5 matches found
Exploit for Missing Authorization in N8N
GHSA-f77h-j2v7-g6mw — n8n Unauthenticated Chat Execution Hijac...
n8n Vulnerable to Hijacking of Unauthenticated Chat Execution
Impact The /chat WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized to interact with the target execution. An unauthenticated remote attacker who could identify a valid execution ID for a workflow in a waiting state cou...
AZL-9119 CVE-2022-0396 affecting package bind for versions less than 9.16.29-1
BIND 9.16.11 - 9.16.26, 9.17.0 - 9.18.0 and versions 9.16.11-S1 - 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSEWAIT status for an indefinite period of time, even after the client has terminated the connection...
Cloudflare OctoRPKI 资源管理错误漏洞
Cloudflare OctoRPKI is an RPKI toolkit for the Cloudflare platform from cloudflare USA. Cloudflare OctoRPKI has a security vulnerability that allows an attacker to send a slow DOS attack, which keeps OctoRPKI in a waiting state...
Cisco VDS-IS Resource Management Error Vulnerability
Cisco VDS-IS Videoscape Distribution Suite for Internet Streaming Cisco's set of content distribution system solutions for Internet streaming media. A security vulnerability exists in Cisco VDS-IS because the program fails to properly manage TCP sessions in the TCP FIN waiting state. A remote...