CVE-2024-35296

Invalid Accept-Encoding header can cause Apache Traffic Server to fail cache lookup and force forwarding requests. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue...

Deserialization of untrusted data

GeoTools is an open source Java library that provides tools for geospatial data. The GeoTools library has a number of data sources that can perform unchecked JNDI lookups, which in turn can be used to perform class deserialization and result in arbitrary code execution. Similar to the Log4J case,...

CVE-2022-24754 Buffer overflow in pjsip

PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials credentials with datatype PJSIPCREDDATADIGEST...

Update CItrix license server

Question :Can we update Citrix License Server virtual appliance Version 11.10.Current CLSVA version: 11.10.0 build 12002 require 256 MB memory space.Desired latest CLSVA version: 11.13.1 build 15100 require 512MB memory space. Answer :Upgrading Citrix License Server Virtual applianceCLSVA cannot ...

Apache Rave 0.11 - 0.20 - User Information Disclosure Vulnerability

Exploit for multiple platform in category web applications CVE-2013-1814: Apache Rave exposes User over API Severity: Important Vendor: The Apache Software Foundation Versions Affected: Rave 0.11 to 0.20 Description: Rave returns the full user object, including the salted and hashed password, via...