1241 matches found
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization through the WebSocket session handling in kernel/util/websocket.go. An attacker can connect to the /ws endpoint and receive real-time document metadata and activity events by using the special id=auth WebSocket...
CVE-2018-25188 Webiness Inventory 2.3 SQL Injection via WsModelGrid.php
Webiness Inventory 2.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the order parameter. Attackers can send POST requests to the WsModelGrid.php endpoint with crafted SQL payloads to extract...
AIX is vulnerable to denial of service and possible code execution due to Perl (WS-2025-0004)
IBM SECURITY ADVISORY First Issued: Thu Feb 5 15:13:54 CST 2026 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/perladvisory12.asc Security Bulletin: AIX is vulnerable to denial of service and possible code execution due to Perl...
This Week in Spring - January 13th, 2026
Hi, Spring fans, and welcome to another installment of This Week in Spring! It's the 13th of January, 2026, and it's been quite the week indeed! Let's dive right into it! Nobody, and I mean nobody , asked. So I put together a video on how to use Spring WS to build SOAP-based services in 2026. Hey...
CVE-2023-4963
The WS Facebook Like Box Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'ws-facebook-likebox' shortcode in versions up to, and including, 5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
Atlassian Confluence < 8.5.10 / 9.2.x < 9.2.5 / 9.3.x < 9.3.1 / 9.4.x < 9.5.1 / 10.0.x < 10.0.2 (CONFSERVER-101477)
The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101477 advisory. - ws is an open source WebSocket client and server for Node.js. A request with a number of headers exceeding theserver.maxHeadersCount threshold...
CVE-2025-68190
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/atom: Check kcalloc for WS buffer in amdgpuatomexecutetablelocked kcalloc may fail. When WS is non-zero and allocation fails, ectx.ws remains NULL while ectx.wssize is set, leading to a potential NULL pointer dereferen...
CVE-2025-68190
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/atom: Check kcalloc for WS buffer in amdgpuatomexecutetablelocked kcalloc may fail. When WS is non-zero and allocation fails, ectx.ws remains NULL while ectx.wssize is set, leading to a potential NULL pointer dereferen...
CVE-2025-68190 drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked()
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/atom: Check kcalloc for WS buffer in amdgpuatomexecutetablelocked kcalloc may fail. When WS is non-zero and allocation fails, ectx.ws remains NULL while ectx.wssize is set, leading to a potential NULL pointer dereferen...
ai.ylyue:yue-library-data-es (>=j8.2.2.0 <=j11.2.6.2), br.com.simpli:simpli-ws (>=1.2.1 <=2.2.0) +1034 more potentially affected by CVE-2025-37731 via org.elasticsearch:elasticsearch (>=7.0.0-alpha1 <=8.19.7)
org.elasticsearch:elasticsearch MAVEN version =7.0.0-alpha1, =j8.2.2.0, =1.2.1, =0.0.1-alpha, =5.3.0, =5.6.5, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =6.2.0, =6.8.0, =6.4.0, =5.3.0, =5.3.0, =5.3.0, =5.4.0 and more Source cves: CVE-2025-37731 Source advisory: OSV:GHSA-M9GH-789G-Q5PV...
MAL-2025-190719 Malicious code in @asyncapi/nodejs-ws-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06529fc17471f54f2c0fc317bca64f4b01fa049862dd2ce5863b33db8445b7ed The package @asyncapi/nodejs-ws-template was found to contain malicious code. Source: ghsa-malware...
CVE-2025-41028
A SQL Injection vulnerability has been found in Epsilon RH by Grupo Castilla. This vulnerability allows an attacker to retrieve, create, update and delete database via sending a POST request using the parameter ‘sEstadoUsr’ in ‘/epsilonnetws/WSAvisos.asmx’...
EUVD-2010-3186
Malware in sbrugna...
EUVD-2018-0709
Malware in sbrugna...
EUVD-2014-0496
Malware in sbrugna...
EUVD-2008-7098
Malware in sbrugna...
EUVD-2017-18035
Malware in sbrugna...
EUVD-2017-1890
Malware in sbrugna...
EUVD-2008-5324
Malware in sbrugna...
EUVD-2020-5822
Malware in sbrugna...