CVE-2023-48230

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be ca ...

Continue Reading

December 14, 2023

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Eclipse Jetty

Eclipse Jetty Canonical Repository =============================...Read More ...

Continue Reading

December 14, 2023

Authorization bypass in Quarkus

A flaw was found in Quarkus. This issue occurs when receiving a request over websocket with no role-based permission specified on the GraphQL operation, Quarkus processes the request without authentic ...

Continue Reading

December 14, 2023

Exploit for Insufficient Session Expiration in Eclipse Jetty

Eclipse Jetty Canonical Repository =============================...Read More ...

Continue Reading

December 14, 2023

CVE-2023-48230

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be ca ...

Continue Reading

December 14, 2023

Exploit for CVE-2022-2048

Eclipse Jetty Canonical Repository =============================...Read More ...

Continue Reading

December 14, 2023

Researchers Unmask Sandman APT’s Hidden Link to China-Based KEYPLUG Backdoor

Tactical and targeting overlaps have been discovered between the enigmatic advanced persistent threat (APT) called Sandman and a China-based threat cluster that's known to use a backdoor referred ...

Continue Reading

December 14, 2023

Uptime Kuma Authenticated remote code execution via TailscalePing

Summary The runTailscalePing method of the TailscalePing class injects the hostname parameter inside a shell command, leading to a command injection and the possibility to run arbitrary commands on th ...

Continue Reading

December 14, 2023

1 97 98 99 100 101 183

Back to Main
Subscribe for the latest news: