WebSocket - API Security Blog

Rocky Linux 9 : thunderbird (RLSA-2023:0476)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0476 advisory. An out of date library (libusrsctp) contained vulnera ...

14 декабря, 2023

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Eclipse Jetty

Eclipse Jetty Canonical Repository =============================...Read More ...

14 декабря, 2023

Uptime Kuma Authenticated remote code execution via TailscalePing

Summary The runTailscalePing method of the TailscalePing class injects the hostname parameter inside a shell command, leading to a command injection and the possibility to run arbitrary commands on th ...

14 декабря, 2023

[SECURITY] Fedora 38 Update: rust-tokio-tungstenite-0.20.1-1.fc38

Tokio binding for Tungstenite, the Lightweight stream-based WebSocket implementation.Read More ...

14 декабря, 2023

CVE-2023-45820

Directus is a real-time API and App dashboard for managing SQL database content. In affected versions any Directus installation that has websockets enabled can be crashed if the websocket server recei ...

14 декабря, 2023

Exploit for CVE-2022-2048

Eclipse Jetty Canonical Repository =============================...Read More ...

14 декабря, 2023

(RHSA-2023:6818) Important: Satellite 6.14 security and bug fix update

Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized too ...

14 декабря, 2023

Uptime Kuma Authenticated remote code execution via TailscalePing

Summary The runTailscalePing method of the TailscalePing class injects the hostname parameter inside a shell command, leading to a command injection and the possibility to run arbitrary commands on th ...

14 декабря, 2023