Misskey is an open source, decentralized social media platform. Third-party applications may be able to access some endpoints or Websocket APIs that are incorrectly specified as kind or secure without ...
Continue Reading
December 29, 2023
Impact Sending specially crafted HTTP requests to Miniflare's server could result in arbitrary HTTP and WebSocket requests being sent from the server. If Miniflare was configured to listen on ext ...
Continue Reading
December 29, 2023
Sending specially crafted HTTP requests to Miniflare's server could result in arbitrary HTTP and WebSocket requests being sent from the server. If Miniflare was configured to listen on external n ...
Continue Reading
December 29, 2023
bsock is vulnerable to a Weak Hashing Algorithm. The vulnerable is due to the libraries usage of weak hashing algorithm (MD5, SHA1) within vendorfaye-websocket.js. This could allow an attacker to brea ...
Continue Reading
December 28, 2023
An open redirect through HTML injection in user messages in Asp.Net Zero before 12.3.0 allows remote attackers to redirect targeted victims to any URL via the...Read More ...
Continue Reading
December 26, 2023
Threat hunters have discovered a rogue WordPress plugin that's capable of creating bogus administrator users and injecting malicious JavaScript code to steal credit card information. The skimming ...
Continue Reading
December 22, 2023
pulsar-websocket is vulnerable to Improper authentication. The vulnerability arises due to a lack of authentication a user makes request to the /pingpong endpoint. The attacker can potentially trigger ...
Continue Reading
December 22, 2023
Improper Authentication vulnerability in Apache Pulsar WebSocket Proxy allows an attacker to connect to the /pingpong endpoint without authentication. This issue affects Apache Pulsar WebSocket Proxy: ...
Continue Reading
December 21, 2023
Back to Main
