Authorization bypass in Quarkus

A flaw was found in Quarkus. This issue occurs when receiving a request over websocket with no role-based permission specified on the GraphQL operation, Quarkus processes the request without authentic ...

Continue Reading

December 14, 2023

[SECURITY] Fedora 39 Update: rust-tokio-tungstenite-0.20.1-1.fc39

Tokio binding for Tungstenite, the Lightweight stream-based WebSocket implementation.Read More ...

Continue Reading

December 14, 2023

(RHSA-2023:6818) Important: Satellite 6.14 security and bug fix update

Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized too ...

Continue Reading

December 14, 2023

Exploit for Insufficient Session Expiration in Eclipse Jetty

Eclipse Jetty Canonical Repository =============================...Read More ...

Continue Reading

December 14, 2023

CVE-2023-41896

Home assistant is an open source home automation. Whilst auditing the frontend code to identify hidden parameters, Cure53 detected `auth_callback=1`, which is leveraged by the WebSocket authentication ...

Continue Reading

December 14, 2023

[SECURITY] Fedora 37 Update: rust-tokio-tungstenite-0.20.1-1.fc37

Tokio binding for Tungstenite, the Lightweight stream-based WebSocket implementation.Read More ...

Continue Reading

December 14, 2023

Researchers Unmask Sandman APT’s Hidden Link to China-Based KEYPLUG Backdoor

Tactical and targeting overlaps have been discovered between the enigmatic advanced persistent threat (APT) called Sandman and a China-based threat cluster that's known to use a backdoor referred ...

Continue Reading

December 14, 2023

[SECURITY] Fedora 39 Update: rust-tungstenite-0.20.1-1.fc39

Lightweight stream-based WebSocket implementation.Read More ...

Continue Reading

December 14, 2023

1 85 86 87 88 89 183

Back to Main
Subscribe for the latest news: