WebSocket - API Security Blog

Peeling off QR Code Phishing Onion

# Peeling off QR Code Phishing Onion: Revealing the Hidden Layers of Deceit By Neel H. Pathak and Pratik Sunil Kadam · October 10, 2023 ## Introduction: Malicious actors always seek innovative ways ...

14 декабря, 2023

[SECURITY] Fedora 38 Update: rust-tungstenite-0.20.1-1.fc38

Lightweight stream-based WebSocket implementation.Read More ...

14 декабря, 2023

Code injection

Directus is a real-time API and App dashboard for managing SQL database content. In affected versions any Directus installation that has websockets enabled can be crashed if the websocket server recei ...

14 декабря, 2023

Rocky Linux 9 : thunderbird (RLSA-2023:0476)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0476 advisory. An out of date library (libusrsctp) contained vulnera ...

14 декабря, 2023

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Eclipse Jetty

Eclipse Jetty Canonical Repository =============================...Read More ...

14 декабря, 2023

Uptime Kuma Authenticated remote code execution via TailscalePing

Summary The runTailscalePing method of the TailscalePing class injects the hostname parameter inside a shell command, leading to a command injection and the possibility to run arbitrary commands on th ...

14 декабря, 2023

[SECURITY] Fedora 38 Update: rust-tokio-tungstenite-0.20.1-1.fc38

Tokio binding for Tungstenite, the Lightweight stream-based WebSocket implementation.Read More ...

14 декабря, 2023

CVE-2023-45820

Directus is a real-time API and App dashboard for managing SQL database content. In affected versions any Directus installation that has websockets enabled can be crashed if the websocket server recei ...

14 декабря, 2023