5341 matches found
AutoGPT 访问控制错误漏洞
AutoGPT is a tool from AutoGPT Open Source. Used to make accessible AI available and buildable for everyone. An Access Control Error vulnerability exists in AutoGPT versions prior to 0.6.1 that stems from the WebSocket API not properly checking user subscription permissions, which could lead to...
Hitachi Energy's RTU500 series NULL Pointer Deference (CVE-2024-10037)
A vulnerability exists in the RTU500 web server com- ponent that can cause a denial of service to the RTU500 CMU application if a specially crafted mes- sage sequence is executed on a WebSocket connec- tion. An attacker must be properly authenticated and the test mode function of RTU500 must be...
Exposure of Resource to Wrong Sphere
Overview jupyter-remote-desktop-proxy is a Run a desktop environments on Jupyter Affected versions of this package are vulnerable to Exposure of Resource to Wrong Sphere in the setupwebsockify function, due to the improper configuration of the TigerVNC server, when it as opposed to TurboVNC is th...
CVE-2024-55210
An issue in TOTVS Framework Linha Protheus 12.1.2310 allows attackers to bypass multi-factor authentication MFA via a crafted websocket message...
ABB Cylon FLXeon 9.3.4 - WebSocket Command Spawning
ABB Cylon FLXeon 9.3.4 wsConnect.js WebSocket Command Spawning PoC Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: FLXeon Series FBXi Series, FBTi Series, FBVi Series CBX Series FLX Series CBT Series CBV Series Firmware: =9.3.4 Advisory ID: ZSL-2025-5913 Advisory URL:...
CVE-2024-55210
An issue in TOTVS Framework Linha Protheus 12.1.2310 allows attackers to bypass multi-factor authentication MFA via a crafted websocket message...
CVE-2024-55210
An issue in TOTVS Framework Linha Protheus 12.1.2310 allows attackers to bypass multi-factor authentication MFA via a crafted websocket message...
PT-2025-15840 · Totvs · Totvs Framework
Name of the Vulnerable Software and Affected Versions: TOTVS Framework Linha Protheus version 12.1.2310 Description: An issue in the software allows attackers to bypass multi-factor authentication MFA via a crafted websocket message. Recommendations: For version 12.1.2310, consider disabling...
CVE-2024-55210
An issue in TOTVS Framework Linha Protheus 12.1.2310 allows attackers to bypass multi-factor authentication MFA via a crafted websocket message...
CVE-2024-55210
An issue in TOTVS Framework Linha Protheus 12.1.2310 allows attackers to bypass multi-factor authentication MFA via a crafted websocket message...
TOTVS 安全漏洞
TOTVS is a complete human resource management solution from the Brazilian company TOTVS. A security vulnerability exists in TOTVS version 12.1.2310, which stems from vulnerability to a specially crafted websocket message bypassing multi-factor authentication attack...
CVE-2024-55210
CVE-2024-55210 affects TOTVS Framework (Linha Protheus) version 12.1.2310. A crafted websocket message can bypass multi-factor authentication, exposing potential unauthorized access to sensitive areas. Documents from PT Security explicitly tie the issue to version 12.1.2310 and recommend temporar...
(Pwn2Own) Synology BeeStation BST150-4T Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology BeeStation BST150-4T devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of websocket requests. When parsing the...
SUSE CVE-2025-32049
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...
CVE-2025-32049
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...
DEBIAN-CVE-2025-32049
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...
AZL-59539 CVE-2025-32049 affecting package libsoup for versions less than 3.0.4-12
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...
AZL-59557 CVE-2025-32049 affecting package libsoup for versions less than 3.4.4-12
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...
CVE-2025-32049
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...
UBUNTU-CVE-2025-32049
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service DoS...