@fastify/websocket and fastify-websocket are vulnerable to denial of service. The vulnerability is due to the `fastifyWebsocket` function in `index.js` which crashes the application on an uncaught exc ...
Continue Reading
November 15, 2022
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A directory traversal vulner ...
Continue Reading
November 15, 2022
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. #### Bugs * #### Notes Author| No ...
Continue Reading
November 15, 2022
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php (7.4.30), php-pear (1.10.13). (BZ#20554 ...
Continue Reading
November 15, 2022
It was discovered that PHP incorrectly handled certain gzip files. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-31628) It was discovered that PHP incorrectly handl ...
Continue Reading
November 15, 2022
- ------------------------------------------------------------------------- Debian Security Advisory DSA-5277-1 [email protected] https://www.debian.org/security/ ...
Continue Reading
November 15, 2022
Juiker app hard-coded its AES key in the source code. A physical attacker, after getting the Android root privilege, can use the AES key to decrypt usersÂ’ ciphertext and tamper with it.Read More ...
Continue Reading
October 24, 2022
A use-after-free flaw was found in the Linux kernelÂ’s dvb-core subsystem (DVB API used by Digital TV devices) in how a user physically removed a USB device (such as a DVB demultiplexer device) while ...
Continue Reading
October 24, 2022
Back to Main
