### Impact A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. > RangeError: Invalid WebSocket frame: RSV2 and RSV3 must be ...
Continue Reading
July 01, 2023
Between September 26, 2021 and October 8, 2021, [Radically Open Security](https://www.radicallyopensecurity.com/) conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund's [ ...
Continue Reading
July 01, 2023
## Summary IBM UrbanCode Release version 6.2.2.7 - 6.2.4 are affected by CVE-2020-13935 ## Vulnerability Details ** CVEID: **[CVE-2020-13935]() ** DESCRIPTION: **Apache Tomcat is vulnerable to a denia ...
Continue Reading
July 01, 2023
This module uses a blind SQL injection (CVE-2020-5724) affecting the Grandstream UCM62xx IP PBX to dump the users table. The injection occurs over a websocket at the websockify endpoint, and specifica ...
Continue Reading
July 01, 2023
The Java WebSocket client nv-websocket-client does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which a ...
Continue Reading
July 01, 2023
Palo Alto Networks Firewalls - Root Remote Code ExecutionRead More ...
Continue Reading
July 01, 2023
### Summary An exploitable improper authorization vulnerability exists in admin_nodeInfo API of cpp-ethereumâs JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause ...
Continue Reading
July 01, 2023
### Summary An exploitable improper authorization vulnerability exists in miner_stop API of cpp-ethereumâs JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an ...
Continue Reading
July 01, 2023
Back to Main
