Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

## Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities including those in Node.js, swagger, jQuery, Netty, Apache commons, validator.js, Chalk ansi-regex, Json-sch ...

Continue Reading
BIG-IP Advanced WAF and ASM WebSocket security exposure

BIG-IP Advanced WAF and ASM incorrectly handle certain WebSocket requests. This issue occurs when the following condition is met: * BIG-IP Advanced WAF or ASM handles a malicious WebSocket message. ...

Continue Reading
JekyllBot:5 Flaws Let Attackers Take Control of Aethon TUG Hospital Robots

[![](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjPILqKGY0VarXgycC38XiNZhAds6X8o4a6aZIypxuNJBbuABj-1FrSZopkW4WFvI6bREwF6gwOdlZ-yuSGrYoZ80YsnYB09qjJJg-N1myjDderbxzi5hQXUQQqn0PHRkaTvFBMU0- ...

Continue Reading
Aethon TUG Home Base Server

## 1. EXECUTIVE SUMMARY * **CVSS v3 9.8** * **ATTENTION: **Exploitable remotely/low attack complexity * **Vendor:** Aethon (owned by ST Engineering) * **Equipment: **TUG Home Base Server * * ...

Continue Reading
Metasploit Weekly Wrap-Up

## Capture Plugin ![Metasploit Weekly Wrap-Up](https://blog.rapid7.com/content/images/2022/03/metasploit-fence-2.png) Capturing credentials is a critical and early phase in the playbook of many offens ...

Continue Reading
CVE-2022-22971

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated u ...

Continue Reading
CVE-2022-25762

If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that ...

Continue Reading
Denial Of Service (DoS)

spring-messaging is vulnerable to denial of service. The vulnerability exists because the `handleMessageInternal` function of `SimpleBrokerMessageHandler.java` does not properly handle to ignore the i ...

Continue Reading

Back to Main

Subscribe for the latest news: