Multiple vulnerabilities were discovered in Node.js, a JavaScript runtime environment, which could result in memory corruption, invalid certificate validation, prototype pollution or command injection ...
Continue Reading
October 05, 2022
# Bitbucket Server CVE-2022-36804 ## ???? ``` Atlassian ?...Read More ...
Continue Reading
October 05, 2022
(JOSE is "JSON Web Almost Everything" - JWA, JWS, JWE, JWT, JWK, JWKS w ...)Read More ...
Continue Reading
October 05, 2022
OAuthLib is a generic utility which implements the logic of OAuth without assuming a specific HTTP request object or web framework. Use it to graft OAuth client support onto your favorite HTTP library ...
Continue Reading
October 04, 2022
## Summary The libexpart parser that is used by IBM Tivoli Monitoring for parsing various configuration xml files and parsing soap requests is potentially vulnerable to remote code execution [CVE-2022 ...
Continue Reading
October 04, 2022
### Overview Microsoft Exchange 2019 Cumulative Update 23 and earlier versions are vulnerable to a server-side request forgery (SSRF) attack and remote code execution. An authenticated attacker can us ...
Continue Reading
October 03, 2022
An invalid HTTP request (websocket handshake) may cause a `NULL` pointer dereference in the wstunnel module. For Debian 10 buster, this problem has been fixed in version 1.4.53-4+deb10u3. We recommend ...
Continue Reading
October 03, 2022
------------------------------------------------------------------------- Debian LTS Advisory DLA-3133-1 [email protected] https://www.debian.org/lts/security/ ...
Continue Reading
October 03, 2022
Back to Main
