CVE-2023-45146 Remote code execution in XXL-RPC

XXL-RPC is a high performance, distributed RPC framework. With it, a TCP server can be set up using the Netty framework and the Hessian serialization mechanism. When such a configuration is used, attackers may be able to connect to the server and provide malicious serialized objects that, once...

CVE-2023-45146

CVE-2023-45146 affects XXL-RPC’s Netty-based TCP server using Hessian serialization. The root cause is insecure deserialization of untrusted objects, allowing an attacker to remotely supply malicious serialized data that, when deserialized, leads to arbitrary code execution and full machine takeo...

Distributed Denial Of Service (DDoS)

silverstripe/graphql is vulnerable to Distributed Denial Of Service attacks. The vulnerability is due to publicly exposed graphql schemas because it does not properly validate recursive queries, allowing an attacker to send recursive queries into the system...

SUSE CVE-2023-45148

Nextcloud is an open source home cloud server. When Memcached is used as memcache.distributed the rate limiting in Nextcloud Server could be reset unexpectedly resetting the rate count earlier than intended. Users are advised to upgrade to versions 25.0.11, 26.0.6 or 27.1.0. Users unable to upgra...

XXL-RPC Code Issue Vulnerability

XXL-RPC is a high-performance distributed RPC framework. A security vulnerability exists in XXL-RPC. An attacker can exploit this vulnerability to remotely execute code...

CVE-2023-40180 Denial of service vulnerability in silverstripe-graphql via recursive queries

silverstripe-graphql is a package which serves Silverstripe data in GraphQL representations. An attacker could use a recursive graphql query to execute a Distributed Denial of Service attack DDOS attack against a website. This mostly affects websites with publicly exposed graphql schemas. If your...

CVE-2023-40180 Denial of service vulnerability in silverstripe-graphql via recursive queries

silverstripe-graphql is a package which serves Silverstripe data in GraphQL representations. An attacker could use a recursive graphql query to execute a Distributed Denial of Service attack DDOS attack against a website. This mostly affects websites with publicly exposed graphql schemas. If your...

Apache Kafka’s Exactly-Once Semantics in Spring Cloud Stream Kafka Applications

Other parts in this blog series Part 1: Introduction to Transactions in Spring Cloud Stream Kafka Applications Part 2: Producer Initiated Transactions in Spring Cloud Stream Kafka Applications Part 3: Synchronizing with External Transaction Managers in Spring Cloud Stream Kafka Applications Part ...

PT-2023-6442 · Nextcloud +2 · Nextcloud +2

Name of the Vulnerable Software and Affected Versions: Nextcloud versions prior to 25.0.11 Nextcloud versions prior to 26.0.6 Nextcloud versions prior to 27.1.0 Description: The issue is related to the use of Memcached as memcache.distributed in Nextcloud, which can cause the rate limiting on the...

The vulnerability of the distributed Git version control system for Windows lies in the lack of protection for service data, allowing a perpetrator to access confidential information.

The vulnerability of the distributed Git version control system for Windows is related to the lack of protection for service data. Exploiting this vulnerability could allow an attacker to access confidential information...

Juniper Networks Junos OS and Junos OS QFX Security Vulnerabilities

Juniper Networks Junos OS and Juniper Networks Junos OS QFX are products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system that is specialized for use with the company's hardware devices. The operating system provides a secure programming interface and the Junos...

CVE-2023-44108

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...

CVE-2023-44108

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...

Type confusion

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...

CVE-2023-44108

CVE-2023-44108 is a type confusion vulnerability in Huawei HarmonyOS’s distributed file module. The issue enables exploitation that may cause a device restart/reboot. Affected components and specifics are not enumerated in the provided documents; multiple sources (NVD, CNVD, PRION, CVELIST, VulnE...

CVE-2023-44108

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...

CVE-2023-44094

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...

CVE-2023-44094

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...

Type confusion

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...

CVE-2023-44094

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart...