Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to denial of service due to GraphQL Java (CVE-2022-37734)
## Summary There is a vulnerability in the GraphQL Java library used by IBM WebSphere Application Server Liberty with the mpGraphQL-1.0 or mpGraphQL-2.0 feature enabled. This has been addressed. ## Vu ...
Continue Reading
July 01, 2023
Uncaught Exception in engine.io
### Impact A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. > RangeError: Invalid WebSocket frame: RSV2 and RSV3 must be ...
Continue Reading
July 01, 2023
Security Bulletin: IBM UrbanCode Release is affected by CVE-2020-13935
## Summary IBM UrbanCode Release version 6.2.2.7 - 6.2.4 are affected by CVE-2020-13935 ## Vulnerability Details ** CVEID: **[CVE-2020-13935]() ** DESCRIPTION: **Apache Tomcat is vulnerable to a denia ...
Continue Reading
July 01, 2023
CPP-Ethereum JSON-RPC admin_nodeInfo improper authorization Vulnerability
### Summary An exploitable improper authorization vulnerability exists in admin_nodeInfo API of cpp-ethereumâs JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause ...
Continue Reading
July 01, 2023
CPP-Ethereum JSON-RPC miner_stop improper authorization Vulnerability
### Summary An exploitable improper authorization vulnerability exists in miner_stop API of cpp-ethereumâs JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an ...
Continue Reading
July 01, 2023
Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM InfoSphere Master Data Management Server 11.6
## Summary IBM WebSphere Application Server 9.0 traditional is vulnerable to a privilege escalation vulnerability when using token-based authentication in an admin request over the SOAP connector. X-F ...
Continue Reading
June 30, 2023
Ganeti – Multiple Vulnerabilities
Ganeti - Multiple VulnerabilitiesRead More ...
Continue Reading
June 30, 2023
[SECURITY] Fedora 24 Update: capnproto-0.5.3.1-1.fc24
Cap=EF=BF=BD=EF=BF=BD=EF=BF=BDn Proto is an insanely fast data interchange format and capability-based RPC system. Think JSON, except binary. Or think Protocol Buffers, except faster. In fact, in ben ...
Continue Reading
June 30, 2023
CPP-Ethereum JSON-RPC miner_setEtherbase improper authorization Vulnerability
### Summary An exploitable improper authorization vulnerability exists in miner_setEtherbase API of cpp-ethereumâs JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can c ...
Continue Reading
June 30, 2023
Apache Tomcat Request Obfuscation Vulnerability
Apache Tomcat is a lightweight Web application server from the Apache Foundation. The application implements support for Servlet and JavaServer Page (JSP).Apache Tomcat suffers from a request obfuscat ...
Continue Reading
June 30, 2023
