CVE-2024-37890 - How a Simple Header Overflow Can Crash Your Node.js ws Server
If you're running a Node.js WebSocket server using the popular ws library, you might be sitting on a time bomb. The newly
CVE-2024-1657 - Insecure WebSocket in Ansible Automation Platform Lets Attackers Steal Rulebook Data
Summary:
In early 2024, a critical vulnerability (CVE-2024-1657) was identified in the Ansible Automation Platform. This issue was caused by the use of an insecure
CVE-2024-23898 - Breaking Jenkins Security – A Deep Dive into Critical CSWSH Vulnerability (with Exploit Details)
Jenkins is one of the most popular automation servers out there. Hundreds of thousands of companies rely on it to build, test, and ship their
CVE-2023-2848 - How a Missing Header Let Attackers Hijack WebSockets in Movim (Pre-.22)
In the world of open-source social networking, security can sometimes be overlooked. That happened in Movim, a decentralized social platform built on XMPP. Before version
CVE-2023-29505 - WebSocket Hijacking in Zoho ManageEngine Network Configuration Manager 12.6.165
In April 2023, a serious security vulnerability—CVE-2023-29505—was discovered in Zoho ManageEngine Network Configuration Manager (NCM) version 12.6.165. This flaw allows cross-site
Episode
00:00:00
00:00:00