CVE-2023-29505 - WebSocket Hijacking in Zoho ManageEngine Network Configuration Manager 12.6.165
In April 2023, a serious security vulnerability—CVE-2023-29505—was discovered in Zoho ManageEngine Network Configuration Manager (NCM) version 12.6.165. This flaw
CVE-2023-38503 - Unauthorized Data Leak via GraphQL Subscriptions in Directus (Exploit & Details)
Directus is a popular, open-source headless CMS that acts as both an app dashboard and real-time API for SQL databases. In 2023, a
CVE-2022-46898 - Vocera Report Server Path Traversal & SQL Injection via Unsanitized Filename
In 2022, a significant vulnerability (CVE-2022-46898) was discovered in Vocera Report Server and Voice Server versions 5.x through 5.8. This flaw
CVE-2022-46901 - Unauthenticated Websocket Exploit in Vocera Voice & Report Server 5.x
Vocera, widely used across healthcare and enterprise environments for hands-free communication, suffered a serious vulnerability in its 5.x software line. In late 2022,
CVE-2023-2850: NodeBB Cross-Site WebSocket Hijacking Vulnerability Puts User Information at Risk
A recently discovered vulnerability, CVE-2023-2850, affects NodeBB, which is a popular open-source forum software for web applications. This vulnerability exploits a security
Episode
00:00:00
00:00:00