Linux Distros Unpatched Vulnerability : CVE-2019-5739

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js 6.16.0 and earlier. Node.js 8.0.0 introduced a dedicated...

PT-2024-29567 · Craft Cms · Craft Cms

Name of the Vulnerable Software and Affected Versions: Craft CMS versions prior to 5.2.3 Description: Craft CMS 5 allows reuse of TOTP tokens multiple times within the validity period. An attacker is able to re-submit a valid TOTP token to establish an authenticated session. This requires that th...

CVE-2021-34737

A vulnerability in the DHCP version 4 DHCPv4 server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service DoS condition. This vulnerability exists because certain DHCPv4 messages are improperly...

Robert Mueller Speaks, Amazon’s New Echo Show, and More News

Catch up on the most important news from today in two minutes or less...

UBUNTU-CVE-2019-5739

Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js 6.16.0 and earlier. Node.js 8.0.0 introduced a dedicated server.keepAliveTimeout which defaults to 5 seconds. The behavior in Node.js 6.16.0 and earlier is a potential Denial of Service DoS attack...