AVideo has Unauthenticated SSRF via `webSiteRootURL` Parameter in saveDVR.json.php, Chaining to Verification Bypass

Summary A Server-Side Request Forgery SSRF vulnerability exists in plugin/Live/standAloneFiles/saveDVR.json.php. When the AVideo Live plugin is deployed in standalone mode the intended configuration for this file, the $REQUEST'webSiteRootURL' parameter is used directly to construct a URL that is...

Pingora vulnerable to HTTP Request Smuggling via Premature Upgrade

Impact Pingora versions prior to 0.8.0 would immediately forward bytes following a request with an Upgrade header to the backend, without waiting for a 101 Switching Protocols response. This allows an attacker to smuggle requests to the backend and bypass proxy-level security controls. This...

aiptx-cyber-mcp

Cyber MCPs - Security Tools for AI !MCP Securityhttps://...

A Retrospective on DISPEED -- Leveraging Heterogeneity in a Drone Swarm for IDS Execution

Swarms of drones are gaining more and more autonomy and efficiency during their missions. However, security threats can disrupt their missions' progression. To overcome this problem, Network Intrusion Detection Systems NIDS are promising solutions to detect malicious behavior on network traffic...

CVE-2024-51954

There is an improper access control issue in ArcGIS Server versions 11.3 and below on Windows and Linux which, under unique circumstances, could allow a remote, low‑privileged authenticated attacker to access secure services published to a standalone unfederated ArcGIS Server instance. Successful...

Unable to complete the action because this backup agent is centrally managed by your system administrator.

Challenge Upon logging into Windows, a pop-up dialog box displays the error: Unable to complete the action because this backup agent is centrally managed by your system administrator. Cause This occurs when Veeam Agent for Microsoft Windows is initially installed on a Windows machine in Standalon...