The Deviceconnect microservice through 1.3.0 in Northern.tech Mender Enterprise before 3.2.2. allows Cross-Origin Websocket Hijacking.Read More ...
Continue Reading
June 23, 2022
FreeTAKServer-UI v1.9.8 was discovered to leak sensitive API and Websocket keys.Read More ...
Continue Reading
June 23, 2022
FreeTAKServer-UI v1.9.8 was discovered to leak sensitive API and Websocket keys.Read More ...
Continue Reading
June 23, 2022
If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that ...
Continue Reading
June 23, 2022
If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that ...
Continue Reading
June 23, 2022
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated u ...
Continue Reading
June 23, 2022
Soa-model is a toolkit and Java API for WSDL, WADL and XML Schema. An XML External Entity (XXE) vulnerability exists in versions of soa-model prior to 1.6.4 in the WSDLParser function. This issue has ...
Continue Reading
June 23, 2022
A directory traversal vulnerability exists in iControl SOAP that allows an authenticated attacker with at least guest role privileges to read wsdl files in the BIG-IP file system. ([CVE-2022-29474]()) ...
Continue Reading
June 23, 2022
Back to Main
