MiracleLinux 7 : tomcat-7.0.76-3.el7 (AXSA:2017-2389:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2389:05 advisory. A vulnerability was discovered in Tomcat's handling of pipelined requests when Sendfile was used. If sendfile processing completed quickly, it was...

EUVD-2019-7978

Malware in sbrugna...

CVE-2019-17673

WordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON GET requests because certain requests lack a Vary: Origin header...

UBUNTU-CVE-2019-17673

WordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON GET requests because certain requests lack a Vary: Origin header...

WordPress 4.9.x < 4.9.12 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability in Customizer. - An unspecified issue which could lead to disclosure of unauthenticated posts. - A cross-site scripting XSS...

tomcat: Vary header not added by CORS filter leading to cache poisoning

A vulnerability was discovered in Tomcat where the CORS Filter did not send a "Vary: Origin" HTTP header. This potentially allowed sensitive data to be leaked to other visitors through both client-side and server-side caches...

tomcat: Vary header not added by CORS filter leading to cache poisoning

A vulnerability was discovered in Tomcat where the CORS Filter did not send a "Vary: Origin" HTTP header. This potentially allowed sensitive data to be leaked to other visitors through both client-side and server-side caches...