Continue Reading
Rocky Linux 8 : firefox (RLSA-2023:0288)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0288 advisory. An out of date library (libusrsctp) contained vulnera ...

Continue Reading
CVE-2023-41896

Home assistant is an open source home automation. Whilst auditing the frontend code to identify hidden parameters, Cure53 detected `auth_callback=1`, which is leveraged by the WebSocket authentication ...

Continue Reading
[SECURITY] Fedora 39 Update: rust-tokio-tungstenite-0.20.1-1.fc39

Tokio binding for Tungstenite, the Lightweight stream-based WebSocket implementation.Read More ...

Continue Reading
Code injection

Directus is a real-time API and App dashboard for managing SQL database content. In affected versions any Directus installation that has websockets enabled can be crashed if the websocket server recei ...

Continue Reading
Rocky Linux 9 : thunderbird (RLSA-2023:0476)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0476 advisory. An out of date library (libusrsctp) contained vulnera ...

Continue Reading
Cross Site Scripting (XSS)

home-assistant/core and home-assistant-js-websocket are vulnerable to XSS attack.The vulnerability occurs due to a loophole in Websocket authentication logic. The logic utilises a `state` parameter wh ...

Continue Reading
CVE-2023-45820

Directus is a real-time API and App dashboard for managing SQL database content. In affected versions any Directus installation that has websockets enabled can be crashed if the websocket server recei ...

Continue Reading

Back to Main

Subscribe for the latest news: