F5 NGINX Plus和F5 NGINX Open Source 缓冲区错误漏洞

F5 NGINX Plus and F5 NGINX Open Source are both products of the American company F5. F5 NGINX Plus is a software-based application delivery platform. F5 NGINX Open Source is a high-performance web server, reverse proxy server, load balancer, and API gateway. Both F5 NGINX Plus and F5 NGINX Open...

CVE-2024-8110

Yokogawa Dual-redundant Platform for Computer (PC2CKM) is affected for versions R1.01.00–R2.03.00. CVE-2024-8110 describes an UNCHECKED RETURN VALUE (CWE-252) DoS: receiving a high volume of UDP broadcast packets may cause a restart, potentially making both active and standby units fail simultane...

Session Fixation

uptime-kuma is vulnerable to Session Fixation. The vulnerability exists when a user changes their login password but a previously logged-in user retains access without being logged out. This behavior persists consistently, even after system restarts or browser restarts. This vulnerability allows...

Xen Bug Could cause Crashes, Expose Cloud Data

The Xen Project published a security advisory yesterday about a critical vulnerability in its virtual machine and hypervisor systems that could expose public cloud servers to attacks capable of crashing host machines and even stealing small amounts of random data. The fix was made available under...