167 matches found
Metadata-Private Messaging without Coordination
For those seeking end-to-end private communication free from pervasive metadata tracking and censorship, the Tor network has been the de-facto choice in practice, despite its susceptibility to traffic analysis attacks. Recently, numerous metadata-private messaging proposals have emerged with the...
The vulnerability of the NATS messaging system’s server lies in the lack of access control elements for the JetStream API. This allows attackers to delete data.
The vulnerability of the NATS messaging system server is related to the lack of access control elements for the JetStream API. Exploiting this vulnerability could allow a malicious actor to delete data by sending specially crafted requests...
CVE-2022-41271
An unauthenticated user can attach to an open interface exposed through JNDI by the Messaging System of SAP NetWeaver Process Integration PI - version 7.50. This user can make use of an open naming and directory API to access services that could perform unauthorized operations. The vulnerability...
CVE-2024-20118
In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09062392; Issue ID: MSV-1621...
Moderate: Red Hat Security Advisory: dbus security update
An update for dbus is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Moderate: dbus security update
D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fixes: dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered...
Moderate: Red Hat Security Advisory: dbus security update
An update for dbus is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
ALSA-2023:4498 Moderate: dbus security update
D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fixes: dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered...
[SECURITY] Fedora 37 Update: dbus-1.14.8-1.fc37
D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility...
Spring Cloud Function for Azure Function
What is the Spring Cloud Function? Spring Cloud Function is a SpringBoot-based framework allowing users to concentrate on their business logic by implementing them as Java Functions i.e., Supplier, Function, Consumer. In turn the framework provides necessary abstraction to enable execution of the...
Moderate: dbus security update
D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fixes: dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets...
CVE-2022-41271
An unauthenticated user can attach to an open interface exposed through JNDI by the Messaging System of SAP NetWeaver Process Integration PI - version 7.50. This user can make use of an open naming and directory API to access services that could perform unauthorized operations. The vulnerability...
[SECURITY] Fedora 35 Update: dbus-1.12.24-1.fc35
D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility...
Vulnerability of the actionLinkHandler method in the server-based corporate messaging system that supports file sharing and video conferences. Chat, which allows attackers to expose sensitive information.
The vulnerability of the actionLinkHandler method in the server-based corporate messaging system that supports file and video conferencing exchanges. Chat-related vulnerabilities involve insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to disclose...
The vulnerability of the centralized system for managing emergency messages and events in CAMS, compared to distributed systems like CENTUM, allows a intruder to cause system failures, including the suppression of emergency signals.
The vulnerability of the centralized system for managing emergency messages and events in CAMS distributed systems like CENTUM is related to the use of pre-set account data. Exploiting this vulnerability could allow a malicious actor to cause server failures, including the suppression of emergenc...
TIBCO FTL Trust Management Issue Vulnerability
Tibco Ftl is an application-to-application messaging system from Tibco USA, Inc. Designed for low latency and high performance, TIBCO FTL suffers from a trust management issue vulnerability that stems from hard-coded secrets used in the default domain server, which can be exploited by attackers t...
Tibco Eftl Information Disclosure Vulnerability
Tibco Eftl is an add-on to Tibco Ftl and Tibco Enterprise Message Service™ from Tibco USA, Inc. Extending Tibco Ftl® messaging to platforms such as Web browsers and mobile devices, an information disclosure vulnerability exists in TIBCO eFTL, which stems from a client inheriting privileges from a...
Tibco Software TIBCO Software FTL 信任管理问题漏洞
Tibco Software TIBCO Software FTL is an application-to-application messaging system from Tibco Software USA. Tibco Software TIBCO Software FTL is vulnerable to a trust management issue that could allow a remote attacker to compromise the target system...
Why hackers don’t fly coach
Physical security is relied on too heavily for cabin-based systems on the Airline Information Services Domain AISD. Whilst the Aircraft Control Domain ACD is separated, there are still plenty of interesting information, data and systems that are accessible from the cabin, for those who are prepar...
The vulnerability of the NATS messaging system server, related to uncontrolled resource consumption, allows attackers to cause service failures.
The vulnerability of the NATS messaging system server is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...