[]() A new malware called **Condi** has been observed exploiting a s ...
Continue Reading
June 21, 2023
The CMS Commander plugin for WordPress is vulnerable to authorization bypass due to the use of an insufficiently unique cryptographic signature on the 'cmsc_add_site' function in versions up to, and i ...
Continue Reading
June 20, 2023
The c-ares C library defines asynchronous DNS (Domain Name System) requests and provides name resolving API. Security Fix(es): * c-ares: 0-byte UDP payload Denial of Service (CVE-2023-32067) For more ...
Continue Reading
June 20, 2023
The WP Sticky Social plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing nonce validation in the ~/admin/views/admin.php f ...
Continue Reading
June 20, 2023
### Impact Affected gRPC Swift servers are vulnerable to uncontrolled recursion and stack consumption when parsing certain payloads. This may lead to a denial of service. ### Patches The problem has b ...
Continue Reading
June 19, 2023
### Impact Affected gRPC Swift clients and servers are vulnerable to uncontrolled resource consumption attacks. Excessive memory may be allocated when parsing messages. This can lead to a denial of se ...
Continue Reading
June 19, 2023
### Impact Affected gRPC Swift servers are vulnerable to precondition failures when parsing certain gRPC Web requests. This may lead to a denial of service. ### Patches The problem has been fixed in 1 ...
Continue Reading
June 19, 2023
A grpc-swift server is vulnerable to a denial of service attack via a reachable assertion. This was due to incorrect logic when handling `GOAWAY` frames. The attack is low-effort: it takes very little ...
Continue Reading
June 19, 2023
Back to Main
