Connect with us
HAProxy, the popular open source load balancer and reverse proxy, has patched a bug that could enable attackers to stage HTTP request smuggling attacks. By sending a maliciously crafted HTTP...
The maintainers of a new version of popular hacking tool XSS Hunter have been criticized for inspecting potentially sensitive data generated by users after they shared...
A developer has released a new tool for Go applications that is designed to combat web-based attacks. Developer and security engineer Dwi Siswanto revealed the open source teler-waf...
An open source Go implementation of the SAML protocol has patched a critical vulnerability that could allow attackers to bypass authentication in applications that used the library. SAML...
Shutting the proverbial back door to your networks “cuts the risks [of attacks] down tremendously”, said application security engineer Sean Wright at Friday’s All Day DevOps....
Developers of the OpenSSL cryptography library have taken the unusual step of pre-warning that an update due to land next Tuesday (November 1) will fix a critical vulnerability....
VMWare has patched a critical vulnerability in the management service for NSX, its network virtualization and security platform. The vulnerability, caused by an old deserialization bug...
A flaw in GitHub’s namespace retirement feature could have allowed attackers to potentially access another user’s repository. Coined ‘repojacking’ by researchers from Checkmarx, the technique could...
Melis Platform, the open source e-commerce and content management system (CMS), was vulnerable to remote code execution (RCE) via a critical deserialization vulnerability. Tracked as CVE-2022-39297 and with a CVSS score of...
Security researchers have discovered a serious vulnerability in HyperSQL DataBase (HSQLDB) that poses a remote code execution (RCE) risk. HSQLDB offers a Java-based SQL relational database...
Recent Comments