tomcat6 is vulnerable to command injection. Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by improper error handling in WebSocket connection. By sending a special ...

Continue Reading

September 07, 2022

# iTop RCE via SSTI - CVE-2022-24780 exploit > iTop Read More ...

Continue Reading

September 02, 2022

# ?? Casdoor ????? OAuth 2.0 / OIDC ??????????SSO???????????????...Read More ...

Continue Reading

September 01, 2022

# CVE-2022-21449 repo showcasing generation of a base64 signatur...Read More ...

Continue Reading

September 01, 2022

# ?? Casdoor ????? OAuth 2.0 / OIDC ??????????SSO???????????????...Read More ...

Continue Reading

September 01, 2022

There is a NULL pointer dereference vulnerability in VTK, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to der ...

Continue Reading

August 31, 2022

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es): * php: uninitialized array in pg_query_params() leading to RCE (CVE-2022-31625) For more details ...

Continue Reading

August 31, 2022

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es): * php: uninitialized array in pg_query_params() leading to RCE (CVE-2022-31625) For more details ...

Continue Reading

August 31, 2022

## Summary IBM TRIRIGA Application Platform discloses CVE-2021-22696 ## Vulnerability Details ** CVEID: **[CVE-2021-22696]() ** DESCRIPTION: **Apache CXF is vulnerable to a denial of service, caused b ...

Continue Reading

August 30, 2022

## Summary IBM Rational Build Forge is affected by CVE-2021-42340. ## Vulnerability Details ** CVEID: **[CVE-2021-42340]() ** DESCRIPTION: **Apache Tomcat is vulnerable to a denial of service, caused ...

Continue Reading

August 30, 2022