(RHSA-2023:4418) Important: mod_auth_openidc:2.3 security update
The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. ...
Continue Reading
August 02, 2023
Rudder Server SQL Injection / Remote Code Execution Exploit
This Metasploit module exploits a SQL injection vulnerability in RudderStack's rudder-server, an open source Customer Data Platform (CDP). The vulnerability exists in versions of rudder-server prior t ...
Continue Reading
August 01, 2023
Security Bulletin: IBM Event Streams is affected by multiple vulnerabilities in Node.js
## Summary Vulnerabilities in node.js before 18.16.1 affect the Node.js component that is used by IBM Event Streams (CVE-2023-30581, CVE-2023-30589, CVE-2023-30585, CVE-2023-30590, CVE-2023-30588). Th ...
Continue Reading
August 01, 2023
Rudder Server SQL Injection / Remote Code Execution
Post ContentRead More ...
Continue Reading
July 31, 2023
CVE-2023-34359
ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to the device which causes the httpd binary to crash within the "do_json_de ...
Continue Reading
July 31, 2023
CVE-2023-34358
ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to a device which contains a specific user agent, causing the httpd binary ...
Continue Reading
July 31, 2023
CVE-2023-34360
A stored cross-site scripting (XSS) issue was discovered within the Custom User Icons functionality of ASUS RT-AX88U running firmware versions 3.0.0.4.388.23110 and prior. After a remote attacker ...
Continue Reading
July 31, 2023
Moderate Photon OS Security Update – PHSA-2023-5.0-0059
Updates of ['wireshark', 'linux', 'pcre2', 'linux-secure', 'linux-rt'] packages of Photon OS have been released.Read More ...
Continue Reading
July 30, 2023
c security update
**CentOS Errata and Security Advisory** CESA-2023:3741 The c-ares C library defines asynchronous DNS (Domain Name System) requests and provides name resolving API. Security Fix(es): * c-ares: 0-byte U ...
Continue Reading
July 29, 2023
Closing vulnerabilities in Decidim, a Ruby-based citizen participation platform
This blog post describes two security vulnerabilities in Decidim, a digital platform for citizen participation. Both vulnerabilities were addressed by the Decidim team with corresponding update releas ...
Continue Reading
July 29, 2023
