A flaw was found in Quarkus. This issue occurs when receiving a request over websocket with no role-based permission specified on the GraphQL operation, Quarkus processes the request without authentic ...
Continue Reading
December 14, 2023
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0288 advisory. An out of date library (libusrsctp) contained vulnera ...
Continue Reading
December 14, 2023
Home assistant is an open source home automation. Whilst auditing the frontend code to identify hidden parameters, Cure53 detected `auth_callback=1`, which is leveraged by the WebSocket authentication ...
Continue Reading
December 14, 2023
Python HTTP client/server for asyncio which supports both the client and the server side of the HTTP protocol, client and server websocket, and webserve rs with middlewares and pluggable...Read More ...
Continue Reading
December 14, 2023
Tactical and targeting overlaps have been discovered between the enigmatic advanced persistent threat (APT) called Sandman and a China-based threat cluster that's known to use a backdoor referred ...
Continue Reading
December 14, 2023
Eclipse Jetty Canonical Repository =============================...Read More ...
Continue Reading
December 14, 2023
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0476 advisory. An out of date library (libusrsctp) contained vulnera ...
Continue Reading
December 14, 2023
home-assistant/core and home-assistant-js-websocket are vulnerable to XSS attack.The vulnerability occurs due to a loophole in Websocket authentication logic. The logic utilises a `state` parameter wh ...
Continue Reading
December 14, 2023
Back to Main
