CVE-2023-48230

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be ca ...

Continue Reading
[SECURITY] Fedora 38 Update: python-aiohttp-3.8.6-1.fc38

Python HTTP client/server for asyncio which supports both the client and the server side of the HTTP protocol, client and server websocket, and webserve rs with middlewares and pluggable...Read More ...

Continue Reading
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Eclipse Jetty

Eclipse Jetty Canonical Repository =============================...Read More ...

Continue Reading
Code injection

Directus is a real-time API and App dashboard for managing SQL database content. In affected versions any Directus installation that has websockets enabled can be crashed if the websocket server recei ...

Continue Reading
Cross site scripting

Home assistant is an open source home automation. Whilst auditing the frontend code to identify hidden parameters, Cure53 detected `auth_callback=1`, which is leveraged by the WebSocket authentication ...

Continue Reading
[SECURITY] Fedora 39 Update: python-aiohttp-3.8.6-1.fc39

Python HTTP client/server for asyncio which supports both the client and the server side of the HTTP protocol, client and server websocket, and webserve rs with middlewares and pluggable...Read More ...

Continue Reading
CVE-2023-48230

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be ca ...

Continue Reading
Exploit for Insufficient Session Expiration in Eclipse Jetty

Eclipse Jetty Canonical Repository =============================...Read More ...

Continue Reading

Back to Main

Subscribe for the latest news: